drivers/char/tpm/tpm_vtpm_proxy.c at nocache-cleanup

tjh.dev / kernel
fork atom
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom
kernel / drivers / char / tpm / tpm_vtpm_proxy.c
at nocache-cleanup 718 lines 16 kB view raw
wrap content
  1// SPDX-License-Identifier: GPL-2.0-only
  2/*
  3 * Copyright (C) 2015, 2016 IBM Corporation
  4 * Copyright (C) 2016 Intel Corporation
  5 *
  6 * Author: Stefan Berger <stefanb@us.ibm.com>
  7 *
  8 * Maintained by: <tpmdd-devel@lists.sourceforge.net>
  9 *
 10 * Device driver for vTPM (vTPM proxy driver)
 11 */
 12
 13#include <linux/types.h>
 14#include <linux/spinlock.h>
 15#include <linux/uaccess.h>
 16#include <linux/wait.h>
 17#include <linux/miscdevice.h>
 18#include <linux/vtpm_proxy.h>
 19#include <linux/file.h>
 20#include <linux/anon_inodes.h>
 21#include <linux/poll.h>
 22#include <linux/compat.h>
 23
 24#include "tpm.h"
 25
 26#define VTPM_PROXY_REQ_COMPLETE_FLAG  BIT(0)
 27
 28struct proxy_dev {
 29	struct tpm_chip *chip;
 30
 31	u32 flags;                   /* public API flags */
 32
 33	wait_queue_head_t wq;
 34
 35	struct mutex buf_lock;       /* protect buffer and flags */
 36
 37	long state;                  /* internal state */
 38#define STATE_OPENED_FLAG        BIT(0)
 39#define STATE_WAIT_RESPONSE_FLAG BIT(1)  /* waiting for emulator response */
 40#define STATE_REGISTERED_FLAG	 BIT(2)
 41#define STATE_DRIVER_COMMAND     BIT(3)  /* sending a driver specific command */
 42
 43	size_t req_len;              /* length of queued TPM request */
 44	size_t resp_len;             /* length of queued TPM response */
 45	u8 buffer[TPM_BUFSIZE];      /* request/response buffer */
 46
 47	struct work_struct work;     /* task that retrieves TPM timeouts */
 48};
 49
 50/* all supported flags */
 51#define VTPM_PROXY_FLAGS_ALL  (VTPM_PROXY_FLAG_TPM2)
 52
 53static struct workqueue_struct *workqueue;
 54
 55static void vtpm_proxy_delete_device(struct proxy_dev *proxy_dev);
 56
 57/*
 58 * Functions related to 'server side'
 59 */
 60
 61/**
 62 * vtpm_proxy_fops_read - Read TPM commands on 'server side'
 63 *
 64 * @filp: file pointer
 65 * @buf: read buffer
 66 * @count: number of bytes to read
 67 * @off: offset
 68 *
 69 * Return:
 70 *	Number of bytes read or negative error code
 71 */
 72static ssize_t vtpm_proxy_fops_read(struct file *filp, char __user *buf,
 73				    size_t count, loff_t *off)
 74{
 75	struct proxy_dev *proxy_dev = filp->private_data;
 76	size_t len;
 77	int sig, rc;
 78
 79	sig = wait_event_interruptible(proxy_dev->wq,
 80		proxy_dev->req_len != 0 ||
 81		!(proxy_dev->state & STATE_OPENED_FLAG));
 82	if (sig)
 83		return -EINTR;
 84
 85	mutex_lock(&proxy_dev->buf_lock);
 86
 87	if (!(proxy_dev->state & STATE_OPENED_FLAG)) {
 88		mutex_unlock(&proxy_dev->buf_lock);
 89		return -EPIPE;
 90	}
 91
 92	len = proxy_dev->req_len;
 93
 94	if (count < len || len > sizeof(proxy_dev->buffer)) {
 95		mutex_unlock(&proxy_dev->buf_lock);
 96		pr_debug("Invalid size in recv: count=%zd, req_len=%zd\n",
 97			 count, len);
 98		return -EIO;
 99	}
100
101	rc = copy_to_user(buf, proxy_dev->buffer, len);
102	memset(proxy_dev->buffer, 0, len);
103	proxy_dev->req_len = 0;
104
105	if (!rc)
106		proxy_dev->state |= STATE_WAIT_RESPONSE_FLAG;
107
108	mutex_unlock(&proxy_dev->buf_lock);
109
110	if (rc)
111		return -EFAULT;
112
113	return len;
114}
115
116/**
117 * vtpm_proxy_fops_write - Write TPM responses on 'server side'
118 *
119 * @filp: file pointer
120 * @buf: write buffer
121 * @count: number of bytes to write
122 * @off: offset
123 *
124 * Return:
125 *	Number of bytes read or negative error value
126 */
127static ssize_t vtpm_proxy_fops_write(struct file *filp, const char __user *buf,
128				     size_t count, loff_t *off)
129{
130	struct proxy_dev *proxy_dev = filp->private_data;
131
132	mutex_lock(&proxy_dev->buf_lock);
133
134	if (!(proxy_dev->state & STATE_OPENED_FLAG)) {
135		mutex_unlock(&proxy_dev->buf_lock);
136		return -EPIPE;
137	}
138
139	if (count > sizeof(proxy_dev->buffer) ||
140	    !(proxy_dev->state & STATE_WAIT_RESPONSE_FLAG)) {
141		mutex_unlock(&proxy_dev->buf_lock);
142		return -EIO;
143	}
144
145	proxy_dev->state &= ~STATE_WAIT_RESPONSE_FLAG;
146
147	proxy_dev->req_len = 0;
148
149	if (copy_from_user(proxy_dev->buffer, buf, count)) {
150		mutex_unlock(&proxy_dev->buf_lock);
151		return -EFAULT;
152	}
153
154	proxy_dev->resp_len = count;
155
156	mutex_unlock(&proxy_dev->buf_lock);
157
158	wake_up_interruptible(&proxy_dev->wq);
159
160	return count;
161}
162
163/*
164 * vtpm_proxy_fops_poll - Poll status on 'server side'
165 *
166 * @filp: file pointer
167 * @wait: poll table
168 *
169 * Return: Poll flags
170 */
171static __poll_t vtpm_proxy_fops_poll(struct file *filp, poll_table *wait)
172{
173	struct proxy_dev *proxy_dev = filp->private_data;
174	__poll_t ret;
175
176	poll_wait(filp, &proxy_dev->wq, wait);
177
178	ret = EPOLLOUT;
179
180	mutex_lock(&proxy_dev->buf_lock);
181
182	if (proxy_dev->req_len)
183		ret |= EPOLLIN | EPOLLRDNORM;
184
185	if (!(proxy_dev->state & STATE_OPENED_FLAG))
186		ret |= EPOLLHUP;
187
188	mutex_unlock(&proxy_dev->buf_lock);
189
190	return ret;
191}
192
193/*
194 * vtpm_proxy_fops_open - Open vTPM device on 'server side'
195 *
196 * @filp: file pointer
197 *
198 * Called when setting up the anonymous file descriptor
199 */
200static void vtpm_proxy_fops_open(struct file *filp)
201{
202	struct proxy_dev *proxy_dev = filp->private_data;
203
204	proxy_dev->state |= STATE_OPENED_FLAG;
205}
206
207/**
208 * vtpm_proxy_fops_undo_open - counter-part to vtpm_fops_open
209 *       Call to undo vtpm_proxy_fops_open
210 *
211 *@proxy_dev: tpm proxy device
212 */
213static void vtpm_proxy_fops_undo_open(struct proxy_dev *proxy_dev)
214{
215	mutex_lock(&proxy_dev->buf_lock);
216
217	proxy_dev->state &= ~STATE_OPENED_FLAG;
218
219	mutex_unlock(&proxy_dev->buf_lock);
220
221	/* no more TPM responses -- wake up anyone waiting for them */
222	wake_up_interruptible(&proxy_dev->wq);
223}
224
225/*
226 * vtpm_proxy_fops_release - Close 'server side'
227 *
228 * @inode: inode
229 * @filp: file pointer
230 * Return:
231 *      Always returns 0.
232 */
233static int vtpm_proxy_fops_release(struct inode *inode, struct file *filp)
234{
235	struct proxy_dev *proxy_dev = filp->private_data;
236
237	filp->private_data = NULL;
238
239	vtpm_proxy_delete_device(proxy_dev);
240
241	return 0;
242}
243
244static const struct file_operations vtpm_proxy_fops = {
245	.owner = THIS_MODULE,
246	.read = vtpm_proxy_fops_read,
247	.write = vtpm_proxy_fops_write,
248	.poll = vtpm_proxy_fops_poll,
249	.release = vtpm_proxy_fops_release,
250};
251
252/*
253 * Functions invoked by the core TPM driver to send TPM commands to
254 * 'server side' and receive responses from there.
255 */
256
257/*
258 * Called when core TPM driver reads TPM responses from 'server side'
259 *
260 * @chip: tpm chip to use
261 * @buf: receive buffer
262 * @count: bytes to read
263 * Return:
264 *      Number of TPM response bytes read, negative error value otherwise
265 */
266static int vtpm_proxy_tpm_op_recv(struct tpm_chip *chip, u8 *buf, size_t count)
267{
268	struct proxy_dev *proxy_dev = dev_get_drvdata(&chip->dev);
269	size_t len;
270
271	/* process gone ? */
272	mutex_lock(&proxy_dev->buf_lock);
273
274	if (!(proxy_dev->state & STATE_OPENED_FLAG)) {
275		mutex_unlock(&proxy_dev->buf_lock);
276		return -EPIPE;
277	}
278
279	len = proxy_dev->resp_len;
280	if (count < len) {
281		dev_err(&chip->dev,
282			"Invalid size in recv: count=%zd, resp_len=%zd\n",
283			count, len);
284		len = -EIO;
285		goto out;
286	}
287
288	memcpy(buf, proxy_dev->buffer, len);
289	proxy_dev->resp_len = 0;
290
291out:
292	mutex_unlock(&proxy_dev->buf_lock);
293
294	return len;
295}
296
297static int vtpm_proxy_is_driver_command(struct tpm_chip *chip,
298					u8 *buf, size_t count)
299{
300	struct tpm_header *hdr = (struct tpm_header *)buf;
301
302	if (count < sizeof(struct tpm_header))
303		return 0;
304
305	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
306		switch (be32_to_cpu(hdr->ordinal)) {
307		case TPM2_CC_SET_LOCALITY:
308			return 1;
309		}
310	} else {
311		switch (be32_to_cpu(hdr->ordinal)) {
312		case TPM_ORD_SET_LOCALITY:
313			return 1;
314		}
315	}
316	return 0;
317}
318
319/*
320 * Called when core TPM driver forwards TPM requests to 'server side'.
321 *
322 * @chip: tpm chip to use
323 * @buf: send buffer
324 * @bufsiz: size of the buffer
325 * @count: bytes to send
326 *
327 * Return:
328 *      0 in case of success, negative error value otherwise.
329 */
330static int vtpm_proxy_tpm_op_send(struct tpm_chip *chip, u8 *buf, size_t bufsiz,
331				  size_t count)
332{
333	struct proxy_dev *proxy_dev = dev_get_drvdata(&chip->dev);
334
335	if (count > sizeof(proxy_dev->buffer)) {
336		dev_err(&chip->dev,
337			"Invalid size in send: count=%zd, buffer size=%zd\n",
338			count, sizeof(proxy_dev->buffer));
339		return -EIO;
340	}
341
342	if (!(proxy_dev->state & STATE_DRIVER_COMMAND) &&
343	    vtpm_proxy_is_driver_command(chip, buf, count))
344		return -EFAULT;
345
346	mutex_lock(&proxy_dev->buf_lock);
347
348	if (!(proxy_dev->state & STATE_OPENED_FLAG)) {
349		mutex_unlock(&proxy_dev->buf_lock);
350		return -EPIPE;
351	}
352
353	proxy_dev->resp_len = 0;
354
355	proxy_dev->req_len = count;
356	memcpy(proxy_dev->buffer, buf, count);
357
358	proxy_dev->state &= ~STATE_WAIT_RESPONSE_FLAG;
359
360	mutex_unlock(&proxy_dev->buf_lock);
361
362	wake_up_interruptible(&proxy_dev->wq);
363
364	return 0;
365}
366
367static void vtpm_proxy_tpm_op_cancel(struct tpm_chip *chip)
368{
369	/* not supported */
370}
371
372static u8 vtpm_proxy_tpm_op_status(struct tpm_chip *chip)
373{
374	struct proxy_dev *proxy_dev = dev_get_drvdata(&chip->dev);
375
376	if (proxy_dev->resp_len)
377		return VTPM_PROXY_REQ_COMPLETE_FLAG;
378
379	return 0;
380}
381
382static bool vtpm_proxy_tpm_req_canceled(struct tpm_chip  *chip, u8 status)
383{
384	struct proxy_dev *proxy_dev = dev_get_drvdata(&chip->dev);
385	bool ret;
386
387	mutex_lock(&proxy_dev->buf_lock);
388
389	ret = !(proxy_dev->state & STATE_OPENED_FLAG);
390
391	mutex_unlock(&proxy_dev->buf_lock);
392
393	return ret;
394}
395
396static int vtpm_proxy_request_locality(struct tpm_chip *chip, int locality)
397{
398	struct tpm_buf buf;
399	int rc;
400	const struct tpm_header *header;
401	struct proxy_dev *proxy_dev = dev_get_drvdata(&chip->dev);
402
403	if (chip->flags & TPM_CHIP_FLAG_TPM2)
404		rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS,
405				  TPM2_CC_SET_LOCALITY);
406	else
407		rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND,
408				  TPM_ORD_SET_LOCALITY);
409	if (rc)
410		return rc;
411	tpm_buf_append_u8(&buf, locality);
412
413	proxy_dev->state |= STATE_DRIVER_COMMAND;
414
415	rc = tpm_transmit_cmd(chip, &buf, 0, "attempting to set locality");
416
417	proxy_dev->state &= ~STATE_DRIVER_COMMAND;
418
419	if (rc < 0) {
420		locality = rc;
421		goto out;
422	}
423
424	header = (const struct tpm_header *)buf.data;
425	rc = be32_to_cpu(header->return_code);
426	if (rc)
427		locality = -1;
428
429out:
430	tpm_buf_destroy(&buf);
431
432	return locality;
433}
434
435static const struct tpm_class_ops vtpm_proxy_tpm_ops = {
436	.flags = TPM_OPS_AUTO_STARTUP,
437	.recv = vtpm_proxy_tpm_op_recv,
438	.send = vtpm_proxy_tpm_op_send,
439	.cancel = vtpm_proxy_tpm_op_cancel,
440	.status = vtpm_proxy_tpm_op_status,
441	.req_complete_mask = VTPM_PROXY_REQ_COMPLETE_FLAG,
442	.req_complete_val = VTPM_PROXY_REQ_COMPLETE_FLAG,
443	.req_canceled = vtpm_proxy_tpm_req_canceled,
444	.request_locality = vtpm_proxy_request_locality,
445};
446
447/*
448 * Code related to the startup of the TPM 2 and startup of TPM 1.2 +
449 * retrieval of timeouts and durations.
450 */
451
452static void vtpm_proxy_work(struct work_struct *work)
453{
454	struct proxy_dev *proxy_dev = container_of(work, struct proxy_dev,
455						   work);
456	int rc;
457
458	rc = tpm_chip_register(proxy_dev->chip);
459	if (rc)
460		vtpm_proxy_fops_undo_open(proxy_dev);
461	else
462		proxy_dev->state |= STATE_REGISTERED_FLAG;
463}
464
465/*
466 * vtpm_proxy_work_stop: make sure the work has finished
467 *
468 * This function is useful when user space closed the fd
469 * while the driver still determines timeouts.
470 */
471static void vtpm_proxy_work_stop(struct proxy_dev *proxy_dev)
472{
473	vtpm_proxy_fops_undo_open(proxy_dev);
474	flush_work(&proxy_dev->work);
475}
476
477/*
478 * vtpm_proxy_work_start: Schedule the work for TPM 1.2 & 2 initialization
479 */
480static inline void vtpm_proxy_work_start(struct proxy_dev *proxy_dev)
481{
482	queue_work(workqueue, &proxy_dev->work);
483}
484
485/*
486 * Code related to creation and deletion of device pairs
487 */
488static struct proxy_dev *vtpm_proxy_create_proxy_dev(void)
489{
490	struct proxy_dev *proxy_dev;
491	struct tpm_chip *chip;
492	int err;
493
494	proxy_dev = kzalloc(sizeof(*proxy_dev), GFP_KERNEL);
495	if (proxy_dev == NULL)
496		return ERR_PTR(-ENOMEM);
497
498	init_waitqueue_head(&proxy_dev->wq);
499	mutex_init(&proxy_dev->buf_lock);
500	INIT_WORK(&proxy_dev->work, vtpm_proxy_work);
501
502	chip = tpm_chip_alloc(NULL, &vtpm_proxy_tpm_ops);
503	if (IS_ERR(chip)) {
504		err = PTR_ERR(chip);
505		goto err_proxy_dev_free;
506	}
507	dev_set_drvdata(&chip->dev, proxy_dev);
508
509	proxy_dev->chip = chip;
510
511	return proxy_dev;
512
513err_proxy_dev_free:
514	kfree(proxy_dev);
515
516	return ERR_PTR(err);
517}
518
519/*
520 * Undo what has been done in vtpm_create_proxy_dev
521 */
522static inline void vtpm_proxy_delete_proxy_dev(struct proxy_dev *proxy_dev)
523{
524	put_device(&proxy_dev->chip->dev); /* frees chip */
525	kfree(proxy_dev);
526}
527
528/*
529 * Create a /dev/tpm%d and 'server side' file descriptor pair
530 *
531 * Return:
532 *      Returns file pointer on success, an error value otherwise
533 */
534static struct file *vtpm_proxy_create_device(
535				 struct vtpm_proxy_new_dev *vtpm_new_dev)
536{
537	struct proxy_dev *proxy_dev;
538	int rc, fd;
539	struct file *file;
540
541	if (vtpm_new_dev->flags & ~VTPM_PROXY_FLAGS_ALL)
542		return ERR_PTR(-EOPNOTSUPP);
543
544	proxy_dev = vtpm_proxy_create_proxy_dev();
545	if (IS_ERR(proxy_dev))
546		return ERR_CAST(proxy_dev);
547
548	proxy_dev->flags = vtpm_new_dev->flags;
549
550	/* setup an anonymous file for the server-side */
551	fd = get_unused_fd_flags(O_RDWR);
552	if (fd < 0) {
553		rc = fd;
554		goto err_delete_proxy_dev;
555	}
556
557	file = anon_inode_getfile("[vtpms]", &vtpm_proxy_fops, proxy_dev,
558				  O_RDWR);
559	if (IS_ERR(file)) {
560		rc = PTR_ERR(file);
561		goto err_put_unused_fd;
562	}
563
564	/* from now on we can unwind with put_unused_fd() + fput() */
565	/* simulate an open() on the server side */
566	vtpm_proxy_fops_open(file);
567
568	if (proxy_dev->flags & VTPM_PROXY_FLAG_TPM2)
569		proxy_dev->chip->flags |= TPM_CHIP_FLAG_TPM2;
570
571	vtpm_proxy_work_start(proxy_dev);
572
573	vtpm_new_dev->fd = fd;
574	vtpm_new_dev->major = MAJOR(proxy_dev->chip->dev.devt);
575	vtpm_new_dev->minor = MINOR(proxy_dev->chip->dev.devt);
576	vtpm_new_dev->tpm_num = proxy_dev->chip->dev_num;
577
578	return file;
579
580err_put_unused_fd:
581	put_unused_fd(fd);
582
583err_delete_proxy_dev:
584	vtpm_proxy_delete_proxy_dev(proxy_dev);
585
586	return ERR_PTR(rc);
587}
588
589/*
590 * Counter part to vtpm_create_device.
591 */
592static void vtpm_proxy_delete_device(struct proxy_dev *proxy_dev)
593{
594	vtpm_proxy_work_stop(proxy_dev);
595
596	/*
597	 * A client may hold the 'ops' lock, so let it know that the server
598	 * side shuts down before we try to grab the 'ops' lock when
599	 * unregistering the chip.
600	 */
601	vtpm_proxy_fops_undo_open(proxy_dev);
602
603	if (proxy_dev->state & STATE_REGISTERED_FLAG)
604		tpm_chip_unregister(proxy_dev->chip);
605
606	vtpm_proxy_delete_proxy_dev(proxy_dev);
607}
608
609/*
610 * Code related to the control device /dev/vtpmx
611 */
612
613/**
614 * vtpmx_ioc_new_dev - handler for the %VTPM_PROXY_IOC_NEW_DEV ioctl
615 * @file:	/dev/vtpmx
616 * @ioctl:	the ioctl number
617 * @arg:	pointer to the struct vtpmx_proxy_new_dev
618 *
619 * Creates an anonymous file that is used by the process acting as a TPM to
620 * communicate with the client processes. The function will also add a new TPM
621 * device through which data is proxied to this TPM acting process. The caller
622 * will be provided with a file descriptor to communicate with the clients and
623 * major and minor numbers for the TPM device.
624 */
625static long vtpmx_ioc_new_dev(struct file *file, unsigned int ioctl,
626			      unsigned long arg)
627{
628	void __user *argp = (void __user *)arg;
629	struct vtpm_proxy_new_dev __user *vtpm_new_dev_p;
630	struct vtpm_proxy_new_dev vtpm_new_dev;
631	struct file *vtpm_file;
632
633	if (!capable(CAP_SYS_ADMIN))
634		return -EPERM;
635
636	vtpm_new_dev_p = argp;
637
638	if (copy_from_user(&vtpm_new_dev, vtpm_new_dev_p,
639			   sizeof(vtpm_new_dev)))
640		return -EFAULT;
641
642	vtpm_file = vtpm_proxy_create_device(&vtpm_new_dev);
643	if (IS_ERR(vtpm_file))
644		return PTR_ERR(vtpm_file);
645
646	if (copy_to_user(vtpm_new_dev_p, &vtpm_new_dev,
647			 sizeof(vtpm_new_dev))) {
648		put_unused_fd(vtpm_new_dev.fd);
649		fput(vtpm_file);
650		return -EFAULT;
651	}
652
653	fd_install(vtpm_new_dev.fd, vtpm_file);
654	return 0;
655}
656
657/*
658 * vtpmx_fops_ioctl: ioctl on /dev/vtpmx
659 *
660 * Return:
661 *      Returns 0 on success, a negative error code otherwise.
662 */
663static long vtpmx_fops_ioctl(struct file *f, unsigned int ioctl,
664			     unsigned long arg)
665{
666	switch (ioctl) {
667	case VTPM_PROXY_IOC_NEW_DEV:
668		return vtpmx_ioc_new_dev(f, ioctl, arg);
669	default:
670		return -ENOIOCTLCMD;
671	}
672}
673
674static const struct file_operations vtpmx_fops = {
675	.owner = THIS_MODULE,
676	.unlocked_ioctl = vtpmx_fops_ioctl,
677	.compat_ioctl = compat_ptr_ioctl,
678	.llseek = noop_llseek,
679};
680
681static struct miscdevice vtpmx_miscdev = {
682	.minor = MISC_DYNAMIC_MINOR,
683	.name = "vtpmx",
684	.fops = &vtpmx_fops,
685};
686
687static int __init vtpm_module_init(void)
688{
689	int rc;
690
691	workqueue = create_workqueue("tpm-vtpm");
692	if (!workqueue) {
693		pr_err("couldn't create workqueue\n");
694		return -ENOMEM;
695	}
696
697	rc = misc_register(&vtpmx_miscdev);
698	if (rc) {
699		pr_err("couldn't create vtpmx device\n");
700		destroy_workqueue(workqueue);
701	}
702
703	return rc;
704}
705
706static void __exit vtpm_module_exit(void)
707{
708	destroy_workqueue(workqueue);
709	misc_deregister(&vtpmx_miscdev);
710}
711
712module_init(vtpm_module_init);
713module_exit(vtpm_module_exit);
714
715MODULE_AUTHOR("Stefan Berger <stefanb@us.ibm.com>");
716MODULE_DESCRIPTION("vTPM Driver");
717MODULE_VERSION("0.1");
718MODULE_LICENSE("GPL");