Loading...
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Copyright (C) 2014, 2015 Intel Corporation
4 *
5 * Authors:
6 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
7 *
8 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
9 *
10 * This file contains TPM2 protocol implementations of the commands
11 * used by the kernel internally.
12 */
13
14#include "tpm.h"
15#include <crypto/hash_info.h>
16
17static struct tpm2_hash tpm2_hash_map[] = {
18 {HASH_ALGO_SHA1, TPM_ALG_SHA1},
19 {HASH_ALGO_SHA256, TPM_ALG_SHA256},
20 {HASH_ALGO_SHA384, TPM_ALG_SHA384},
21 {HASH_ALGO_SHA512, TPM_ALG_SHA512},
22 {HASH_ALGO_SM3_256, TPM_ALG_SM3_256},
23};
24
25int tpm2_get_timeouts(struct tpm_chip *chip)
26{
27 /* Fixed timeouts for TPM2 */
28 chip->timeout_a = msecs_to_jiffies(TPM2_TIMEOUT_A);
29 chip->timeout_b = msecs_to_jiffies(TPM2_TIMEOUT_B);
30 chip->timeout_c = msecs_to_jiffies(TPM2_TIMEOUT_C);
31 chip->timeout_d = msecs_to_jiffies(TPM2_TIMEOUT_D);
32
33 /* PTP spec timeouts */
34 chip->duration[TPM_SHORT] = msecs_to_jiffies(TPM2_DURATION_SHORT);
35 chip->duration[TPM_MEDIUM] = msecs_to_jiffies(TPM2_DURATION_MEDIUM);
36 chip->duration[TPM_LONG] = msecs_to_jiffies(TPM2_DURATION_LONG);
37
38 /* Key creation commands long timeouts */
39 chip->duration[TPM_LONG_LONG] =
40 msecs_to_jiffies(TPM2_DURATION_LONG_LONG);
41
42 chip->flags |= TPM_CHIP_FLAG_HAVE_TIMEOUTS;
43
44 return 0;
45}
46
47/**
48 * tpm2_ordinal_duration_index() - returns an index to the chip duration table
49 * @ordinal: TPM command ordinal.
50 *
51 * The function returns an index to the chip duration table
52 * (enum tpm_duration), that describes the maximum amount of
53 * time the chip could take to return the result for a particular ordinal.
54 *
55 * The values of the MEDIUM, and LONG durations are taken
56 * from the PC Client Profile (PTP) specification (750, 2000 msec)
57 *
58 * LONG_LONG is for commands that generates keys which empirically takes
59 * a longer time on some systems.
60 *
61 * Return:
62 * * TPM_MEDIUM
63 * * TPM_LONG
64 * * TPM_LONG_LONG
65 * * TPM_UNDEFINED
66 */
67static u8 tpm2_ordinal_duration_index(u32 ordinal)
68{
69 switch (ordinal) {
70 /* Startup */
71 case TPM2_CC_STARTUP: /* 144 */
72 return TPM_MEDIUM;
73
74 case TPM2_CC_SELF_TEST: /* 143 */
75 return TPM_LONG;
76
77 case TPM2_CC_GET_RANDOM: /* 17B */
78 return TPM_LONG;
79
80 case TPM2_CC_SEQUENCE_UPDATE: /* 15C */
81 return TPM_MEDIUM;
82 case TPM2_CC_SEQUENCE_COMPLETE: /* 13E */
83 return TPM_MEDIUM;
84 case TPM2_CC_EVENT_SEQUENCE_COMPLETE: /* 185 */
85 return TPM_MEDIUM;
86 case TPM2_CC_HASH_SEQUENCE_START: /* 186 */
87 return TPM_MEDIUM;
88
89 case TPM2_CC_VERIFY_SIGNATURE: /* 177 */
90 return TPM_LONG_LONG;
91
92 case TPM2_CC_PCR_EXTEND: /* 182 */
93 return TPM_MEDIUM;
94
95 case TPM2_CC_HIERARCHY_CONTROL: /* 121 */
96 return TPM_LONG;
97 case TPM2_CC_HIERARCHY_CHANGE_AUTH: /* 129 */
98 return TPM_LONG;
99
100 case TPM2_CC_GET_CAPABILITY: /* 17A */
101 return TPM_MEDIUM;
102
103 case TPM2_CC_NV_READ: /* 14E */
104 return TPM_LONG;
105
106 case TPM2_CC_CREATE_PRIMARY: /* 131 */
107 return TPM_LONG_LONG;
108 case TPM2_CC_CREATE: /* 153 */
109 return TPM_LONG_LONG;
110 case TPM2_CC_CREATE_LOADED: /* 191 */
111 return TPM_LONG_LONG;
112
113 default:
114 return TPM_UNDEFINED;
115 }
116}
117
118/**
119 * tpm2_calc_ordinal_duration() - calculate the maximum command duration
120 * @chip: TPM chip to use.
121 * @ordinal: TPM command ordinal.
122 *
123 * The function returns the maximum amount of time the chip could take
124 * to return the result for a particular ordinal in jiffies.
125 *
126 * Return: A maximal duration time for an ordinal in jiffies.
127 */
128unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
129{
130 unsigned int index;
131
132 index = tpm2_ordinal_duration_index(ordinal);
133
134 if (index != TPM_UNDEFINED)
135 return chip->duration[index];
136 else
137 return msecs_to_jiffies(TPM2_DURATION_DEFAULT);
138}
139
140
141struct tpm2_pcr_read_out {
142 __be32 update_cnt;
143 __be32 pcr_selects_cnt;
144 __be16 hash_alg;
145 u8 pcr_select_size;
146 u8 pcr_select[TPM2_PCR_SELECT_MIN];
147 __be32 digests_cnt;
148 __be16 digest_size;
149 u8 digest[];
150} __packed;
151
152/**
153 * tpm2_pcr_read() - read a PCR value
154 * @chip: TPM chip to use.
155 * @pcr_idx: index of the PCR to read.
156 * @digest: PCR bank and buffer current PCR value is written to.
157 * @digest_size_ptr: pointer to variable that stores the digest size.
158 *
159 * Return: Same as with tpm_transmit_cmd.
160 */
161int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx,
162 struct tpm_digest *digest, u16 *digest_size_ptr)
163{
164 int i;
165 int rc;
166 struct tpm_buf buf;
167 struct tpm2_pcr_read_out *out;
168 u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0};
169 u16 digest_size;
170 u16 expected_digest_size = 0;
171
172 if (pcr_idx >= TPM2_PLATFORM_PCR)
173 return -EINVAL;
174
175 if (!digest_size_ptr) {
176 for (i = 0; i < chip->nr_allocated_banks &&
177 chip->allocated_banks[i].alg_id != digest->alg_id; i++)
178 ;
179
180 if (i == chip->nr_allocated_banks)
181 return -EINVAL;
182
183 expected_digest_size = chip->allocated_banks[i].digest_size;
184 }
185
186 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ);
187 if (rc)
188 return rc;
189
190 pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
191
192 tpm_buf_append_u32(&buf, 1);
193 tpm_buf_append_u16(&buf, digest->alg_id);
194 tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN);
195 tpm_buf_append(&buf, (const unsigned char *)pcr_select,
196 sizeof(pcr_select));
197
198 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to read a pcr value");
199 if (rc)
200 goto out;
201
202 out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE];
203 digest_size = be16_to_cpu(out->digest_size);
204 if (digest_size > sizeof(digest->digest) ||
205 (!digest_size_ptr && digest_size != expected_digest_size)) {
206 rc = -EINVAL;
207 goto out;
208 }
209
210 if (digest_size_ptr)
211 *digest_size_ptr = digest_size;
212
213 memcpy(digest->digest, out->digest, digest_size);
214out:
215 tpm_buf_destroy(&buf);
216 return rc;
217}
218
219struct tpm2_null_auth_area {
220 __be32 handle;
221 __be16 nonce_size;
222 u8 attributes;
223 __be16 auth_size;
224} __packed;
225
226/**
227 * tpm2_pcr_extend() - extend a PCR value
228 *
229 * @chip: TPM chip to use.
230 * @pcr_idx: index of the PCR.
231 * @digests: list of pcr banks and corresponding digest values to extend.
232 *
233 * Return: Same as with tpm_transmit_cmd.
234 */
235int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
236 struct tpm_digest *digests)
237{
238 struct tpm_buf buf;
239 struct tpm2_null_auth_area auth_area;
240 int rc;
241 int i;
242
243 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
244 if (rc)
245 return rc;
246
247 tpm_buf_append_u32(&buf, pcr_idx);
248
249 auth_area.handle = cpu_to_be32(TPM2_RS_PW);
250 auth_area.nonce_size = 0;
251 auth_area.attributes = 0;
252 auth_area.auth_size = 0;
253
254 tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
255 tpm_buf_append(&buf, (const unsigned char *)&auth_area,
256 sizeof(auth_area));
257 tpm_buf_append_u32(&buf, chip->nr_allocated_banks);
258
259 for (i = 0; i < chip->nr_allocated_banks; i++) {
260 tpm_buf_append_u16(&buf, digests[i].alg_id);
261 tpm_buf_append(&buf, (const unsigned char *)&digests[i].digest,
262 chip->allocated_banks[i].digest_size);
263 }
264
265 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting extend a PCR value");
266
267 tpm_buf_destroy(&buf);
268
269 return rc;
270}
271
272struct tpm2_get_random_out {
273 __be16 size;
274 u8 buffer[TPM_MAX_RNG_DATA];
275} __packed;
276
277/**
278 * tpm2_get_random() - get random bytes from the TPM RNG
279 *
280 * @chip: a &tpm_chip instance
281 * @dest: destination buffer
282 * @max: the max number of random bytes to pull
283 *
284 * Return:
285 * size of the buffer on success,
286 * -errno otherwise (positive TPM return codes are masked to -EIO)
287 */
288int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
289{
290 struct tpm2_get_random_out *out;
291 struct tpm_buf buf;
292 u32 recd;
293 u32 num_bytes = max;
294 int err;
295 int total = 0;
296 int retries = 5;
297 u8 *dest_ptr = dest;
298
299 if (!num_bytes || max > TPM_MAX_RNG_DATA)
300 return -EINVAL;
301
302 err = tpm_buf_init(&buf, 0, 0);
303 if (err)
304 return err;
305
306 do {
307 tpm_buf_reset(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_RANDOM);
308 tpm_buf_append_u16(&buf, num_bytes);
309 err = tpm_transmit_cmd(chip, &buf,
310 offsetof(struct tpm2_get_random_out,
311 buffer),
312 "attempting get random");
313 if (err) {
314 if (err > 0)
315 err = -EIO;
316 goto out;
317 }
318
319 out = (struct tpm2_get_random_out *)
320 &buf.data[TPM_HEADER_SIZE];
321 recd = min_t(u32, be16_to_cpu(out->size), num_bytes);
322 if (tpm_buf_length(&buf) <
323 TPM_HEADER_SIZE +
324 offsetof(struct tpm2_get_random_out, buffer) +
325 recd) {
326 err = -EFAULT;
327 goto out;
328 }
329 memcpy(dest_ptr, out->buffer, recd);
330
331 dest_ptr += recd;
332 total += recd;
333 num_bytes -= recd;
334 } while (retries-- && total < max);
335
336 tpm_buf_destroy(&buf);
337 return total ? total : -EIO;
338out:
339 tpm_buf_destroy(&buf);
340 return err;
341}
342
343/**
344 * tpm2_flush_context() - execute a TPM2_FlushContext command
345 * @chip: TPM chip to use
346 * @handle: context handle
347 */
348void tpm2_flush_context(struct tpm_chip *chip, u32 handle)
349{
350 struct tpm_buf buf;
351 int rc;
352
353 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT);
354 if (rc) {
355 dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n",
356 handle);
357 return;
358 }
359
360 tpm_buf_append_u32(&buf, handle);
361
362 tpm_transmit_cmd(chip, &buf, 0, "flushing context");
363 tpm_buf_destroy(&buf);
364}
365EXPORT_SYMBOL_GPL(tpm2_flush_context);
366
367struct tpm2_get_cap_out {
368 u8 more_data;
369 __be32 subcap_id;
370 __be32 property_cnt;
371 __be32 property_id;
372 __be32 value;
373} __packed;
374
375/**
376 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property
377 * @chip: a &tpm_chip instance
378 * @property_id: property ID.
379 * @value: output variable.
380 * @desc: passed to tpm_transmit_cmd()
381 *
382 * Return:
383 * 0 on success,
384 * -errno or a TPM return code otherwise
385 */
386ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value,
387 const char *desc)
388{
389 struct tpm2_get_cap_out *out;
390 struct tpm_buf buf;
391 int rc;
392
393 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
394 if (rc)
395 return rc;
396 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES);
397 tpm_buf_append_u32(&buf, property_id);
398 tpm_buf_append_u32(&buf, 1);
399 rc = tpm_transmit_cmd(chip, &buf, 0, NULL);
400 if (!rc) {
401 out = (struct tpm2_get_cap_out *)
402 &buf.data[TPM_HEADER_SIZE];
403 /*
404 * To prevent failing boot up of some systems, Infineon TPM2.0
405 * returns SUCCESS on TPM2_Startup in field upgrade mode. Also
406 * the TPM2_Getcapability command returns a zero length list
407 * in field upgrade mode.
408 */
409 if (be32_to_cpu(out->property_cnt) > 0)
410 *value = be32_to_cpu(out->value);
411 else
412 rc = -ENODATA;
413 }
414 tpm_buf_destroy(&buf);
415 return rc;
416}
417EXPORT_SYMBOL_GPL(tpm2_get_tpm_pt);
418
419/**
420 * tpm2_shutdown() - send a TPM shutdown command
421 *
422 * Sends a TPM shutdown command. The shutdown command is used in call
423 * sites where the system is going down. If it fails, there is not much
424 * that can be done except print an error message.
425 *
426 * @chip: a &tpm_chip instance
427 * @shutdown_type: TPM_SU_CLEAR or TPM_SU_STATE.
428 */
429void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type)
430{
431 struct tpm_buf buf;
432 int rc;
433
434 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SHUTDOWN);
435 if (rc)
436 return;
437 tpm_buf_append_u16(&buf, shutdown_type);
438 tpm_transmit_cmd(chip, &buf, 0, "stopping the TPM");
439 tpm_buf_destroy(&buf);
440}
441
442/**
443 * tpm2_do_selftest() - ensure that all self tests have passed
444 *
445 * @chip: TPM chip to use
446 *
447 * Return: Same as with tpm_transmit_cmd.
448 *
449 * The TPM can either run all self tests synchronously and then return
450 * RC_SUCCESS once all tests were successful. Or it can choose to run the tests
451 * asynchronously and return RC_TESTING immediately while the self tests still
452 * execute in the background. This function handles both cases and waits until
453 * all tests have completed.
454 */
455static int tpm2_do_selftest(struct tpm_chip *chip)
456{
457 struct tpm_buf buf;
458 int full;
459 int rc;
460
461 for (full = 0; full < 2; full++) {
462 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SELF_TEST);
463 if (rc)
464 return rc;
465
466 tpm_buf_append_u8(&buf, full);
467 rc = tpm_transmit_cmd(chip, &buf, 0,
468 "attempting the self test");
469 tpm_buf_destroy(&buf);
470
471 if (rc == TPM2_RC_TESTING)
472 rc = TPM2_RC_SUCCESS;
473 if (rc == TPM2_RC_INITIALIZE || rc == TPM2_RC_SUCCESS)
474 return rc;
475 }
476
477 return rc;
478}
479
480/**
481 * tpm2_probe() - probe for the TPM 2.0 protocol
482 * @chip: a &tpm_chip instance
483 *
484 * Send an idempotent TPM 2.0 command and see whether there is TPM2 chip in the
485 * other end based on the response tag. The flag TPM_CHIP_FLAG_TPM2 is set by
486 * this function if this is the case.
487 *
488 * Return:
489 * 0 on success,
490 * -errno otherwise
491 */
492int tpm2_probe(struct tpm_chip *chip)
493{
494 struct tpm_header *out;
495 struct tpm_buf buf;
496 int rc;
497
498 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
499 if (rc)
500 return rc;
501 tpm_buf_append_u32(&buf, TPM2_CAP_TPM_PROPERTIES);
502 tpm_buf_append_u32(&buf, TPM_PT_TOTAL_COMMANDS);
503 tpm_buf_append_u32(&buf, 1);
504 rc = tpm_transmit_cmd(chip, &buf, 0, NULL);
505 /* We ignore TPM return codes on purpose. */
506 if (rc >= 0) {
507 out = (struct tpm_header *)buf.data;
508 if (be16_to_cpu(out->tag) == TPM2_ST_NO_SESSIONS)
509 chip->flags |= TPM_CHIP_FLAG_TPM2;
510 }
511 tpm_buf_destroy(&buf);
512 return 0;
513}
514EXPORT_SYMBOL_GPL(tpm2_probe);
515
516static int tpm2_init_bank_info(struct tpm_chip *chip, u32 bank_index)
517{
518 struct tpm_bank_info *bank = chip->allocated_banks + bank_index;
519 struct tpm_digest digest = { .alg_id = bank->alg_id };
520 int i;
521
522 /*
523 * Avoid unnecessary PCR read operations to reduce overhead
524 * and obtain identifiers of the crypto subsystem.
525 */
526 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) {
527 enum hash_algo crypto_algo = tpm2_hash_map[i].crypto_id;
528
529 if (bank->alg_id != tpm2_hash_map[i].tpm_id)
530 continue;
531
532 bank->digest_size = hash_digest_size[crypto_algo];
533 bank->crypto_id = crypto_algo;
534 return 0;
535 }
536
537 bank->crypto_id = HASH_ALGO__LAST;
538
539 return tpm2_pcr_read(chip, 0, &digest, &bank->digest_size);
540}
541
542struct tpm2_pcr_selection {
543 __be16 hash_alg;
544 u8 size_of_select;
545 u8 pcr_select[3];
546} __packed;
547
548ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip)
549{
550 struct tpm2_pcr_selection pcr_selection;
551 struct tpm_buf buf;
552 void *marker;
553 void *end;
554 void *pcr_select_offset;
555 u32 sizeof_pcr_selection;
556 u32 nr_possible_banks;
557 u32 nr_alloc_banks = 0;
558 u16 hash_alg;
559 u32 rsp_len;
560 int rc;
561 int i = 0;
562
563 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
564 if (rc)
565 return rc;
566
567 tpm_buf_append_u32(&buf, TPM2_CAP_PCRS);
568 tpm_buf_append_u32(&buf, 0);
569 tpm_buf_append_u32(&buf, 1);
570
571 rc = tpm_transmit_cmd(chip, &buf, 9, "get tpm pcr allocation");
572 if (rc)
573 goto out;
574
575 nr_possible_banks = be32_to_cpup(
576 (__be32 *)&buf.data[TPM_HEADER_SIZE + 5]);
577
578 chip->allocated_banks = kcalloc(nr_possible_banks,
579 sizeof(*chip->allocated_banks),
580 GFP_KERNEL);
581 if (!chip->allocated_banks) {
582 rc = -ENOMEM;
583 goto out;
584 }
585
586 marker = &buf.data[TPM_HEADER_SIZE + 9];
587
588 rsp_len = be32_to_cpup((__be32 *)&buf.data[2]);
589 end = &buf.data[rsp_len];
590
591 for (i = 0; i < nr_possible_banks; i++) {
592 pcr_select_offset = marker +
593 offsetof(struct tpm2_pcr_selection, size_of_select);
594 if (pcr_select_offset >= end) {
595 rc = -EFAULT;
596 break;
597 }
598
599 memcpy(&pcr_selection, marker, sizeof(pcr_selection));
600 hash_alg = be16_to_cpu(pcr_selection.hash_alg);
601
602 pcr_select_offset = memchr_inv(pcr_selection.pcr_select, 0,
603 pcr_selection.size_of_select);
604 if (pcr_select_offset) {
605 chip->allocated_banks[nr_alloc_banks].alg_id = hash_alg;
606
607 rc = tpm2_init_bank_info(chip, nr_alloc_banks);
608 if (rc < 0)
609 break;
610
611 nr_alloc_banks++;
612 }
613
614 sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) +
615 sizeof(pcr_selection.size_of_select) +
616 pcr_selection.size_of_select;
617 marker = marker + sizeof_pcr_selection;
618 }
619
620 chip->nr_allocated_banks = nr_alloc_banks;
621out:
622 tpm_buf_destroy(&buf);
623
624 return rc;
625}
626
627int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip)
628{
629 struct tpm_buf buf;
630 u32 nr_commands;
631 __be32 *attrs;
632 u32 cc;
633 int i;
634 int rc;
635
636 rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL);
637 if (rc)
638 goto out;
639
640 if (nr_commands > 0xFFFFF) {
641 rc = -EFAULT;
642 goto out;
643 }
644
645 chip->cc_attrs_tbl = devm_kcalloc(&chip->dev, 4, nr_commands,
646 GFP_KERNEL);
647 if (!chip->cc_attrs_tbl) {
648 rc = -ENOMEM;
649 goto out;
650 }
651
652 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
653 if (rc)
654 goto out;
655
656 tpm_buf_append_u32(&buf, TPM2_CAP_COMMANDS);
657 tpm_buf_append_u32(&buf, TPM2_CC_FIRST);
658 tpm_buf_append_u32(&buf, nr_commands);
659
660 rc = tpm_transmit_cmd(chip, &buf, 9 + 4 * nr_commands, NULL);
661 if (rc) {
662 tpm_buf_destroy(&buf);
663 goto out;
664 }
665
666 if (nr_commands !=
667 be32_to_cpup((__be32 *)&buf.data[TPM_HEADER_SIZE + 5])) {
668 rc = -EFAULT;
669 tpm_buf_destroy(&buf);
670 goto out;
671 }
672
673 chip->nr_commands = nr_commands;
674
675 attrs = (__be32 *)&buf.data[TPM_HEADER_SIZE + 9];
676 for (i = 0; i < nr_commands; i++, attrs++) {
677 chip->cc_attrs_tbl[i] = be32_to_cpup(attrs);
678 cc = chip->cc_attrs_tbl[i] & 0xFFFF;
679
680 if (cc == TPM2_CC_CONTEXT_SAVE || cc == TPM2_CC_FLUSH_CONTEXT) {
681 chip->cc_attrs_tbl[i] &=
682 ~(GENMASK(2, 0) << TPM2_CC_ATTR_CHANDLES);
683 chip->cc_attrs_tbl[i] |= 1 << TPM2_CC_ATTR_CHANDLES;
684 }
685 }
686
687 tpm_buf_destroy(&buf);
688
689out:
690 if (rc > 0)
691 rc = -ENODEV;
692 return rc;
693}
694EXPORT_SYMBOL_GPL(tpm2_get_cc_attrs_tbl);
695
696/**
697 * tpm2_startup - turn on the TPM
698 * @chip: TPM chip to use
699 *
700 * Normally the firmware should start the TPM. This function is provided as a
701 * workaround if this does not happen. A legal case for this could be for
702 * example when a TPM emulator is used.
703 *
704 * Return: same as tpm_transmit_cmd()
705 */
706
707static int tpm2_startup(struct tpm_chip *chip)
708{
709 struct tpm_buf buf;
710 int rc;
711
712 dev_info(&chip->dev, "starting up the TPM manually\n");
713
714 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_STARTUP);
715 if (rc < 0)
716 return rc;
717
718 tpm_buf_append_u16(&buf, TPM2_SU_CLEAR);
719 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to start the TPM");
720 tpm_buf_destroy(&buf);
721
722 return rc;
723}
724
725/**
726 * tpm2_auto_startup - Perform the standard automatic TPM initialization
727 * sequence
728 * @chip: TPM chip to use
729 *
730 * Returns 0 on success, < 0 in case of fatal error.
731 */
732int tpm2_auto_startup(struct tpm_chip *chip)
733{
734 int rc;
735
736 rc = tpm2_get_timeouts(chip);
737 if (rc)
738 goto out;
739
740 rc = tpm2_do_selftest(chip);
741 if (rc && rc != TPM2_RC_INITIALIZE)
742 goto out;
743
744 if (rc == TPM2_RC_INITIALIZE) {
745 rc = tpm2_startup(chip);
746 if (rc)
747 goto out;
748
749 rc = tpm2_do_selftest(chip);
750 if (rc)
751 goto out;
752 }
753
754 rc = tpm2_get_cc_attrs_tbl(chip);
755 if (rc == TPM2_RC_FAILURE || (rc < 0 && rc != -ENOMEM)) {
756 dev_info(&chip->dev,
757 "TPM in field failure mode, requires firmware upgrade\n");
758 chip->flags |= TPM_CHIP_FLAG_FIRMWARE_UPGRADE;
759 rc = 0;
760 }
761
762out:
763 /*
764 * Infineon TPM in field upgrade mode will return no data for the number
765 * of supported commands.
766 */
767 if (rc == TPM2_RC_UPGRADE || rc == -ENODATA) {
768 dev_info(&chip->dev, "TPM in field upgrade mode, requires firmware upgrade\n");
769 chip->flags |= TPM_CHIP_FLAG_FIRMWARE_UPGRADE;
770 rc = 0;
771 }
772
773 if (rc > 0)
774 rc = -ENODEV;
775 return rc;
776}
777
778int tpm2_find_cc(struct tpm_chip *chip, u32 cc)
779{
780 u32 cc_mask;
781 int i;
782
783 cc_mask = 1 << TPM2_CC_ATTR_VENDOR | GENMASK(15, 0);
784 for (i = 0; i < chip->nr_commands; i++)
785 if (cc == (chip->cc_attrs_tbl[i] & cc_mask))
786 return i;
787
788 return -1;
789}
1/*
2 * Copyright (C) 2014, 2015 Intel Corporation
3 *
4 * Authors:
5 * Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
6 *
7 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
8 *
9 * This file contains TPM2 protocol implementations of the commands
10 * used by the kernel internally.
11 *
12 * This program is free software; you can redistribute it and/or
13 * modify it under the terms of the GNU General Public License
14 * as published by the Free Software Foundation; version 2
15 * of the License.
16 */
17
18#include "tpm.h"
19#include <crypto/hash_info.h>
20#include <keys/trusted-type.h>
21
22enum tpm2_object_attributes {
23 TPM2_OA_USER_WITH_AUTH = BIT(6),
24};
25
26enum tpm2_session_attributes {
27 TPM2_SA_CONTINUE_SESSION = BIT(0),
28};
29
30struct tpm2_startup_in {
31 __be16 startup_type;
32} __packed;
33
34struct tpm2_get_tpm_pt_in {
35 __be32 cap_id;
36 __be32 property_id;
37 __be32 property_cnt;
38} __packed;
39
40struct tpm2_get_tpm_pt_out {
41 u8 more_data;
42 __be32 subcap_id;
43 __be32 property_cnt;
44 __be32 property_id;
45 __be32 value;
46} __packed;
47
48struct tpm2_get_random_in {
49 __be16 size;
50} __packed;
51
52struct tpm2_get_random_out {
53 __be16 size;
54 u8 buffer[TPM_MAX_RNG_DATA];
55} __packed;
56
57union tpm2_cmd_params {
58 struct tpm2_startup_in startup_in;
59 struct tpm2_get_tpm_pt_in get_tpm_pt_in;
60 struct tpm2_get_tpm_pt_out get_tpm_pt_out;
61 struct tpm2_get_random_in getrandom_in;
62 struct tpm2_get_random_out getrandom_out;
63};
64
65struct tpm2_cmd {
66 tpm_cmd_header header;
67 union tpm2_cmd_params params;
68} __packed;
69
70struct tpm2_hash {
71 unsigned int crypto_id;
72 unsigned int tpm_id;
73};
74
75static struct tpm2_hash tpm2_hash_map[] = {
76 {HASH_ALGO_SHA1, TPM2_ALG_SHA1},
77 {HASH_ALGO_SHA256, TPM2_ALG_SHA256},
78 {HASH_ALGO_SHA384, TPM2_ALG_SHA384},
79 {HASH_ALGO_SHA512, TPM2_ALG_SHA512},
80 {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256},
81};
82
83/*
84 * Array with one entry per ordinal defining the maximum amount
85 * of time the chip could take to return the result. The values
86 * of the SHORT, MEDIUM, and LONG durations are taken from the
87 * PC Client Profile (PTP) specification.
88 * LONG_LONG is for commands that generates keys which empirically
89 * takes longer time on some systems.
90 */
91static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = {
92 TPM_UNDEFINED, /* 11F */
93 TPM_UNDEFINED, /* 120 */
94 TPM_LONG, /* 121 */
95 TPM_UNDEFINED, /* 122 */
96 TPM_UNDEFINED, /* 123 */
97 TPM_UNDEFINED, /* 124 */
98 TPM_UNDEFINED, /* 125 */
99 TPM_UNDEFINED, /* 126 */
100 TPM_UNDEFINED, /* 127 */
101 TPM_UNDEFINED, /* 128 */
102 TPM_LONG, /* 129 */
103 TPM_UNDEFINED, /* 12a */
104 TPM_UNDEFINED, /* 12b */
105 TPM_UNDEFINED, /* 12c */
106 TPM_UNDEFINED, /* 12d */
107 TPM_UNDEFINED, /* 12e */
108 TPM_UNDEFINED, /* 12f */
109 TPM_UNDEFINED, /* 130 */
110 TPM_LONG_LONG, /* 131 */
111 TPM_UNDEFINED, /* 132 */
112 TPM_UNDEFINED, /* 133 */
113 TPM_UNDEFINED, /* 134 */
114 TPM_UNDEFINED, /* 135 */
115 TPM_UNDEFINED, /* 136 */
116 TPM_UNDEFINED, /* 137 */
117 TPM_UNDEFINED, /* 138 */
118 TPM_UNDEFINED, /* 139 */
119 TPM_UNDEFINED, /* 13a */
120 TPM_UNDEFINED, /* 13b */
121 TPM_UNDEFINED, /* 13c */
122 TPM_UNDEFINED, /* 13d */
123 TPM_MEDIUM, /* 13e */
124 TPM_UNDEFINED, /* 13f */
125 TPM_UNDEFINED, /* 140 */
126 TPM_UNDEFINED, /* 141 */
127 TPM_UNDEFINED, /* 142 */
128 TPM_LONG, /* 143 */
129 TPM_MEDIUM, /* 144 */
130 TPM_UNDEFINED, /* 145 */
131 TPM_UNDEFINED, /* 146 */
132 TPM_UNDEFINED, /* 147 */
133 TPM_UNDEFINED, /* 148 */
134 TPM_UNDEFINED, /* 149 */
135 TPM_UNDEFINED, /* 14a */
136 TPM_UNDEFINED, /* 14b */
137 TPM_UNDEFINED, /* 14c */
138 TPM_UNDEFINED, /* 14d */
139 TPM_LONG, /* 14e */
140 TPM_UNDEFINED, /* 14f */
141 TPM_UNDEFINED, /* 150 */
142 TPM_UNDEFINED, /* 151 */
143 TPM_UNDEFINED, /* 152 */
144 TPM_LONG_LONG, /* 153 */
145 TPM_UNDEFINED, /* 154 */
146 TPM_UNDEFINED, /* 155 */
147 TPM_UNDEFINED, /* 156 */
148 TPM_UNDEFINED, /* 157 */
149 TPM_UNDEFINED, /* 158 */
150 TPM_UNDEFINED, /* 159 */
151 TPM_UNDEFINED, /* 15a */
152 TPM_UNDEFINED, /* 15b */
153 TPM_MEDIUM, /* 15c */
154 TPM_UNDEFINED, /* 15d */
155 TPM_UNDEFINED, /* 15e */
156 TPM_UNDEFINED, /* 15f */
157 TPM_UNDEFINED, /* 160 */
158 TPM_UNDEFINED, /* 161 */
159 TPM_UNDEFINED, /* 162 */
160 TPM_UNDEFINED, /* 163 */
161 TPM_UNDEFINED, /* 164 */
162 TPM_UNDEFINED, /* 165 */
163 TPM_UNDEFINED, /* 166 */
164 TPM_UNDEFINED, /* 167 */
165 TPM_UNDEFINED, /* 168 */
166 TPM_UNDEFINED, /* 169 */
167 TPM_UNDEFINED, /* 16a */
168 TPM_UNDEFINED, /* 16b */
169 TPM_UNDEFINED, /* 16c */
170 TPM_UNDEFINED, /* 16d */
171 TPM_UNDEFINED, /* 16e */
172 TPM_UNDEFINED, /* 16f */
173 TPM_UNDEFINED, /* 170 */
174 TPM_UNDEFINED, /* 171 */
175 TPM_UNDEFINED, /* 172 */
176 TPM_UNDEFINED, /* 173 */
177 TPM_UNDEFINED, /* 174 */
178 TPM_UNDEFINED, /* 175 */
179 TPM_UNDEFINED, /* 176 */
180 TPM_LONG, /* 177 */
181 TPM_UNDEFINED, /* 178 */
182 TPM_UNDEFINED, /* 179 */
183 TPM_MEDIUM, /* 17a */
184 TPM_LONG, /* 17b */
185 TPM_UNDEFINED, /* 17c */
186 TPM_UNDEFINED, /* 17d */
187 TPM_UNDEFINED, /* 17e */
188 TPM_UNDEFINED, /* 17f */
189 TPM_UNDEFINED, /* 180 */
190 TPM_UNDEFINED, /* 181 */
191 TPM_MEDIUM, /* 182 */
192 TPM_UNDEFINED, /* 183 */
193 TPM_UNDEFINED, /* 184 */
194 TPM_MEDIUM, /* 185 */
195 TPM_MEDIUM, /* 186 */
196 TPM_UNDEFINED, /* 187 */
197 TPM_UNDEFINED, /* 188 */
198 TPM_UNDEFINED, /* 189 */
199 TPM_UNDEFINED, /* 18a */
200 TPM_UNDEFINED, /* 18b */
201 TPM_UNDEFINED, /* 18c */
202 TPM_UNDEFINED, /* 18d */
203 TPM_UNDEFINED, /* 18e */
204 TPM_UNDEFINED /* 18f */
205};
206
207struct tpm2_pcr_read_out {
208 __be32 update_cnt;
209 __be32 pcr_selects_cnt;
210 __be16 hash_alg;
211 u8 pcr_select_size;
212 u8 pcr_select[TPM2_PCR_SELECT_MIN];
213 __be32 digests_cnt;
214 __be16 digest_size;
215 u8 digest[];
216} __packed;
217
218/**
219 * tpm2_pcr_read() - read a PCR value
220 * @chip: TPM chip to use.
221 * @pcr_idx: index of the PCR to read.
222 * @res_buf: buffer to store the resulting hash.
223 *
224 * Return: Same as with tpm_transmit_cmd.
225 */
226int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
227{
228 int rc;
229 struct tpm_buf buf;
230 struct tpm2_pcr_read_out *out;
231 u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0};
232
233 if (pcr_idx >= TPM2_PLATFORM_PCR)
234 return -EINVAL;
235
236 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ);
237 if (rc)
238 return rc;
239
240 pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
241
242 tpm_buf_append_u32(&buf, 1);
243 tpm_buf_append_u16(&buf, TPM2_ALG_SHA1);
244 tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN);
245 tpm_buf_append(&buf, (const unsigned char *)pcr_select,
246 sizeof(pcr_select));
247
248 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
249 res_buf ? "attempting to read a pcr value" : NULL);
250 if (rc == 0 && res_buf) {
251 out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE];
252 memcpy(res_buf, out->digest, SHA1_DIGEST_SIZE);
253 }
254
255 tpm_buf_destroy(&buf);
256 return rc;
257}
258
259struct tpm2_null_auth_area {
260 __be32 handle;
261 __be16 nonce_size;
262 u8 attributes;
263 __be16 auth_size;
264} __packed;
265
266/**
267 * tpm2_pcr_extend() - extend a PCR value
268 *
269 * @chip: TPM chip to use.
270 * @pcr_idx: index of the PCR.
271 * @count: number of digests passed.
272 * @digests: list of pcr banks and corresponding digest values to extend.
273 *
274 * Return: Same as with tpm_transmit_cmd.
275 */
276int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
277 struct tpm2_digest *digests)
278{
279 struct tpm_buf buf;
280 struct tpm2_null_auth_area auth_area;
281 int rc;
282 int i;
283 int j;
284
285 if (count > ARRAY_SIZE(chip->active_banks))
286 return -EINVAL;
287
288 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
289 if (rc)
290 return rc;
291
292 tpm_buf_append_u32(&buf, pcr_idx);
293
294 auth_area.handle = cpu_to_be32(TPM2_RS_PW);
295 auth_area.nonce_size = 0;
296 auth_area.attributes = 0;
297 auth_area.auth_size = 0;
298
299 tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
300 tpm_buf_append(&buf, (const unsigned char *)&auth_area,
301 sizeof(auth_area));
302 tpm_buf_append_u32(&buf, count);
303
304 for (i = 0; i < count; i++) {
305 for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) {
306 if (digests[i].alg_id != tpm2_hash_map[j].tpm_id)
307 continue;
308 tpm_buf_append_u16(&buf, digests[i].alg_id);
309 tpm_buf_append(&buf, (const unsigned char
310 *)&digests[i].digest,
311 hash_digest_size[tpm2_hash_map[j].crypto_id]);
312 }
313 }
314
315 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
316 "attempting extend a PCR value");
317
318 tpm_buf_destroy(&buf);
319
320 return rc;
321}
322
323
324#define TPM2_GETRANDOM_IN_SIZE \
325 (sizeof(struct tpm_input_header) + \
326 sizeof(struct tpm2_get_random_in))
327
328static const struct tpm_input_header tpm2_getrandom_header = {
329 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
330 .length = cpu_to_be32(TPM2_GETRANDOM_IN_SIZE),
331 .ordinal = cpu_to_be32(TPM2_CC_GET_RANDOM)
332};
333
334/**
335 * tpm2_get_random() - get random bytes from the TPM RNG
336 *
337 * @chip: TPM chip to use
338 * @out: destination buffer for the random bytes
339 * @max: the max number of bytes to write to @out
340 *
341 * Return:
342 * Size of the output buffer, or -EIO on error.
343 */
344int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max)
345{
346 struct tpm2_cmd cmd;
347 u32 recd, rlength;
348 u32 num_bytes;
349 int err;
350 int total = 0;
351 int retries = 5;
352 u8 *dest = out;
353
354 num_bytes = min_t(u32, max, sizeof(cmd.params.getrandom_out.buffer));
355
356 if (!out || !num_bytes ||
357 max > sizeof(cmd.params.getrandom_out.buffer))
358 return -EINVAL;
359
360 do {
361 cmd.header.in = tpm2_getrandom_header;
362 cmd.params.getrandom_in.size = cpu_to_be16(num_bytes);
363
364 err = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd),
365 offsetof(struct tpm2_get_random_out,
366 buffer),
367 0, "attempting get random");
368 if (err)
369 break;
370
371 recd = min_t(u32, be16_to_cpu(cmd.params.getrandom_out.size),
372 num_bytes);
373 rlength = be32_to_cpu(cmd.header.out.length);
374 if (rlength < offsetof(struct tpm2_get_random_out, buffer) +
375 recd)
376 return -EFAULT;
377 memcpy(dest, cmd.params.getrandom_out.buffer, recd);
378
379 dest += recd;
380 total += recd;
381 num_bytes -= recd;
382 } while (retries-- && total < max);
383
384 return total ? total : -EIO;
385}
386
387#define TPM2_GET_TPM_PT_IN_SIZE \
388 (sizeof(struct tpm_input_header) + \
389 sizeof(struct tpm2_get_tpm_pt_in))
390
391#define TPM2_GET_TPM_PT_OUT_BODY_SIZE \
392 sizeof(struct tpm2_get_tpm_pt_out)
393
394static const struct tpm_input_header tpm2_get_tpm_pt_header = {
395 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
396 .length = cpu_to_be32(TPM2_GET_TPM_PT_IN_SIZE),
397 .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY)
398};
399
400/**
401 * tpm2_flush_context_cmd() - execute a TPM2_FlushContext command
402 * @chip: TPM chip to use
403 * @payload: the key data in clear and encrypted form
404 * @options: authentication values and other options
405 *
406 * Return: same as with tpm_transmit_cmd
407 */
408void tpm2_flush_context_cmd(struct tpm_chip *chip, u32 handle,
409 unsigned int flags)
410{
411 struct tpm_buf buf;
412 int rc;
413
414 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_FLUSH_CONTEXT);
415 if (rc) {
416 dev_warn(&chip->dev, "0x%08x was not flushed, out of memory\n",
417 handle);
418 return;
419 }
420
421 tpm_buf_append_u32(&buf, handle);
422
423 (void) tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, flags,
424 "flushing context");
425
426 tpm_buf_destroy(&buf);
427}
428
429/**
430 * tpm_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer.
431 *
432 * @buf: an allocated tpm_buf instance
433 * @session_handle: session handle
434 * @nonce: the session nonce, may be NULL if not used
435 * @nonce_len: the session nonce length, may be 0 if not used
436 * @attributes: the session attributes
437 * @hmac: the session HMAC or password, may be NULL if not used
438 * @hmac_len: the session HMAC or password length, maybe 0 if not used
439 */
440static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle,
441 const u8 *nonce, u16 nonce_len,
442 u8 attributes,
443 const u8 *hmac, u16 hmac_len)
444{
445 tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len);
446 tpm_buf_append_u32(buf, session_handle);
447 tpm_buf_append_u16(buf, nonce_len);
448
449 if (nonce && nonce_len)
450 tpm_buf_append(buf, nonce, nonce_len);
451
452 tpm_buf_append_u8(buf, attributes);
453 tpm_buf_append_u16(buf, hmac_len);
454
455 if (hmac && hmac_len)
456 tpm_buf_append(buf, hmac, hmac_len);
457}
458
459/**
460 * tpm2_seal_trusted() - seal the payload of a trusted key
461 *
462 * @chip: TPM chip to use
463 * @payload: the key data in clear and encrypted form
464 * @options: authentication values and other options
465 *
466 * Return: < 0 on error and 0 on success.
467 */
468int tpm2_seal_trusted(struct tpm_chip *chip,
469 struct trusted_key_payload *payload,
470 struct trusted_key_options *options)
471{
472 unsigned int blob_len;
473 struct tpm_buf buf;
474 u32 hash, rlength;
475 int i;
476 int rc;
477
478 for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) {
479 if (options->hash == tpm2_hash_map[i].crypto_id) {
480 hash = tpm2_hash_map[i].tpm_id;
481 break;
482 }
483 }
484
485 if (i == ARRAY_SIZE(tpm2_hash_map))
486 return -EINVAL;
487
488 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE);
489 if (rc)
490 return rc;
491
492 tpm_buf_append_u32(&buf, options->keyhandle);
493 tpm2_buf_append_auth(&buf, TPM2_RS_PW,
494 NULL /* nonce */, 0,
495 0 /* session_attributes */,
496 options->keyauth /* hmac */,
497 TPM_DIGEST_SIZE);
498
499 /* sensitive */
500 tpm_buf_append_u16(&buf, 4 + TPM_DIGEST_SIZE + payload->key_len + 1);
501
502 tpm_buf_append_u16(&buf, TPM_DIGEST_SIZE);
503 tpm_buf_append(&buf, options->blobauth, TPM_DIGEST_SIZE);
504 tpm_buf_append_u16(&buf, payload->key_len + 1);
505 tpm_buf_append(&buf, payload->key, payload->key_len);
506 tpm_buf_append_u8(&buf, payload->migratable);
507
508 /* public */
509 tpm_buf_append_u16(&buf, 14 + options->policydigest_len);
510 tpm_buf_append_u16(&buf, TPM2_ALG_KEYEDHASH);
511 tpm_buf_append_u16(&buf, hash);
512
513 /* policy */
514 if (options->policydigest_len) {
515 tpm_buf_append_u32(&buf, 0);
516 tpm_buf_append_u16(&buf, options->policydigest_len);
517 tpm_buf_append(&buf, options->policydigest,
518 options->policydigest_len);
519 } else {
520 tpm_buf_append_u32(&buf, TPM2_OA_USER_WITH_AUTH);
521 tpm_buf_append_u16(&buf, 0);
522 }
523
524 /* public parameters */
525 tpm_buf_append_u16(&buf, TPM2_ALG_NULL);
526 tpm_buf_append_u16(&buf, 0);
527
528 /* outside info */
529 tpm_buf_append_u16(&buf, 0);
530
531 /* creation PCR */
532 tpm_buf_append_u32(&buf, 0);
533
534 if (buf.flags & TPM_BUF_OVERFLOW) {
535 rc = -E2BIG;
536 goto out;
537 }
538
539 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 4, 0,
540 "sealing data");
541 if (rc)
542 goto out;
543
544 blob_len = be32_to_cpup((__be32 *) &buf.data[TPM_HEADER_SIZE]);
545 if (blob_len > MAX_BLOB_SIZE) {
546 rc = -E2BIG;
547 goto out;
548 }
549 rlength = be32_to_cpu(((struct tpm2_cmd *)&buf)->header.out.length);
550 if (rlength < TPM_HEADER_SIZE + 4 + blob_len) {
551 rc = -EFAULT;
552 goto out;
553 }
554
555 memcpy(payload->blob, &buf.data[TPM_HEADER_SIZE + 4], blob_len);
556 payload->blob_len = blob_len;
557
558out:
559 tpm_buf_destroy(&buf);
560
561 if (rc > 0) {
562 if (tpm2_rc_value(rc) == TPM2_RC_HASH)
563 rc = -EINVAL;
564 else
565 rc = -EPERM;
566 }
567
568 return rc;
569}
570
571/**
572 * tpm2_load_cmd() - execute a TPM2_Load command
573 *
574 * @chip: TPM chip to use
575 * @payload: the key data in clear and encrypted form
576 * @options: authentication values and other options
577 * @blob_handle: returned blob handle
578 * @flags: tpm transmit flags
579 *
580 * Return: 0 on success.
581 * -E2BIG on wrong payload size.
582 * -EPERM on tpm error status.
583 * < 0 error from tpm_transmit_cmd.
584 */
585static int tpm2_load_cmd(struct tpm_chip *chip,
586 struct trusted_key_payload *payload,
587 struct trusted_key_options *options,
588 u32 *blob_handle, unsigned int flags)
589{
590 struct tpm_buf buf;
591 unsigned int private_len;
592 unsigned int public_len;
593 unsigned int blob_len;
594 int rc;
595
596 private_len = be16_to_cpup((__be16 *) &payload->blob[0]);
597 if (private_len > (payload->blob_len - 2))
598 return -E2BIG;
599
600 public_len = be16_to_cpup((__be16 *) &payload->blob[2 + private_len]);
601 blob_len = private_len + public_len + 4;
602 if (blob_len > payload->blob_len)
603 return -E2BIG;
604
605 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_LOAD);
606 if (rc)
607 return rc;
608
609 tpm_buf_append_u32(&buf, options->keyhandle);
610 tpm2_buf_append_auth(&buf, TPM2_RS_PW,
611 NULL /* nonce */, 0,
612 0 /* session_attributes */,
613 options->keyauth /* hmac */,
614 TPM_DIGEST_SIZE);
615
616 tpm_buf_append(&buf, payload->blob, blob_len);
617
618 if (buf.flags & TPM_BUF_OVERFLOW) {
619 rc = -E2BIG;
620 goto out;
621 }
622
623 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 4, flags,
624 "loading blob");
625 if (!rc)
626 *blob_handle = be32_to_cpup(
627 (__be32 *) &buf.data[TPM_HEADER_SIZE]);
628
629out:
630 tpm_buf_destroy(&buf);
631
632 if (rc > 0)
633 rc = -EPERM;
634
635 return rc;
636}
637
638/**
639 * tpm2_unseal_cmd() - execute a TPM2_Unload command
640 *
641 * @chip: TPM chip to use
642 * @payload: the key data in clear and encrypted form
643 * @options: authentication values and other options
644 * @blob_handle: blob handle
645 * @flags: tpm_transmit_cmd flags
646 *
647 * Return: 0 on success
648 * -EPERM on tpm error status
649 * < 0 error from tpm_transmit_cmd
650 */
651static int tpm2_unseal_cmd(struct tpm_chip *chip,
652 struct trusted_key_payload *payload,
653 struct trusted_key_options *options,
654 u32 blob_handle, unsigned int flags)
655{
656 struct tpm_buf buf;
657 u16 data_len;
658 u8 *data;
659 int rc;
660 u32 rlength;
661
662 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL);
663 if (rc)
664 return rc;
665
666 tpm_buf_append_u32(&buf, blob_handle);
667 tpm2_buf_append_auth(&buf,
668 options->policyhandle ?
669 options->policyhandle : TPM2_RS_PW,
670 NULL /* nonce */, 0,
671 TPM2_SA_CONTINUE_SESSION,
672 options->blobauth /* hmac */,
673 TPM_DIGEST_SIZE);
674
675 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 6, flags,
676 "unsealing");
677 if (rc > 0)
678 rc = -EPERM;
679
680 if (!rc) {
681 data_len = be16_to_cpup(
682 (__be16 *) &buf.data[TPM_HEADER_SIZE + 4]);
683 if (data_len < MIN_KEY_SIZE || data_len > MAX_KEY_SIZE + 1) {
684 rc = -EFAULT;
685 goto out;
686 }
687
688 rlength = be32_to_cpu(((struct tpm2_cmd *)&buf)
689 ->header.out.length);
690 if (rlength < TPM_HEADER_SIZE + 6 + data_len) {
691 rc = -EFAULT;
692 goto out;
693 }
694 data = &buf.data[TPM_HEADER_SIZE + 6];
695
696 memcpy(payload->key, data, data_len - 1);
697 payload->key_len = data_len - 1;
698 payload->migratable = data[data_len - 1];
699 }
700
701out:
702 tpm_buf_destroy(&buf);
703 return rc;
704}
705
706/**
707 * tpm2_unseal_trusted() - unseal the payload of a trusted key
708 *
709 * @chip: TPM chip to use
710 * @payload: the key data in clear and encrypted form
711 * @options: authentication values and other options
712 *
713 * Return: Same as with tpm_transmit_cmd.
714 */
715int tpm2_unseal_trusted(struct tpm_chip *chip,
716 struct trusted_key_payload *payload,
717 struct trusted_key_options *options)
718{
719 u32 blob_handle;
720 int rc;
721
722 mutex_lock(&chip->tpm_mutex);
723 rc = tpm2_load_cmd(chip, payload, options, &blob_handle,
724 TPM_TRANSMIT_UNLOCKED);
725 if (rc)
726 goto out;
727
728 rc = tpm2_unseal_cmd(chip, payload, options, blob_handle,
729 TPM_TRANSMIT_UNLOCKED);
730 tpm2_flush_context_cmd(chip, blob_handle, TPM_TRANSMIT_UNLOCKED);
731out:
732 mutex_unlock(&chip->tpm_mutex);
733 return rc;
734}
735
736/**
737 * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property
738 * @chip: TPM chip to use.
739 * @property_id: property ID.
740 * @value: output variable.
741 * @desc: passed to tpm_transmit_cmd()
742 *
743 * Return: Same as with tpm_transmit_cmd.
744 */
745ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value,
746 const char *desc)
747{
748 struct tpm2_cmd cmd;
749 int rc;
750
751 cmd.header.in = tpm2_get_tpm_pt_header;
752 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES);
753 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(property_id);
754 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1);
755
756 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd),
757 TPM2_GET_TPM_PT_OUT_BODY_SIZE, 0, desc);
758 if (!rc)
759 *value = be32_to_cpu(cmd.params.get_tpm_pt_out.value);
760
761 return rc;
762}
763EXPORT_SYMBOL_GPL(tpm2_get_tpm_pt);
764
765#define TPM2_SHUTDOWN_IN_SIZE \
766 (sizeof(struct tpm_input_header) + \
767 sizeof(struct tpm2_startup_in))
768
769static const struct tpm_input_header tpm2_shutdown_header = {
770 .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
771 .length = cpu_to_be32(TPM2_SHUTDOWN_IN_SIZE),
772 .ordinal = cpu_to_be32(TPM2_CC_SHUTDOWN)
773};
774
775/**
776 * tpm2_shutdown() - send shutdown command to the TPM chip
777 *
778 * @chip: TPM chip to use.
779 * @shutdown_type: shutdown type. The value is either
780 * TPM_SU_CLEAR or TPM_SU_STATE.
781 */
782void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type)
783{
784 struct tpm2_cmd cmd;
785 int rc;
786
787 cmd.header.in = tpm2_shutdown_header;
788 cmd.params.startup_in.startup_type = cpu_to_be16(shutdown_type);
789
790 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 0, 0,
791 "stopping the TPM");
792
793 /* In places where shutdown command is sent there's no much we can do
794 * except print the error code on a system failure.
795 */
796 if (rc < 0 && rc != -EPIPE)
797 dev_warn(&chip->dev, "transmit returned %d while stopping the TPM",
798 rc);
799}
800
801/*
802 * tpm2_calc_ordinal_duration() - maximum duration for a command
803 *
804 * @chip: TPM chip to use.
805 * @ordinal: command code number.
806 *
807 * Return: maximum duration for a command
808 */
809unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal)
810{
811 int index = TPM_UNDEFINED;
812 int duration = 0;
813
814 if (ordinal >= TPM2_CC_FIRST && ordinal <= TPM2_CC_LAST)
815 index = tpm2_ordinal_duration[ordinal - TPM2_CC_FIRST];
816
817 if (index != TPM_UNDEFINED)
818 duration = chip->duration[index];
819
820 if (duration <= 0)
821 duration = msecs_to_jiffies(TPM2_DURATION_DEFAULT);
822
823 return duration;
824}
825EXPORT_SYMBOL_GPL(tpm2_calc_ordinal_duration);
826
827/**
828 * tpm2_do_selftest() - ensure that all self tests have passed
829 *
830 * @chip: TPM chip to use
831 *
832 * Return: Same as with tpm_transmit_cmd.
833 *
834 * The TPM can either run all self tests synchronously and then return
835 * RC_SUCCESS once all tests were successful. Or it can choose to run the tests
836 * asynchronously and return RC_TESTING immediately while the self tests still
837 * execute in the background. This function handles both cases and waits until
838 * all tests have completed.
839 */
840static int tpm2_do_selftest(struct tpm_chip *chip)
841{
842 struct tpm_buf buf;
843 int full;
844 int rc;
845
846 for (full = 0; full < 2; full++) {
847 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_SELF_TEST);
848 if (rc)
849 return rc;
850
851 tpm_buf_append_u8(&buf, full);
852 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
853 "attempting the self test");
854 tpm_buf_destroy(&buf);
855
856 if (rc == TPM2_RC_TESTING)
857 rc = TPM2_RC_SUCCESS;
858 if (rc == TPM2_RC_INITIALIZE || rc == TPM2_RC_SUCCESS)
859 return rc;
860 }
861
862 return rc;
863}
864
865/**
866 * tpm2_probe() - probe TPM 2.0
867 * @chip: TPM chip to use
868 *
869 * Return: < 0 error and 0 on success.
870 *
871 * Send idempotent TPM 2.0 command and see whether TPM 2.0 chip replied based on
872 * the reply tag.
873 */
874int tpm2_probe(struct tpm_chip *chip)
875{
876 struct tpm2_cmd cmd;
877 int rc;
878
879 cmd.header.in = tpm2_get_tpm_pt_header;
880 cmd.params.get_tpm_pt_in.cap_id = cpu_to_be32(TPM2_CAP_TPM_PROPERTIES);
881 cmd.params.get_tpm_pt_in.property_id = cpu_to_be32(0x100);
882 cmd.params.get_tpm_pt_in.property_cnt = cpu_to_be32(1);
883
884 rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 0, 0, NULL);
885 if (rc < 0)
886 return rc;
887
888 if (be16_to_cpu(cmd.header.out.tag) == TPM2_ST_NO_SESSIONS)
889 chip->flags |= TPM_CHIP_FLAG_TPM2;
890
891 return 0;
892}
893EXPORT_SYMBOL_GPL(tpm2_probe);
894
895struct tpm2_pcr_selection {
896 __be16 hash_alg;
897 u8 size_of_select;
898 u8 pcr_select[3];
899} __packed;
900
901static ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip)
902{
903 struct tpm2_pcr_selection pcr_selection;
904 struct tpm_buf buf;
905 void *marker;
906 void *end;
907 void *pcr_select_offset;
908 unsigned int count;
909 u32 sizeof_pcr_selection;
910 u32 rsp_len;
911 int rc;
912 int i = 0;
913
914 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
915 if (rc)
916 return rc;
917
918 tpm_buf_append_u32(&buf, TPM2_CAP_PCRS);
919 tpm_buf_append_u32(&buf, 0);
920 tpm_buf_append_u32(&buf, 1);
921
922 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 9, 0,
923 "get tpm pcr allocation");
924 if (rc)
925 goto out;
926
927 count = be32_to_cpup(
928 (__be32 *)&buf.data[TPM_HEADER_SIZE + 5]);
929
930 if (count > ARRAY_SIZE(chip->active_banks)) {
931 rc = -ENODEV;
932 goto out;
933 }
934
935 marker = &buf.data[TPM_HEADER_SIZE + 9];
936
937 rsp_len = be32_to_cpup((__be32 *)&buf.data[2]);
938 end = &buf.data[rsp_len];
939
940 for (i = 0; i < count; i++) {
941 pcr_select_offset = marker +
942 offsetof(struct tpm2_pcr_selection, size_of_select);
943 if (pcr_select_offset >= end) {
944 rc = -EFAULT;
945 break;
946 }
947
948 memcpy(&pcr_selection, marker, sizeof(pcr_selection));
949 chip->active_banks[i] = be16_to_cpu(pcr_selection.hash_alg);
950 sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) +
951 sizeof(pcr_selection.size_of_select) +
952 pcr_selection.size_of_select;
953 marker = marker + sizeof_pcr_selection;
954 }
955
956out:
957 if (i < ARRAY_SIZE(chip->active_banks))
958 chip->active_banks[i] = TPM2_ALG_ERROR;
959
960 tpm_buf_destroy(&buf);
961
962 return rc;
963}
964
965static int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip)
966{
967 struct tpm_buf buf;
968 u32 nr_commands;
969 __be32 *attrs;
970 u32 cc;
971 int i;
972 int rc;
973
974 rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL);
975 if (rc)
976 goto out;
977
978 if (nr_commands > 0xFFFFF) {
979 rc = -EFAULT;
980 goto out;
981 }
982
983 chip->cc_attrs_tbl = devm_kzalloc(&chip->dev, 4 * nr_commands,
984 GFP_KERNEL);
985
986 rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_CAPABILITY);
987 if (rc)
988 goto out;
989
990 tpm_buf_append_u32(&buf, TPM2_CAP_COMMANDS);
991 tpm_buf_append_u32(&buf, TPM2_CC_FIRST);
992 tpm_buf_append_u32(&buf, nr_commands);
993
994 rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE,
995 9 + 4 * nr_commands, 0, NULL);
996 if (rc) {
997 tpm_buf_destroy(&buf);
998 goto out;
999 }
1000
1001 if (nr_commands !=
1002 be32_to_cpup((__be32 *)&buf.data[TPM_HEADER_SIZE + 5])) {
1003 tpm_buf_destroy(&buf);
1004 goto out;
1005 }
1006
1007 chip->nr_commands = nr_commands;
1008
1009 attrs = (__be32 *)&buf.data[TPM_HEADER_SIZE + 9];
1010 for (i = 0; i < nr_commands; i++, attrs++) {
1011 chip->cc_attrs_tbl[i] = be32_to_cpup(attrs);
1012 cc = chip->cc_attrs_tbl[i] & 0xFFFF;
1013
1014 if (cc == TPM2_CC_CONTEXT_SAVE || cc == TPM2_CC_FLUSH_CONTEXT) {
1015 chip->cc_attrs_tbl[i] &=
1016 ~(GENMASK(2, 0) << TPM2_CC_ATTR_CHANDLES);
1017 chip->cc_attrs_tbl[i] |= 1 << TPM2_CC_ATTR_CHANDLES;
1018 }
1019 }
1020
1021 tpm_buf_destroy(&buf);
1022
1023out:
1024 if (rc > 0)
1025 rc = -ENODEV;
1026 return rc;
1027}
1028
1029/**
1030 * tpm2_auto_startup - Perform the standard automatic TPM initialization
1031 * sequence
1032 * @chip: TPM chip to use
1033 *
1034 * Returns 0 on success, < 0 in case of fatal error.
1035 */
1036int tpm2_auto_startup(struct tpm_chip *chip)
1037{
1038 int rc;
1039
1040 rc = tpm_get_timeouts(chip);
1041 if (rc)
1042 goto out;
1043
1044 rc = tpm2_do_selftest(chip);
1045 if (rc && rc != TPM2_RC_INITIALIZE)
1046 goto out;
1047
1048 if (rc == TPM2_RC_INITIALIZE) {
1049 rc = tpm_startup(chip);
1050 if (rc)
1051 goto out;
1052
1053 rc = tpm2_do_selftest(chip);
1054 if (rc)
1055 goto out;
1056 }
1057
1058 rc = tpm2_get_pcr_allocation(chip);
1059 if (rc)
1060 goto out;
1061
1062 rc = tpm2_get_cc_attrs_tbl(chip);
1063
1064out:
1065 if (rc > 0)
1066 rc = -ENODEV;
1067 return rc;
1068}
1069
1070int tpm2_find_cc(struct tpm_chip *chip, u32 cc)
1071{
1072 int i;
1073
1074 for (i = 0; i < chip->nr_commands; i++)
1075 if (cc == (chip->cc_attrs_tbl[i] & GENMASK(15, 0)))
1076 return i;
1077
1078 return -1;
1079}