Commit | Line | Data |
---|---|---|
5d0682be SG |
1 | // SPDX-License-Identifier: GPL-2.0-only |
2 | /* | |
3 | * Copyright (C) 2010 IBM Corporation | |
4 | * Copyright (c) 2019-2021, Linaro Limited | |
5 | * | |
6 | * See Documentation/security/keys/trusted-encrypted.rst | |
7 | */ | |
8 | ||
9 | #include <keys/user-type.h> | |
10 | #include <keys/trusted-type.h> | |
0a95ebc9 | 11 | #include <keys/trusted_tee.h> |
e9c5048c | 12 | #include <keys/trusted_caam.h> |
5d0682be SG |
13 | #include <keys/trusted_tpm.h> |
14 | #include <linux/capability.h> | |
15 | #include <linux/err.h> | |
16 | #include <linux/init.h> | |
17 | #include <linux/key-type.h> | |
18 | #include <linux/module.h> | |
19 | #include <linux/parser.h> | |
fcd7c269 | 20 | #include <linux/random.h> |
5d0682be SG |
21 | #include <linux/rcupdate.h> |
22 | #include <linux/slab.h> | |
23 | #include <linux/static_call.h> | |
24 | #include <linux/string.h> | |
25 | #include <linux/uaccess.h> | |
26 | ||
fcd7c269 AF |
27 | static char *trusted_rng = "default"; |
28 | module_param_named(rng, trusted_rng, charp, 0); | |
29 | MODULE_PARM_DESC(rng, "Select trusted key RNG"); | |
30 | ||
5d0682be SG |
31 | static char *trusted_key_source; |
32 | module_param_named(source, trusted_key_source, charp, 0); | |
e9c5048c | 33 | MODULE_PARM_DESC(source, "Select trusted keys source (tpm, tee or caam)"); |
5d0682be SG |
34 | |
35 | static const struct trusted_key_source trusted_key_sources[] = { | |
be07858f | 36 | #if defined(CONFIG_TRUSTED_KEYS_TPM) |
5d0682be SG |
37 | { "tpm", &trusted_key_tpm_ops }, |
38 | #endif | |
be07858f | 39 | #if defined(CONFIG_TRUSTED_KEYS_TEE) |
0a95ebc9 SG |
40 | { "tee", &trusted_key_tee_ops }, |
41 | #endif | |
e9c5048c AF |
42 | #if defined(CONFIG_TRUSTED_KEYS_CAAM) |
43 | { "caam", &trusted_key_caam_ops }, | |
44 | #endif | |
5d0682be SG |
45 | }; |
46 | ||
5d0682be SG |
47 | DEFINE_STATIC_CALL_NULL(trusted_key_seal, *trusted_key_sources[0].ops->seal); |
48 | DEFINE_STATIC_CALL_NULL(trusted_key_unseal, | |
49 | *trusted_key_sources[0].ops->unseal); | |
50 | DEFINE_STATIC_CALL_NULL(trusted_key_get_random, | |
51 | *trusted_key_sources[0].ops->get_random); | |
01bbafc6 | 52 | static void (*trusted_key_exit)(void); |
5d0682be SG |
53 | static unsigned char migratable; |
54 | ||
55 | enum { | |
56 | Opt_err, | |
57 | Opt_new, Opt_load, Opt_update, | |
58 | }; | |
59 | ||
60 | static const match_table_t key_tokens = { | |
61 | {Opt_new, "new"}, | |
62 | {Opt_load, "load"}, | |
63 | {Opt_update, "update"}, | |
64 | {Opt_err, NULL} | |
65 | }; | |
66 | ||
67 | /* | |
68 | * datablob_parse - parse the keyctl data and fill in the | |
69 | * payload structure | |
70 | * | |
71 | * On success returns 0, otherwise -EINVAL. | |
72 | */ | |
60dc5f1b | 73 | static int datablob_parse(char **datablob, struct trusted_key_payload *p) |
5d0682be SG |
74 | { |
75 | substring_t args[MAX_OPT_ARGS]; | |
76 | long keylen; | |
77 | int ret = -EINVAL; | |
78 | int key_cmd; | |
79 | char *c; | |
80 | ||
81 | /* main command */ | |
60dc5f1b | 82 | c = strsep(datablob, " \t"); |
5d0682be SG |
83 | if (!c) |
84 | return -EINVAL; | |
85 | key_cmd = match_token(c, key_tokens, args); | |
86 | switch (key_cmd) { | |
87 | case Opt_new: | |
88 | /* first argument is key size */ | |
60dc5f1b | 89 | c = strsep(datablob, " \t"); |
5d0682be SG |
90 | if (!c) |
91 | return -EINVAL; | |
92 | ret = kstrtol(c, 10, &keylen); | |
93 | if (ret < 0 || keylen < MIN_KEY_SIZE || keylen > MAX_KEY_SIZE) | |
94 | return -EINVAL; | |
95 | p->key_len = keylen; | |
96 | ret = Opt_new; | |
97 | break; | |
98 | case Opt_load: | |
99 | /* first argument is sealed blob */ | |
60dc5f1b | 100 | c = strsep(datablob, " \t"); |
5d0682be SG |
101 | if (!c) |
102 | return -EINVAL; | |
103 | p->blob_len = strlen(c) / 2; | |
104 | if (p->blob_len > MAX_BLOB_SIZE) | |
105 | return -EINVAL; | |
106 | ret = hex2bin(p->blob, c, p->blob_len); | |
107 | if (ret < 0) | |
108 | return -EINVAL; | |
109 | ret = Opt_load; | |
110 | break; | |
111 | case Opt_update: | |
112 | ret = Opt_update; | |
113 | break; | |
114 | case Opt_err: | |
115 | return -EINVAL; | |
116 | } | |
117 | return ret; | |
118 | } | |
119 | ||
120 | static struct trusted_key_payload *trusted_payload_alloc(struct key *key) | |
121 | { | |
122 | struct trusted_key_payload *p = NULL; | |
123 | int ret; | |
124 | ||
125 | ret = key_payload_reserve(key, sizeof(*p)); | |
126 | if (ret < 0) | |
aec00aa0 | 127 | goto err; |
5d0682be | 128 | p = kzalloc(sizeof(*p), GFP_KERNEL); |
aec00aa0 CIK |
129 | if (!p) |
130 | goto err; | |
5d0682be SG |
131 | |
132 | p->migratable = migratable; | |
aec00aa0 | 133 | err: |
5d0682be SG |
134 | return p; |
135 | } | |
136 | ||
137 | /* | |
138 | * trusted_instantiate - create a new trusted key | |
139 | * | |
140 | * Unseal an existing trusted blob or, for a new key, get a | |
141 | * random key, then seal and create a trusted key-type key, | |
142 | * adding it to the specified keyring. | |
143 | * | |
144 | * On success, return 0. Otherwise return errno. | |
145 | */ | |
146 | static int trusted_instantiate(struct key *key, | |
147 | struct key_preparsed_payload *prep) | |
148 | { | |
149 | struct trusted_key_payload *payload = NULL; | |
150 | size_t datalen = prep->datalen; | |
60dc5f1b | 151 | char *datablob, *orig_datablob; |
5d0682be SG |
152 | int ret = 0; |
153 | int key_cmd; | |
154 | size_t key_len; | |
155 | ||
156 | if (datalen <= 0 || datalen > 32767 || !prep->data) | |
157 | return -EINVAL; | |
158 | ||
60dc5f1b | 159 | orig_datablob = datablob = kmalloc(datalen + 1, GFP_KERNEL); |
5d0682be SG |
160 | if (!datablob) |
161 | return -ENOMEM; | |
162 | memcpy(datablob, prep->data, datalen); | |
163 | datablob[datalen] = '\0'; | |
164 | ||
165 | payload = trusted_payload_alloc(key); | |
166 | if (!payload) { | |
167 | ret = -ENOMEM; | |
168 | goto out; | |
169 | } | |
170 | ||
60dc5f1b | 171 | key_cmd = datablob_parse(&datablob, payload); |
5d0682be SG |
172 | if (key_cmd < 0) { |
173 | ret = key_cmd; | |
174 | goto out; | |
175 | } | |
176 | ||
177 | dump_payload(payload); | |
178 | ||
179 | switch (key_cmd) { | |
180 | case Opt_load: | |
181 | ret = static_call(trusted_key_unseal)(payload, datablob); | |
182 | dump_payload(payload); | |
183 | if (ret < 0) | |
184 | pr_info("key_unseal failed (%d)\n", ret); | |
185 | break; | |
186 | case Opt_new: | |
187 | key_len = payload->key_len; | |
188 | ret = static_call(trusted_key_get_random)(payload->key, | |
189 | key_len); | |
190 | if (ret < 0) | |
191 | goto out; | |
192 | ||
193 | if (ret != key_len) { | |
194 | pr_info("key_create failed (%d)\n", ret); | |
195 | ret = -EIO; | |
196 | goto out; | |
197 | } | |
198 | ||
199 | ret = static_call(trusted_key_seal)(payload, datablob); | |
200 | if (ret < 0) | |
201 | pr_info("key_seal failed (%d)\n", ret); | |
202 | break; | |
203 | default: | |
204 | ret = -EINVAL; | |
205 | } | |
206 | out: | |
60dc5f1b | 207 | kfree_sensitive(orig_datablob); |
5d0682be SG |
208 | if (!ret) |
209 | rcu_assign_keypointer(key, payload); | |
210 | else | |
211 | kfree_sensitive(payload); | |
212 | return ret; | |
213 | } | |
214 | ||
215 | static void trusted_rcu_free(struct rcu_head *rcu) | |
216 | { | |
217 | struct trusted_key_payload *p; | |
218 | ||
219 | p = container_of(rcu, struct trusted_key_payload, rcu); | |
220 | kfree_sensitive(p); | |
221 | } | |
222 | ||
223 | /* | |
224 | * trusted_update - reseal an existing key with new PCR values | |
225 | */ | |
226 | static int trusted_update(struct key *key, struct key_preparsed_payload *prep) | |
227 | { | |
228 | struct trusted_key_payload *p; | |
229 | struct trusted_key_payload *new_p; | |
230 | size_t datalen = prep->datalen; | |
60dc5f1b | 231 | char *datablob, *orig_datablob; |
5d0682be SG |
232 | int ret = 0; |
233 | ||
234 | if (key_is_negative(key)) | |
235 | return -ENOKEY; | |
236 | p = key->payload.data[0]; | |
237 | if (!p->migratable) | |
238 | return -EPERM; | |
239 | if (datalen <= 0 || datalen > 32767 || !prep->data) | |
240 | return -EINVAL; | |
241 | ||
60dc5f1b | 242 | orig_datablob = datablob = kmalloc(datalen + 1, GFP_KERNEL); |
5d0682be SG |
243 | if (!datablob) |
244 | return -ENOMEM; | |
245 | ||
246 | new_p = trusted_payload_alloc(key); | |
247 | if (!new_p) { | |
248 | ret = -ENOMEM; | |
249 | goto out; | |
250 | } | |
251 | ||
252 | memcpy(datablob, prep->data, datalen); | |
253 | datablob[datalen] = '\0'; | |
60dc5f1b | 254 | ret = datablob_parse(&datablob, new_p); |
5d0682be SG |
255 | if (ret != Opt_update) { |
256 | ret = -EINVAL; | |
257 | kfree_sensitive(new_p); | |
258 | goto out; | |
259 | } | |
260 | ||
261 | /* copy old key values, and reseal with new pcrs */ | |
262 | new_p->migratable = p->migratable; | |
263 | new_p->key_len = p->key_len; | |
264 | memcpy(new_p->key, p->key, p->key_len); | |
265 | dump_payload(p); | |
266 | dump_payload(new_p); | |
267 | ||
268 | ret = static_call(trusted_key_seal)(new_p, datablob); | |
269 | if (ret < 0) { | |
270 | pr_info("key_seal failed (%d)\n", ret); | |
271 | kfree_sensitive(new_p); | |
272 | goto out; | |
273 | } | |
274 | ||
275 | rcu_assign_keypointer(key, new_p); | |
276 | call_rcu(&p->rcu, trusted_rcu_free); | |
277 | out: | |
60dc5f1b | 278 | kfree_sensitive(orig_datablob); |
5d0682be SG |
279 | return ret; |
280 | } | |
281 | ||
282 | /* | |
283 | * trusted_read - copy the sealed blob data to userspace in hex. | |
284 | * On success, return to userspace the trusted key datablob size. | |
285 | */ | |
286 | static long trusted_read(const struct key *key, char *buffer, | |
287 | size_t buflen) | |
288 | { | |
289 | const struct trusted_key_payload *p; | |
290 | char *bufp; | |
291 | int i; | |
292 | ||
293 | p = dereference_key_locked(key); | |
294 | if (!p) | |
295 | return -EINVAL; | |
296 | ||
297 | if (buffer && buflen >= 2 * p->blob_len) { | |
298 | bufp = buffer; | |
299 | for (i = 0; i < p->blob_len; i++) | |
300 | bufp = hex_byte_pack(bufp, p->blob[i]); | |
301 | } | |
302 | return 2 * p->blob_len; | |
303 | } | |
304 | ||
305 | /* | |
306 | * trusted_destroy - clear and free the key's payload | |
307 | */ | |
308 | static void trusted_destroy(struct key *key) | |
309 | { | |
310 | kfree_sensitive(key->payload.data[0]); | |
311 | } | |
312 | ||
313 | struct key_type key_type_trusted = { | |
314 | .name = "trusted", | |
315 | .instantiate = trusted_instantiate, | |
316 | .update = trusted_update, | |
317 | .destroy = trusted_destroy, | |
318 | .describe = user_describe, | |
319 | .read = trusted_read, | |
320 | }; | |
321 | EXPORT_SYMBOL_GPL(key_type_trusted); | |
322 | ||
fcd7c269 AF |
323 | static int kernel_get_random(unsigned char *key, size_t key_len) |
324 | { | |
325 | return get_random_bytes_wait(key, key_len) ?: key_len; | |
326 | } | |
327 | ||
5d0682be SG |
328 | static int __init init_trusted(void) |
329 | { | |
fcd7c269 | 330 | int (*get_random)(unsigned char *key, size_t key_len); |
5d0682be SG |
331 | int i, ret = 0; |
332 | ||
333 | for (i = 0; i < ARRAY_SIZE(trusted_key_sources); i++) { | |
334 | if (trusted_key_source && | |
335 | strncmp(trusted_key_source, trusted_key_sources[i].name, | |
336 | strlen(trusted_key_sources[i].name))) | |
337 | continue; | |
338 | ||
fcd7c269 AF |
339 | /* |
340 | * We always support trusted.rng="kernel" and "default" as | |
341 | * well as trusted.rng=$trusted.source if the trust source | |
342 | * defines its own get_random callback. | |
343 | */ | |
344 | get_random = trusted_key_sources[i].ops->get_random; | |
345 | if (trusted_rng && strcmp(trusted_rng, "default")) { | |
346 | if (!strcmp(trusted_rng, "kernel")) { | |
347 | get_random = kernel_get_random; | |
348 | } else if (strcmp(trusted_rng, trusted_key_sources[i].name) || | |
349 | !get_random) { | |
350 | pr_warn("Unsupported RNG. Supported: kernel"); | |
351 | if (get_random) | |
352 | pr_cont(", %s", trusted_key_sources[i].name); | |
353 | pr_cont(", default\n"); | |
354 | return -EINVAL; | |
355 | } | |
356 | } | |
357 | ||
358 | if (!get_random) | |
359 | get_random = kernel_get_random; | |
360 | ||
5d0682be SG |
361 | static_call_update(trusted_key_seal, |
362 | trusted_key_sources[i].ops->seal); | |
363 | static_call_update(trusted_key_unseal, | |
364 | trusted_key_sources[i].ops->unseal); | |
365 | static_call_update(trusted_key_get_random, | |
fcd7c269 | 366 | get_random); |
01bbafc6 | 367 | trusted_key_exit = trusted_key_sources[i].ops->exit; |
5d0682be SG |
368 | migratable = trusted_key_sources[i].ops->migratable; |
369 | ||
01bbafc6 | 370 | ret = trusted_key_sources[i].ops->init(); |
5d0682be SG |
371 | if (!ret) |
372 | break; | |
373 | } | |
374 | ||
375 | /* | |
376 | * encrypted_keys.ko depends on successful load of this module even if | |
377 | * trusted key implementation is not found. | |
378 | */ | |
379 | if (ret == -ENODEV) | |
380 | return 0; | |
381 | ||
382 | return ret; | |
383 | } | |
384 | ||
385 | static void __exit cleanup_trusted(void) | |
386 | { | |
01bbafc6 SG |
387 | if (trusted_key_exit) |
388 | (*trusted_key_exit)(); | |
5d0682be SG |
389 | } |
390 | ||
391 | late_initcall(init_trusted); | |
392 | module_exit(cleanup_trusted); | |
393 | ||
394 | MODULE_LICENSE("GPL"); |