aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2013-02-21 11:18:12 -0500
committerLinus Torvalds <torvalds@linux-foundation.org>2013-02-21 11:18:12 -0500
commit33673dcb372b5d8179c22127ca71deb5f3dc7016 (patch)
treed182e9dc6aa127375a92b5eb619d6cd2ddc23ce7
parentfe9453a1dcb5fb146f9653267e78f4a558066f6f (diff)
parent5b2660326039a32b28766cb4c1a8b1bdcfadc375 (diff)
Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem updates from James Morris: "This is basically a maintenance update for the TPM driver and EVM/IMA" Fix up conflicts in lib/digsig.c and security/integrity/ima/ima_main.c * 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (45 commits) tpm/ibmvtpm: build only when IBM pseries is configured ima: digital signature verification using asymmetric keys ima: rename hash calculation functions ima: use new crypto_shash API instead of old crypto_hash ima: add policy support for file system uuid evm: add file system uuid to EVM hmac tpm_tis: check pnp_acpi_device return code char/tpm/tpm_i2c_stm_st33: drop temporary variable for return value char/tpm/tpm_i2c_stm_st33: remove dead assignment in tpm_st33_i2c_probe char/tpm/tpm_i2c_stm_st33: Remove __devexit attribute char/tpm/tpm_i2c_stm_st33: Don't use memcpy for one byte assignment tpm_i2c_stm_st33: removed unused variables/code TPM: Wait for TPM_ACCESS tpmRegValidSts to go high at startup tpm: Fix cancellation of TPM commands (interrupt mode) tpm: Fix cancellation of TPM commands (polling mode) tpm: Store TPM vendor ID TPM: Work around buggy TPMs that block during continue self test tpm_i2c_stm_st33: fix oops when i2c client is unavailable char/tpm: Use struct dev_pm_ops for power management TPM: STMicroelectronics ST33 I2C BUILD STUFF ...
Diffstat
-rw-r--r--Documentation/ABI/stable/sysfs-class-tpm185
-rw-r--r--Documentation/ABI/testing/ima_policy10
-rw-r--r--drivers/char/tpm/Kconfig12
-rw-r--r--drivers/char/tpm/Makefile1
-rw-r--r--drivers/char/tpm/tpm.c114
-rw-r--r--drivers/char/tpm/tpm.h52
-rw-r--r--drivers/char/tpm/tpm_acpi.c8
-rw-r--r--drivers/char/tpm/tpm_atmel.c7
-rw-r--r--drivers/char/tpm/tpm_i2c_infineon.c7
-rw-r--r--drivers/char/tpm/tpm_i2c_stm_st33.c887
-rw-r--r--drivers/char/tpm/tpm_i2c_stm_st33.h61
-rw-r--r--drivers/char/tpm/tpm_ibmvtpm.c15
-rw-r--r--drivers/char/tpm/tpm_nsc.c7
-rw-r--r--drivers/char/tpm/tpm_tis.c64
-rw-r--r--lib/digsig.c41
-rw-r--r--lib/mpi/mpi-internal.h4
-rw-r--r--lib/mpi/mpicoder.c8
-rw-r--r--security/integrity/Kconfig12
-rw-r--r--security/integrity/Makefile1
-rw-r--r--security/integrity/digsig.c11
-rw-r--r--security/integrity/digsig_asymmetric.c115
-rw-r--r--security/integrity/evm/Kconfig13
-rw-r--r--security/integrity/evm/evm.h2
-rw-r--r--security/integrity/evm/evm_crypto.c3
-rw-r--r--security/integrity/evm/evm_main.c10
-rw-r--r--security/integrity/evm/evm_secfs.c6
-rw-r--r--security/integrity/iint.c10
-rw-r--r--security/integrity/ima/ima.h21
-rw-r--r--security/integrity/ima/ima_api.c27
-rw-r--r--security/integrity/ima/ima_appraise.c92
-rw-r--r--security/integrity/ima/ima_crypto.c81
-rw-r--r--security/integrity/ima/ima_init.c3
-rw-r--r--security/integrity/ima/ima_main.c138
-rw-r--r--security/integrity/ima/ima_policy.c138
-rw-r--r--security/integrity/integrity.h62
35 files changed, 1917 insertions, 311 deletions
diff --git a/Documentation/ABI/stable/sysfs-class-tpm b/Documentation/ABI/stable/sysfs-class-tpm
new file mode 100644
index 000000000000..a60b45e2493b
--- /dev/null
+++ b/Documentation/ABI/stable/sysfs-class-tpm
@@ -0,0 +1,185 @@
1What: /sys/class/misc/tpmX/device/
2Date: April 2005
3KernelVersion: 2.6.12
4Contact: tpmdd-devel@lists.sf.net
5Description: The device/ directory under a specific TPM instance exposes
6 the properties of that TPM chip
7
8
9What: /sys/class/misc/tpmX/device/active
10Date: April 2006
11KernelVersion: 2.6.17
12Contact: tpmdd-devel@lists.sf.net
13Description: The "active" property prints a '1' if the TPM chip is accepting
14 commands. An inactive TPM chip still contains all the state of
15 an active chip (Storage Root Key, NVRAM, etc), and can be
16 visible to the OS, but will only accept a restricted set of
17 commands. See the TPM Main Specification part 2, Structures,
18 section 17 for more information on which commands are
19 available.
20
21What: /sys/class/misc/tpmX/device/cancel
22Date: June 2005
23KernelVersion: 2.6.13
24Contact: tpmdd-devel@lists.sf.net
25Description: The "cancel" property allows you to cancel the currently
26 pending TPM command. Writing any value to cancel will call the
27 TPM vendor specific cancel operation.
28
29What: /sys/class/misc/tpmX/device/caps
30Date: April 2005
31KernelVersion: 2.6.12
32Contact: tpmdd-devel@lists.sf.net
33Description: The "caps" property contains TPM manufacturer and version info.
34
35 Example output:
36
37 Manufacturer: 0x53544d20
38 TCG version: 1.2
39 Firmware version: 8.16
40
41 Manufacturer is a hex dump of the 4 byte manufacturer info
42 space in a TPM. TCG version shows the TCG TPM spec level that
43 the chip supports. Firmware version is that of the chip and
44 is manufacturer specific.
45
46What: /sys/class/misc/tpmX/device/durations
47Date: March 2011
48KernelVersion: 3.1
49Contact: tpmdd-devel@lists.sf.net
50Description: The "durations" property shows the 3 vendor-specific values
51 used to wait for a short, medium and long TPM command. All
52 TPM commands are categorized as short, medium or long in
53 execution time, so that the driver doesn't have to wait
54 any longer than necessary before starting to poll for a
55 result.
56
57 Example output:
58
59 3015000 4508000 180995000 [original]
60
61 Here the short, medium and long durations are displayed in
62 usecs. "[original]" indicates that the values are displayed
63 unmodified from when they were queried from the chip.
64 Durations can be modified in the case where a buggy chip
65 reports them in msec instead of usec and they need to be
66 scaled to be displayed in usecs. In this case "[adjusted]"
67 will be displayed in place of "[original]".
68
69What: /sys/class/misc/tpmX/device/enabled
70Date: April 2006
71KernelVersion: 2.6.17
72Contact: tpmdd-devel@lists.sf.net
73Description: The "enabled" property prints a '1' if the TPM chip is enabled,
74 meaning that it should be visible to the OS. This property
75 may be visible but produce a '0' after some operation that
76 disables the TPM.
77
78What: /sys/class/misc/tpmX/device/owned
79Date: April 2006
80KernelVersion: 2.6.17
81Contact: tpmdd-devel@lists.sf.net
82Description: The "owned" property produces a '1' if the TPM_TakeOwnership
83 ordinal has been executed successfully in the chip. A '0'
84 indicates that ownership hasn't been taken.
85
86What: /sys/class/misc/tpmX/device/pcrs
87Date: April 2005
88KernelVersion: 2.6.12
89Contact: tpmdd-devel@lists.sf.net
90Description: The "pcrs" property will dump the current value of all Platform
91 Configuration Registers in the TPM. Note that since these
92 values may be constantly changing, the output is only valid
93 for a snapshot in time.
94
95 Example output:
96
97 PCR-00: 3A 3F 78 0F 11 A4 B4 99 69 FC AA 80 CD 6E 39 57 C3 3B 22 75
98 PCR-01: 3A 3F 78 0F 11 A4 B4 99 69 FC AA 80 CD 6E 39 57 C3 3B 22 75
99 PCR-02: 3A 3F 78 0F 11 A4 B4 99 69 FC AA 80 CD 6E 39 57 C3 3B 22 75
100 PCR-03: 3A 3F 78 0F 11 A4 B4 99 69 FC AA 80 CD 6E 39 57 C3 3B 22 75
101 PCR-04: 3A 3F 78 0F 11 A4 B4 99 69 FC AA 80 CD 6E 39 57 C3 3B 22 75
102 ...
103
104 The number of PCRs and hex bytes needed to represent a PCR
105 value will vary depending on TPM chip version. For TPM 1.1 and
106 1.2 chips, PCRs represent SHA-1 hashes, which are 20 bytes
107 long. Use the "caps" property to determine TPM version.
108
109What: /sys/class/misc/tpmX/device/pubek
110Date: April 2005
111KernelVersion: 2.6.12
112Contact: tpmdd-devel@lists.sf.net
113Description: The "pubek" property will return the TPM's public endorsement
114 key if possible. If the TPM has had ownership established and
115 is version 1.2, the pubek will not be available without the
116 owner's authorization. Since the TPM driver doesn't store any
117 secrets, it can't authorize its own request for the pubek,
118 making it unaccessible. The public endorsement key is gener-
119 ated at TPM menufacture time and exists for the life of the
120 chip.
121
122 Example output:
123
124 Algorithm: 00 00 00 01
125 Encscheme: 00 03
126 Sigscheme: 00 01
127 Parameters: 00 00 08 00 00 00 00 02 00 00 00 00
128 Modulus length: 256
129 Modulus:
130 B4 76 41 82 C9 20 2C 10 18 40 BC 8B E5 44 4C 6C
131 3A B2 92 0C A4 9B 2A 83 EB 5C 12 85 04 48 A0 B6
132 1E E4 81 84 CE B2 F2 45 1C F0 85 99 61 02 4D EB
133 86 C4 F7 F3 29 60 52 93 6B B2 E5 AB 8B A9 09 E3
134 D7 0E 7D CA 41 BF 43 07 65 86 3C 8C 13 7A D0 8B
135 82 5E 96 0B F8 1F 5F 34 06 DA A2 52 C1 A9 D5 26
136 0F F4 04 4B D9 3F 2D F2 AC 2F 74 64 1F 8B CD 3E
137 1E 30 38 6C 70 63 69 AB E2 50 DF 49 05 2E E1 8D
138 6F 78 44 DA 57 43 69 EE 76 6C 38 8A E9 8E A3 F0
139 A7 1F 3C A8 D0 12 15 3E CA 0E BD FA 24 CD 33 C6
140 47 AE A4 18 83 8E 22 39 75 93 86 E6 FD 66 48 B6
141 10 AD 94 14 65 F9 6A 17 78 BD 16 53 84 30 BF 70
142 E0 DC 65 FD 3C C6 B0 1E BF B9 C1 B5 6C EF B1 3A
143 F8 28 05 83 62 26 11 DC B4 6B 5A 97 FF 32 26 B6
144 F7 02 71 CF 15 AE 16 DD D1 C1 8E A8 CF 9B 50 7B
145 C3 91 FF 44 1E CF 7C 39 FE 17 77 21 20 BD CE 9B
146
147 Possible values:
148
149 Algorithm: TPM_ALG_RSA (1)
150 Encscheme: TPM_ES_RSAESPKCSv15 (2)
151 TPM_ES_RSAESOAEP_SHA1_MGF1 (3)
152 Sigscheme: TPM_SS_NONE (1)
153 Parameters, a byte string of 3 u32 values:
154 Key Length (bits): 00 00 08 00 (2048)
155 Num primes: 00 00 00 02 (2)
156 Exponent Size: 00 00 00 00 (0 means the
157 default exp)
158 Modulus Length: 256 (bytes)
159 Modulus: The 256 byte Endorsement Key modulus
160
161What: /sys/class/misc/tpmX/device/temp_deactivated
162Date: April 2006
163KernelVersion: 2.6.17
164Contact: tpmdd-devel@lists.sf.net
165Description: The "temp_deactivated" property returns a '1' if the chip has
166 been temporarily dectivated, usually until the next power
167 cycle. Whether a warm boot (reboot) will clear a TPM chip
168 from a temp_deactivated state is platform specific.
169
170What: /sys/class/misc/tpmX/device/timeouts
171Date: March 2011
172KernelVersion: 3.1
173Contact: tpmdd-devel@lists.sf.net
174Description: The "timeouts" property shows the 4 vendor-specific values
175 for the TPM's interface spec timeouts. The use of these
176 timeouts is defined by the TPM interface spec that the chip
177 conforms to.
178
179 Example output:
180
181 750000 750000 750000 750000 [original]
182
183 The four timeout values are shown in usecs, with a trailing
184 "[original]" or "[adjusted]" depending on whether the values
185 were scaled by the driver to be reported in usec from msecs.
diff --git a/Documentation/ABI/testing/ima_policy b/Documentation/ABI/testing/ima_policy
index ec0a38ef3145..f1c5cc9d17a8 100644
--- a/Documentation/ABI/testing/ima_policy
+++ b/Documentation/ABI/testing/ima_policy
@@ -18,17 +18,21 @@ Description:
18 rule format: action [condition ...] 18 rule format: action [condition ...]
19 19
20 action: measure | dont_measure | appraise | dont_appraise | audit 20 action: measure | dont_measure | appraise | dont_appraise | audit
21 condition:= base | lsm 21 condition:= base | lsm [option]
22 base: [[func=] [mask=] [fsmagic=] [uid=] [fowner]] 22 base: [[func=] [mask=] [fsmagic=] [fsuuid=] [uid=]
23 [fowner]]
23 lsm: [[subj_user=] [subj_role=] [subj_type=] 24 lsm: [[subj_user=] [subj_role=] [subj_type=]
24 [obj_user=] [obj_role=] [obj_type=]] 25 [obj_user=] [obj_role=] [obj_type=]]
26 option: [[appraise_type=]]
25 27
26 base: func:= [BPRM_CHECK][FILE_MMAP][FILE_CHECK][MODULE_CHECK] 28 base: func:= [BPRM_CHECK][MMAP_CHECK][FILE_CHECK][MODULE_CHECK]
27 mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC] 29 mask:= [MAY_READ] [MAY_WRITE] [MAY_APPEND] [MAY_EXEC]
28 fsmagic:= hex value 30 fsmagic:= hex value
31 fsuuid:= file system UUID (e.g 8bcbe394-4f13-4144-be8e-5aa9ea2ce2f6)
29 uid:= decimal value 32 uid:= decimal value
30 fowner:=decimal value 33 fowner:=decimal value
31 lsm: are LSM specific 34 lsm: are LSM specific
35 option: appraise_type:= [imasig]
32 36
33 default policy: 37 default policy:
34 # PROC_SUPER_MAGIC 38 # PROC_SUPER_MAGIC
diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
index 915875e431d2..dbfd56446c31 100644
--- a/drivers/char/tpm/Kconfig
+++ b/drivers/char/tpm/Kconfig
@@ -75,10 +75,20 @@ config TCG_INFINEON
75 75
76config TCG_IBMVTPM 76config TCG_IBMVTPM
77 tristate "IBM VTPM Interface" 77 tristate "IBM VTPM Interface"
78 depends on PPC64 78 depends on PPC_PSERIES
79 ---help--- 79 ---help---
80 If you have IBM virtual TPM (VTPM) support say Yes and it 80 If you have IBM virtual TPM (VTPM) support say Yes and it
81 will be accessible from within Linux. To compile this driver 81 will be accessible from within Linux. To compile this driver
82 as a module, choose M here; the module will be called tpm_ibmvtpm. 82 as a module, choose M here; the module will be called tpm_ibmvtpm.
83 83
84config TCG_ST33_I2C
85 tristate "STMicroelectronics ST33 I2C TPM"
86 depends on I2C
87 depends on GPIOLIB
88 ---help---
89 If you have a TPM security chip from STMicroelectronics working with
90 an I2C bus say Yes and it will be accessible from within Linux.
91 To compile this driver as a module, choose M here; the module will be
92 called tpm_stm_st33_i2c.
93
84endif # TCG_TPM 94endif # TCG_TPM
diff --git a/drivers/char/tpm/Makefile b/drivers/char/tpm/Makefile
index 5b3fc8bc6c13..a3736c97c65a 100644
--- a/drivers/char/tpm/Makefile
+++ b/drivers/char/tpm/Makefile
@@ -17,3 +17,4 @@ obj-$(CONFIG_TCG_NSC) += tpm_nsc.o
17obj-$(CONFIG_TCG_ATMEL) += tpm_atmel.o 17obj-$(CONFIG_TCG_ATMEL) += tpm_atmel.o
18obj-$(CONFIG_TCG_INFINEON) += tpm_infineon.o 18obj-$(CONFIG_TCG_INFINEON) += tpm_infineon.o
19obj-$(CONFIG_TCG_IBMVTPM) += tpm_ibmvtpm.o 19obj-$(CONFIG_TCG_IBMVTPM) += tpm_ibmvtpm.o
20obj-$(CONFIG_TCG_ST33_I2C) += tpm_i2c_stm_st33.o
diff --git a/drivers/char/tpm/tpm.c b/drivers/char/tpm/tpm.c
index 93211df52aab..0d2e82f95577 100644
--- a/drivers/char/tpm/tpm.c
+++ b/drivers/char/tpm/tpm.c
@@ -40,8 +40,9 @@ enum tpm_duration {
40}; 40};
41 41
42#define TPM_MAX_ORDINAL 243 42#define TPM_MAX_ORDINAL 243
43#define TPM_MAX_PROTECTED_ORDINAL 12 43#define TSC_MAX_ORDINAL 12
44#define TPM_PROTECTED_ORDINAL_MASK 0xFF 44#define TPM_PROTECTED_COMMAND 0x00
45#define TPM_CONNECTION_COMMAND 0x40
45 46
46/* 47/*
47 * Bug workaround - some TPM's don't flush the most 48 * Bug workaround - some TPM's don't flush the most
@@ -65,21 +66,6 @@ static DECLARE_BITMAP(dev_mask, TPM_NUM_DEVICES);
65 * values of the SHORT, MEDIUM, and LONG durations are retrieved 66 * values of the SHORT, MEDIUM, and LONG durations are retrieved
66 * from the chip during initialization with a call to tpm_get_timeouts. 67 * from the chip during initialization with a call to tpm_get_timeouts.
67 */ 68 */
68static const u8 tpm_protected_ordinal_duration[TPM_MAX_PROTECTED_ORDINAL] = {
69 TPM_UNDEFINED, /* 0 */
70 TPM_UNDEFINED,
71 TPM_UNDEFINED,
72 TPM_UNDEFINED,
73 TPM_UNDEFINED,
74 TPM_UNDEFINED, /* 5 */
75 TPM_UNDEFINED,
76 TPM_UNDEFINED,
77 TPM_UNDEFINED,
78 TPM_UNDEFINED,
79 TPM_SHORT, /* 10 */
80 TPM_SHORT,
81};
82
83static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = { 69static const u8 tpm_ordinal_duration[TPM_MAX_ORDINAL] = {
84 TPM_UNDEFINED, /* 0 */ 70 TPM_UNDEFINED, /* 0 */
85 TPM_UNDEFINED, 71 TPM_UNDEFINED,
@@ -351,14 +337,11 @@ unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip,
351{ 337{
352 int duration_idx = TPM_UNDEFINED; 338 int duration_idx = TPM_UNDEFINED;
353 int duration = 0; 339 int duration = 0;
340 u8 category = (ordinal >> 24) & 0xFF;
354 341
355 if (ordinal < TPM_MAX_ORDINAL) 342 if ((category == TPM_PROTECTED_COMMAND && ordinal < TPM_MAX_ORDINAL) ||
343 (category == TPM_CONNECTION_COMMAND && ordinal < TSC_MAX_ORDINAL))
356 duration_idx = tpm_ordinal_duration[ordinal]; 344 duration_idx = tpm_ordinal_duration[ordinal];
357 else if ((ordinal & TPM_PROTECTED_ORDINAL_MASK) <
358 TPM_MAX_PROTECTED_ORDINAL)
359 duration_idx =
360 tpm_protected_ordinal_duration[ordinal &
361 TPM_PROTECTED_ORDINAL_MASK];
362 345
363 if (duration_idx != TPM_UNDEFINED) 346 if (duration_idx != TPM_UNDEFINED)
364 duration = chip->vendor.duration[duration_idx]; 347 duration = chip->vendor.duration[duration_idx];
@@ -410,7 +393,7 @@ static ssize_t tpm_transmit(struct tpm_chip *chip, const char *buf,
410 chip->vendor.req_complete_val) 393 chip->vendor.req_complete_val)
411 goto out_recv; 394 goto out_recv;
412 395
413 if ((status == chip->vendor.req_canceled)) { 396 if (chip->vendor.req_canceled(chip, status)) {
414 dev_err(chip->dev, "Operation Canceled\n"); 397 dev_err(chip->dev, "Operation Canceled\n");
415 rc = -ECANCELED; 398 rc = -ECANCELED;
416 goto out; 399 goto out;
@@ -468,7 +451,7 @@ static ssize_t transmit_cmd(struct tpm_chip *chip, struct tpm_cmd_t *cmd,
468 return -EFAULT; 451 return -EFAULT;
469 452
470 err = be32_to_cpu(cmd->header.out.return_code); 453 err = be32_to_cpu(cmd->header.out.return_code);
471 if (err != 0) 454 if (err != 0 && desc)
472 dev_err(chip->dev, "A TPM error (%d) occurred %s\n", err, desc); 455 dev_err(chip->dev, "A TPM error (%d) occurred %s\n", err, desc);
473 456
474 return err; 457 return err;
@@ -528,6 +511,25 @@ void tpm_gen_interrupt(struct tpm_chip *chip)
528} 511}
529EXPORT_SYMBOL_GPL(tpm_gen_interrupt); 512EXPORT_SYMBOL_GPL(tpm_gen_interrupt);
530 513
514#define TPM_ORD_STARTUP cpu_to_be32(153)
515#define TPM_ST_CLEAR cpu_to_be16(1)
516#define TPM_ST_STATE cpu_to_be16(2)
517#define TPM_ST_DEACTIVATED cpu_to_be16(3)
518static const struct tpm_input_header tpm_startup_header = {
519 .tag = TPM_TAG_RQU_COMMAND,
520 .length = cpu_to_be32(12),
521 .ordinal = TPM_ORD_STARTUP
522};
523
524static int tpm_startup(struct tpm_chip *chip, __be16 startup_type)
525{
526 struct tpm_cmd_t start_cmd;
527 start_cmd.header.in = tpm_startup_header;
528 start_cmd.params.startup_in.startup_type = startup_type;
529 return transmit_cmd(chip, &start_cmd, TPM_INTERNAL_RESULT_SIZE,
530 "attempting to start the TPM");
531}
532
531int tpm_get_timeouts(struct tpm_chip *chip) 533int tpm_get_timeouts(struct tpm_chip *chip)
532{ 534{
533 struct tpm_cmd_t tpm_cmd; 535 struct tpm_cmd_t tpm_cmd;
@@ -541,11 +543,28 @@ int tpm_get_timeouts(struct tpm_chip *chip)
541 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP; 543 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
542 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4); 544 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
543 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT; 545 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
546 rc = transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, NULL);
544 547
545 rc = transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE, 548 if (rc == TPM_ERR_INVALID_POSTINIT) {
546 "attempting to determine the timeouts"); 549 /* The TPM is not started, we are the first to talk to it.
547 if (rc) 550 Execute a startup command. */
551 dev_info(chip->dev, "Issuing TPM_STARTUP");
552 if (tpm_startup(chip, TPM_ST_CLEAR))
553 return rc;
554
555 tpm_cmd.header.in = tpm_getcap_header;
556 tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
557 tpm_cmd.params.getcap_in.subcap_size = cpu_to_be32(4);
558 tpm_cmd.params.getcap_in.subcap = TPM_CAP_PROP_TIS_TIMEOUT;
559 rc = transmit_cmd(chip, &tpm_cmd, TPM_INTERNAL_RESULT_SIZE,
560 NULL);
561 }
562 if (rc) {
563 dev_err(chip->dev,
564 "A TPM error (%zd) occurred attempting to determine the timeouts\n",
565 rc);
548 goto duration; 566 goto duration;
567 }
549 568
550 if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 || 569 if (be32_to_cpu(tpm_cmd.header.out.return_code) != 0 ||
551 be32_to_cpu(tpm_cmd.header.out.length) 570 be32_to_cpu(tpm_cmd.header.out.length)
@@ -824,7 +843,7 @@ int tpm_do_selftest(struct tpm_chip *chip)
824{ 843{
825 int rc; 844 int rc;
826 unsigned int loops; 845 unsigned int loops;
827 unsigned int delay_msec = 1000; 846 unsigned int delay_msec = 100;
828 unsigned long duration; 847 unsigned long duration;
829 struct tpm_cmd_t cmd; 848 struct tpm_cmd_t cmd;
830 849
@@ -845,6 +864,14 @@ int tpm_do_selftest(struct tpm_chip *chip)
845 cmd.header.in = pcrread_header; 864 cmd.header.in = pcrread_header;
846 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(0); 865 cmd.params.pcrread_in.pcr_idx = cpu_to_be32(0);
847 rc = tpm_transmit(chip, (u8 *) &cmd, READ_PCR_RESULT_SIZE); 866 rc = tpm_transmit(chip, (u8 *) &cmd, READ_PCR_RESULT_SIZE);
867 /* Some buggy TPMs will not respond to tpm_tis_ready() for
868 * around 300ms while the self test is ongoing, keep trying
869 * until the self test duration expires. */
870 if (rc == -ETIME) {
871 dev_info(chip->dev, HW_ERR "TPM command timed out during continue self test");
872 msleep(delay_msec);
873 continue;
874 }
848 875
849 if (rc < TPM_HEADER_SIZE) 876 if (rc < TPM_HEADER_SIZE)
850 return -EFAULT; 877 return -EFAULT;
@@ -1075,12 +1102,28 @@ ssize_t tpm_store_cancel(struct device *dev, struct device_attribute *attr,
1075} 1102}
1076EXPORT_SYMBOL_GPL(tpm_store_cancel); 1103EXPORT_SYMBOL_GPL(tpm_store_cancel);
1077 1104
1105static bool wait_for_tpm_stat_cond(struct tpm_chip *chip, u8 mask, bool check_cancel,
1106 bool *canceled)
1107{
1108 u8 status = chip->vendor.status(chip);
1109
1110 *canceled = false;
1111 if ((status & mask) == mask)
1112 return true;
1113 if (check_cancel && chip->vendor.req_canceled(chip, status)) {
1114 *canceled = true;
1115 return true;
1116 }
1117 return false;
1118}
1119
1078int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout, 1120int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
1079 wait_queue_head_t *queue) 1121 wait_queue_head_t *queue, bool check_cancel)
1080{ 1122{
1081 unsigned long stop; 1123 unsigned long stop;
1082 long rc; 1124 long rc;
1083 u8 status; 1125 u8 status;
1126 bool canceled = false;
1084 1127
1085 /* check current status */ 1128 /* check current status */
1086 status = chip->vendor.status(chip); 1129 status = chip->vendor.status(chip);
@@ -1095,11 +1138,14 @@ again:
1095 if ((long)timeout <= 0) 1138 if ((long)timeout <= 0)
1096 return -ETIME; 1139 return -ETIME;
1097 rc = wait_event_interruptible_timeout(*queue, 1140 rc = wait_event_interruptible_timeout(*queue,
1098 ((chip->vendor.status(chip) 1141 wait_for_tpm_stat_cond(chip, mask, check_cancel,
1099 & mask) == mask), 1142 &canceled),
1100 timeout); 1143 timeout);
1101 if (rc > 0) 1144 if (rc > 0) {
1145 if (canceled)
1146 return -ECANCELED;
1102 return 0; 1147 return 0;
1148 }
1103 if (rc == -ERESTARTSYS && freezing(current)) { 1149 if (rc == -ERESTARTSYS && freezing(current)) {
1104 clear_thread_flag(TIF_SIGPENDING); 1150 clear_thread_flag(TIF_SIGPENDING);
1105 goto again; 1151 goto again;
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 8ef7649a50aa..81b52015f669 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -47,6 +47,7 @@ enum tpm_addr {
47#define TPM_WARN_DOING_SELFTEST 0x802 47#define TPM_WARN_DOING_SELFTEST 0x802
48#define TPM_ERR_DEACTIVATED 0x6 48#define TPM_ERR_DEACTIVATED 0x6
49#define TPM_ERR_DISABLED 0x7 49#define TPM_ERR_DISABLED 0x7
50#define TPM_ERR_INVALID_POSTINIT 38
50 51
51#define TPM_HEADER_SIZE 10 52#define TPM_HEADER_SIZE 10
52extern ssize_t tpm_show_pubek(struct device *, struct device_attribute *attr, 53extern ssize_t tpm_show_pubek(struct device *, struct device_attribute *attr,
@@ -77,7 +78,7 @@ struct tpm_chip;
77struct tpm_vendor_specific { 78struct tpm_vendor_specific {
78 const u8 req_complete_mask; 79 const u8 req_complete_mask;
79 const u8 req_complete_val; 80 const u8 req_complete_val;
80 const u8 req_canceled; 81 bool (*req_canceled)(struct tpm_chip *chip, u8 status);
81 void __iomem *iobase; /* ioremapped address */ 82 void __iomem *iobase; /* ioremapped address */
82 unsigned long base; /* TPM base address */ 83 unsigned long base; /* TPM base address */
83 84
@@ -100,13 +101,19 @@ struct tpm_vendor_specific {
100 bool timeout_adjusted; 101 bool timeout_adjusted;
101 unsigned long duration[3]; /* jiffies */ 102 unsigned long duration[3]; /* jiffies */
102 bool duration_adjusted; 103 bool duration_adjusted;
103 void *data; 104 void *priv;
104 105
105 wait_queue_head_t read_queue; 106 wait_queue_head_t read_queue;
106 wait_queue_head_t int_queue; 107 wait_queue_head_t int_queue;
108
109 u16 manufacturer_id;
107}; 110};
108 111
112#define TPM_VPRIV(c) (c)->vendor.priv
113
109#define TPM_VID_INTEL 0x8086 114#define TPM_VID_INTEL 0x8086
115#define TPM_VID_WINBOND 0x1050
116#define TPM_VID_STM 0x104A
110 117
111struct tpm_chip { 118struct tpm_chip {
112 struct device *dev; /* Device stuff */ 119 struct device *dev; /* Device stuff */
@@ -154,13 +161,13 @@ struct tpm_input_header {
154 __be16 tag; 161 __be16 tag;
155 __be32 length; 162 __be32 length;
156 __be32 ordinal; 163 __be32 ordinal;
157}__attribute__((packed)); 164} __packed;
158 165
159struct tpm_output_header { 166struct tpm_output_header {
160 __be16 tag; 167 __be16 tag;
161 __be32 length; 168 __be32 length;
162 __be32 return_code; 169 __be32 return_code;
163}__attribute__((packed)); 170} __packed;
164 171
165struct stclear_flags_t { 172struct stclear_flags_t {
166 __be16 tag; 173 __be16 tag;
@@ -169,14 +176,14 @@ struct stclear_flags_t {
169 u8 physicalPresence; 176 u8 physicalPresence;
170 u8 physicalPresenceLock; 177 u8 physicalPresenceLock;
171 u8 bGlobalLock; 178 u8 bGlobalLock;
172}__attribute__((packed)); 179} __packed;
173 180
174struct tpm_version_t { 181struct tpm_version_t {
175 u8 Major; 182 u8 Major;
176 u8 Minor; 183 u8 Minor;
177 u8 revMajor; 184 u8 revMajor;
178 u8 revMinor; 185 u8 revMinor;
179}__attribute__((packed)); 186} __packed;
180 187
181struct tpm_version_1_2_t { 188struct tpm_version_1_2_t {
182 __be16 tag; 189 __be16 tag;
@@ -184,20 +191,20 @@ struct tpm_version_1_2_t {
184 u8 Minor; 191 u8 Minor;
185 u8 revMajor; 192 u8 revMajor;
186 u8 revMinor; 193 u8 revMinor;
187}__attribute__((packed)); 194} __packed;
188 195
189struct timeout_t { 196struct timeout_t {
190 __be32 a; 197 __be32 a;
191 __be32 b; 198 __be32 b;
192 __be32 c; 199 __be32 c;
193 __be32 d; 200 __be32 d;
194}__attribute__((packed)); 201} __packed;
195 202
196struct duration_t { 203struct duration_t {
197 __be32 tpm_short; 204 __be32 tpm_short;
198 __be32 tpm_medium; 205 __be32 tpm_medium;
199 __be32 tpm_long; 206 __be32 tpm_long;
200}__attribute__((packed)); 207} __packed;
201 208
202struct permanent_flags_t { 209struct permanent_flags_t {
203 __be16 tag; 210 __be16 tag;
@@ -221,7 +228,7 @@ struct permanent_flags_t {
221 u8 tpmEstablished; 228 u8 tpmEstablished;
222 u8 maintenanceDone; 229 u8 maintenanceDone;
223 u8 disableFullDALogicInfo; 230 u8 disableFullDALogicInfo;
224}__attribute__((packed)); 231} __packed;
225 232
226typedef union { 233typedef union {
227 struct permanent_flags_t perm_flags; 234 struct permanent_flags_t perm_flags;
@@ -239,12 +246,12 @@ struct tpm_getcap_params_in {
239 __be32 cap; 246 __be32 cap;
240 __be32 subcap_size; 247 __be32 subcap_size;
241 __be32 subcap; 248 __be32 subcap;
242}__attribute__((packed)); 249} __packed;
243 250
244struct tpm_getcap_params_out { 251struct tpm_getcap_params_out {
245 __be32 cap_size; 252 __be32 cap_size;
246 cap_t cap; 253 cap_t cap;
247}__attribute__((packed)); 254} __packed;
248 255
249struct tpm_readpubek_params_out { 256struct tpm_readpubek_params_out {
250 u8 algorithm[4]; 257 u8 algorithm[4];
@@ -255,7 +262,7 @@ struct tpm_readpubek_params_out {
255 __be32 keysize; 262 __be32 keysize;
256 u8 modulus[256]; 263 u8 modulus[256];
257 u8 checksum[20]; 264 u8 checksum[20];
258}__attribute__((packed)); 265} __packed;
259 266
260typedef union { 267typedef union {
261 struct tpm_input_header in; 268 struct tpm_input_header in;
@@ -265,16 +272,16 @@ typedef union {
265#define TPM_DIGEST_SIZE 20 272#define TPM_DIGEST_SIZE 20
266struct tpm_pcrread_out { 273struct tpm_pcrread_out {
267 u8 pcr_result[TPM_DIGEST_SIZE]; 274 u8 pcr_result[TPM_DIGEST_SIZE];
268}__attribute__((packed)); 275} __packed;
269 276
270struct tpm_pcrread_in { 277struct tpm_pcrread_in {
271 __be32 pcr_idx; 278 __be32 pcr_idx;
272}__attribute__((packed)); 279} __packed;
273 280
274struct tpm_pcrextend_in { 281struct tpm_pcrextend_in {
275 __be32 pcr_idx; 282 __be32 pcr_idx;
276 u8 hash[TPM_DIGEST_SIZE]; 283 u8 hash[TPM_DIGEST_SIZE];
277}__attribute__((packed)); 284} __packed;
278 285
279/* 128 bytes is an arbitrary cap. This could be as large as TPM_BUFSIZE - 18 286/* 128 bytes is an arbitrary cap. This could be as large as TPM_BUFSIZE - 18
280 * bytes, but 128 is still a relatively large number of random bytes and 287 * bytes, but 128 is still a relatively large number of random bytes and
@@ -285,11 +292,15 @@ struct tpm_pcrextend_in {
285struct tpm_getrandom_out { 292struct tpm_getrandom_out {
286 __be32 rng_data_len; 293 __be32 rng_data_len;
287 u8 rng_data[TPM_MAX_RNG_DATA]; 294 u8 rng_data[TPM_MAX_RNG_DATA];
288}__attribute__((packed)); 295} __packed;
289 296
290struct tpm_getrandom_in { 297struct tpm_getrandom_in {
291 __be32 num_bytes; 298 __be32 num_bytes;
292}__attribute__((packed)); 299} __packed;
300
301struct tpm_startup_in {
302 __be16 startup_type;
303} __packed;
293 304
294typedef union { 305typedef union {
295 struct tpm_getcap_params_out getcap_out; 306 struct tpm_getcap_params_out getcap_out;
@@ -301,12 +312,13 @@ typedef union {
301 struct tpm_pcrextend_in pcrextend_in; 312 struct tpm_pcrextend_in pcrextend_in;
302 struct tpm_getrandom_in getrandom_in; 313 struct tpm_getrandom_in getrandom_in;
303 struct tpm_getrandom_out getrandom_out; 314 struct tpm_getrandom_out getrandom_out;
315 struct tpm_startup_in startup_in;
304} tpm_cmd_params; 316} tpm_cmd_params;
305 317
306struct tpm_cmd_t { 318struct tpm_cmd_t {
307 tpm_cmd_header header; 319 tpm_cmd_header header;
308 tpm_cmd_params params; 320 tpm_cmd_params params;
309}__attribute__((packed)); 321} __packed;
310 322
311ssize_t tpm_getcap(struct device *, __be32, cap_t *, const char *); 323ssize_t tpm_getcap(struct device *, __be32, cap_t *, const char *);
312 324
@@ -326,7 +338,7 @@ extern void tpm_remove_hardware(struct device *);
326extern int tpm_pm_suspend(struct device *); 338extern int tpm_pm_suspend(struct device *);
327extern int tpm_pm_resume(struct device *); 339extern int tpm_pm_resume(struct device *);
328extern int wait_for_tpm_stat(struct tpm_chip *, u8, unsigned long, 340extern int wait_for_tpm_stat(struct tpm_chip *, u8, unsigned long,
329 wait_queue_head_t *); 341 wait_queue_head_t *, bool);
330 342
331#ifdef CONFIG_ACPI 343#ifdef CONFIG_ACPI
332extern int tpm_add_ppi(struct kobject *); 344extern int tpm_add_ppi(struct kobject *);
diff --git a/drivers/char/tpm/tpm_acpi.c b/drivers/char/tpm/tpm_acpi.c
index 56051d0c97a2..64420b3396a2 100644
--- a/drivers/char/tpm/tpm_acpi.c
+++ b/drivers/char/tpm/tpm_acpi.c
@@ -33,13 +33,13 @@ struct acpi_tcpa {
33 u16 platform_class; 33 u16 platform_class;
34 union { 34 union {
35 struct client_hdr { 35 struct client_hdr {
36 u32 log_max_len __attribute__ ((packed)); 36 u32 log_max_len __packed;
37 u64 log_start_addr __attribute__ ((packed)); 37 u64 log_start_addr __packed;
38 } client; 38 } client;
39 struct server_hdr { 39 struct server_hdr {
40 u16 reserved; 40 u16 reserved;
41 u64 log_max_len __attribute__ ((packed)); 41 u64 log_max_len __packed;
42 u64 log_start_addr __attribute__ ((packed)); 42 u64 log_start_addr __packed;
43 } server; 43 } server;
44 }; 44 };
45}; 45};
diff --git a/drivers/char/tpm/tpm_atmel.c b/drivers/char/tpm/tpm_atmel.c
index 678d57019dc4..99d6820c611d 100644
--- a/drivers/char/tpm/tpm_atmel.c
+++ b/drivers/char/tpm/tpm_atmel.c
@@ -116,6 +116,11 @@ static u8 tpm_atml_status(struct tpm_chip *chip)
116 return ioread8(chip->vendor.iobase + 1); 116 return ioread8(chip->vendor.iobase + 1);
117} 117}
118 118
119static bool tpm_atml_req_canceled(struct tpm_chip *chip, u8 status)
120{
121 return (status == ATML_STATUS_READY);
122}
123
119static const struct file_operations atmel_ops = { 124static const struct file_operations atmel_ops = {
120 .owner = THIS_MODULE, 125 .owner = THIS_MODULE,
121 .llseek = no_llseek, 126 .llseek = no_llseek,
@@ -147,7 +152,7 @@ static const struct tpm_vendor_specific tpm_atmel = {
147 .status = tpm_atml_status, 152 .status = tpm_atml_status,
148 .req_complete_mask = ATML_STATUS_BUSY | ATML_STATUS_DATA_AVAIL, 153 .req_complete_mask = ATML_STATUS_BUSY | ATML_STATUS_DATA_AVAIL,
149 .req_complete_val = ATML_STATUS_DATA_AVAIL, 154 .req_complete_val = ATML_STATUS_DATA_AVAIL,
150 .req_canceled = ATML_STATUS_READY, 155 .req_canceled = tpm_atml_req_canceled,
151 .attr_group = &atmel_attr_grp, 156 .attr_group = &atmel_attr_grp,
152 .miscdev = { .fops = &atmel_ops, }, 157 .miscdev = { .fops = &atmel_ops, },
153}; 158};
diff --git a/drivers/char/tpm/tpm_i2c_infineon.c b/drivers/char/tpm/tpm_i2c_infineon.c
index fb447bd0cb61..8fe7ac3d095b 100644
--- a/drivers/char/tpm/tpm_i2c_infineon.c
+++ b/drivers/char/tpm/tpm_i2c_infineon.c
@@ -505,6 +505,11 @@ out_err:
505 return rc; 505 return rc;
506} 506}
507 507
508static bool tpm_tis_i2c_req_canceled(struct tpm_chip *chip, u8 status)
509{
510 return (status == TPM_STS_COMMAND_READY);
511}
512
508static const struct file_operations tis_ops = { 513static const struct file_operations tis_ops = {
509 .owner = THIS_MODULE, 514 .owner = THIS_MODULE,
510 .llseek = no_llseek, 515 .llseek = no_llseek,
@@ -550,7 +555,7 @@ static struct tpm_vendor_specific tpm_tis_i2c = {
550 .cancel = tpm_tis_i2c_ready, 555 .cancel = tpm_tis_i2c_ready,
551 .req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID, 556 .req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
552 .req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID, 557 .req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
553 .req_canceled = TPM_STS_COMMAND_READY, 558 .req_canceled = tpm_tis_i2c_req_canceled,
554 .attr_group = &tis_attr_grp, 559 .attr_group = &tis_attr_grp,
555 .miscdev.fops = &tis_ops, 560 .miscdev.fops = &tis_ops,
556}; 561};
diff --git a/drivers/char/tpm/tpm_i2c_stm_st33.c b/drivers/char/tpm/tpm_i2c_stm_st33.c
new file mode 100644
index 000000000000..1f5f71e14abe
--- /dev/null
+++ b/drivers/char/tpm/tpm_i2c_stm_st33.c
@@ -0,0 +1,887 @@
1/*
2 * STMicroelectronics TPM I2C Linux driver for TPM ST33ZP24
3 * Copyright (C) 2009, 2010 STMicroelectronics
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * STMicroelectronics version 1.2.0, Copyright (C) 2010
20 * STMicroelectronics comes with ABSOLUTELY NO WARRANTY.
21 * This is free software, and you are welcome to redistribute it
22 * under certain conditions.
23 *
24 * @Author: Christophe RICARD tpmsupport@st.com
25 *
26 * @File: tpm_stm_st33_i2c.c
27 *
28 * @Synopsis:
29 * 09/15/2010: First shot driver tpm_tis driver for
30 lpc is used as model.
31 */
32
33#include <linux/pci.h>
34#include <linux/module.h>
35#include <linux/platform_device.h>
36#include <linux/i2c.h>
37#include <linux/fs.h>
38#include <linux/miscdevice.h>
39#include <linux/module.h>
40#include <linux/kernel.h>
41#include <linux/delay.h>
42#include <linux/init.h>
43#include <linux/wait.h>
44#include <linux/string.h>
45#include <linux/interrupt.h>
46#include <linux/spinlock.h>
47#include <linux/sysfs.h>
48#include <linux/gpio.h>
49#include <linux/sched.h>
50#include <linux/uaccess.h>
51#include <linux/io.h>
52#include <linux/slab.h>
53#include <linux/sched.h>
54
55#include "tpm.h"
56#include "tpm_i2c_stm_st33.h"
57
58enum stm33zp24_access {
59 TPM_ACCESS_VALID = 0x80,
60 TPM_ACCESS_ACTIVE_LOCALITY = 0x20,
61 TPM_ACCESS_REQUEST_PENDING = 0x04,
62 TPM_ACCESS_REQUEST_USE = 0x02,
63};
64
65enum stm33zp24_status {
66 TPM_STS_VALID = 0x80,
67 TPM_STS_COMMAND_READY = 0x40,
68 TPM_STS_GO = 0x20,
69 TPM_STS_DATA_AVAIL = 0x10,
70 TPM_STS_DATA_EXPECT = 0x08,
71};
72
73enum stm33zp24_int_flags {
74 TPM_GLOBAL_INT_ENABLE = 0x80,
75 TPM_INTF_CMD_READY_INT = 0x080,
76 TPM_INTF_FIFO_AVALAIBLE_INT = 0x040,
77 TPM_INTF_WAKE_UP_READY_INT = 0x020,
78 TPM_INTF_LOCALITY_CHANGE_INT = 0x004,
79 TPM_INTF_STS_VALID_INT = 0x002,
80 TPM_INTF_DATA_AVAIL_INT = 0x001,
81};
82
83enum tis_defaults {
84 TIS_SHORT_TIMEOUT = 750,
85 TIS_LONG_TIMEOUT = 2000,
86};
87
88/*
89 * write8_reg
90 * Send byte to the TIS register according to the ST33ZP24 I2C protocol.
91 * @param: tpm_register, the tpm tis register where the data should be written
92 * @param: tpm_data, the tpm_data to write inside the tpm_register
93 * @param: tpm_size, The length of the data
94 * @return: Returns negative errno, or else the number of bytes written.
95 */
96static int write8_reg(struct i2c_client *client, u8 tpm_register,
97 u8 *tpm_data, u16 tpm_size)
98{
99 struct st33zp24_platform_data *pin_infos;
100
101 pin_infos = client->dev.platform_data;
102
103 pin_infos->tpm_i2c_buffer[0][0] = tpm_register;
104 memcpy(&pin_infos->tpm_i2c_buffer[0][1], tpm_data, tpm_size);
105 return i2c_master_send(client, pin_infos->tpm_i2c_buffer[0],
106 tpm_size + 1);
107} /* write8_reg() */
108
109/*
110 * read8_reg
111 * Recv byte from the TIS register according to the ST33ZP24 I2C protocol.
112 * @param: tpm_register, the tpm tis register where the data should be read
113 * @param: tpm_data, the TPM response
114 * @param: tpm_size, tpm TPM response size to read.
115 * @return: number of byte read successfully: should be one if success.
116 */
117static int read8_reg(struct i2c_client *client, u8 tpm_register,
118 u8 *tpm_data, int tpm_size)
119{
120 u8 status = 0;
121 u8 data;
122
123 data = TPM_DUMMY_BYTE;
124 status = write8_reg(client, tpm_register, &data, 1);
125 if (status == 2)
126 status = i2c_master_recv(client, tpm_data, tpm_size);
127 return status;
128} /* read8_reg() */
129
130/*
131 * I2C_WRITE_DATA
132 * Send byte to the TIS register according to the ST33ZP24 I2C protocol.
133 * @param: client, the chip description
134 * @param: tpm_register, the tpm tis register where the data should be written
135 * @param: tpm_data, the tpm_data to write inside the tpm_register
136 * @param: tpm_size, The length of the data
137 * @return: number of byte written successfully: should be one if success.
138 */
139#define I2C_WRITE_DATA(client, tpm_register, tpm_data, tpm_size) \
140 (write8_reg(client, tpm_register | \
141 TPM_WRITE_DIRECTION, tpm_data, tpm_size))
142
143/*
144 * I2C_READ_DATA
145 * Recv byte from the TIS register according to the ST33ZP24 I2C protocol.
146 * @param: tpm, the chip description
147 * @param: tpm_register, the tpm tis register where the data should be read
148 * @param: tpm_data, the TPM response
149 * @param: tpm_size, tpm TPM response size to read.
150 * @return: number of byte read successfully: should be one if success.
151 */
152#define I2C_READ_DATA(client, tpm_register, tpm_data, tpm_size) \
153 (read8_reg(client, tpm_register, tpm_data, tpm_size))
154
155/*
156 * clear_interruption
157 * clear the TPM interrupt register.
158 * @param: tpm, the chip description
159 */
160static void clear_interruption(struct i2c_client *client)
161{
162 u8 interrupt;
163 I2C_READ_DATA(client, TPM_INT_STATUS, &interrupt, 1);
164 I2C_WRITE_DATA(client, TPM_INT_STATUS, &interrupt, 1);
165 I2C_READ_DATA(client, TPM_INT_STATUS, &interrupt, 1);
166} /* clear_interruption() */
167
168/*
169 * _wait_for_interrupt_serirq_timeout
170 * @param: tpm, the chip description
171 * @param: timeout, the timeout of the interrupt
172 * @return: the status of the interruption.
173 */
174static long _wait_for_interrupt_serirq_timeout(struct tpm_chip *chip,
175 unsigned long timeout)
176{
177 long status;
178 struct i2c_client *client;
179 struct st33zp24_platform_data *pin_infos;
180
181 client = (struct i2c_client *) TPM_VPRIV(chip);
182 pin_infos = client->dev.platform_data;
183
184 status = wait_for_completion_interruptible_timeout(
185 &pin_infos->irq_detection,
186 timeout);
187 if (status > 0)
188 enable_irq(gpio_to_irq(pin_infos->io_serirq));
189 gpio_direction_input(pin_infos->io_serirq);
190
191 return status;
192} /* wait_for_interrupt_serirq_timeout() */
193
194static int wait_for_serirq_timeout(struct tpm_chip *chip, bool condition,
195 unsigned long timeout)
196{
197 int status = 2;
198 struct i2c_client *client;
199
200 client = (struct i2c_client *) TPM_VPRIV(chip);
201
202 status = _wait_for_interrupt_serirq_timeout(chip, timeout);
203 if (!status) {
204 status = -EBUSY;
205 } else{
206 clear_interruption(client);
207 if (condition)
208 status = 1;
209 }
210 return status;
211}
212
213/*
214 * tpm_stm_i2c_cancel, cancel is not implemented.
215 * @param: chip, the tpm_chip description as specified in driver/char/tpm/tpm.h
216 */
217static void tpm_stm_i2c_cancel(struct tpm_chip *chip)
218{
219 struct i2c_client *client;
220 u8 data;
221
222 client = (struct i2c_client *) TPM_VPRIV(chip);
223
224 data = TPM_STS_COMMAND_READY;
225 I2C_WRITE_DATA(client, TPM_STS, &data, 1);
226 if (chip->vendor.irq)
227 wait_for_serirq_timeout(chip, 1, chip->vendor.timeout_a);
228} /* tpm_stm_i2c_cancel() */
229
230/*
231 * tpm_stm_spi_status return the TPM_STS register
232 * @param: chip, the tpm chip description
233 * @return: the TPM_STS register value.
234 */
235static u8 tpm_stm_i2c_status(struct tpm_chip *chip)
236{
237 struct i2c_client *client;
238 u8 data;
239 client = (struct i2c_client *) TPM_VPRIV(chip);
240
241 I2C_READ_DATA(client, TPM_STS, &data, 1);
242 return data;
243} /* tpm_stm_i2c_status() */
244
245
246/*
247 * check_locality if the locality is active
248 * @param: chip, the tpm chip description
249 * @return: the active locality or -EACCESS.
250 */
251static int check_locality(struct tpm_chip *chip)
252{
253 struct i2c_client *client;
254 u8 data;
255 u8 status;
256
257 client = (struct i2c_client *) TPM_VPRIV(chip);
258
259 status = I2C_READ_DATA(client, TPM_ACCESS, &data, 1);
260 if (status && (data &
261 (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID)) ==
262 (TPM_ACCESS_ACTIVE_LOCALITY | TPM_ACCESS_VALID))
263 return chip->vendor.locality;
264
265 return -EACCES;
266
267} /* check_locality() */
268
269/*
270 * request_locality request the TPM locality
271 * @param: chip, the chip description
272 * @return: the active locality or EACCESS.
273 */
274static int request_locality(struct tpm_chip *chip)
275{
276 unsigned long stop;
277 long rc;
278 struct i2c_client *client;
279 u8 data;
280
281 client = (struct i2c_client *) TPM_VPRIV(chip);
282
283 if (check_locality(chip) == chip->vendor.locality)
284 return chip->vendor.locality;
285
286 data = TPM_ACCESS_REQUEST_USE;
287 rc = I2C_WRITE_DATA(client, TPM_ACCESS, &data, 1);
288 if (rc < 0)
289 goto end;
290
291 if (chip->vendor.irq) {
292 rc = wait_for_serirq_timeout(chip, (check_locality
293 (chip) >= 0),
294 chip->vendor.timeout_a);
295 if (rc > 0)
296 return chip->vendor.locality;
297 } else{
298 stop = jiffies + chip->vendor.timeout_a;
299 do {
300 if (check_locality(chip) >= 0)
301 return chip->vendor.locality;
302 msleep(TPM_TIMEOUT);
303 } while (time_before(jiffies, stop));
304 }
305 rc = -EACCES;
306end:
307 return rc;
308} /* request_locality() */
309
310/*
311 * release_locality release the active locality
312 * @param: chip, the tpm chip description.
313 */
314static void release_locality(struct tpm_chip *chip)
315{
316 struct i2c_client *client;
317 u8 data;
318
319 client = (struct i2c_client *) TPM_VPRIV(chip);
320 data = TPM_ACCESS_ACTIVE_LOCALITY;
321
322 I2C_WRITE_DATA(client, TPM_ACCESS, &data, 1);
323}
324
325/*
326 * get_burstcount return the burstcount address 0x19 0x1A
327 * @param: chip, the chip description
328 * return: the burstcount.
329 */
330static int get_burstcount(struct tpm_chip *chip)
331{
332 unsigned long stop;
333 int burstcnt, status;
334 u8 tpm_reg, temp;
335
336 struct i2c_client *client = (struct i2c_client *) TPM_VPRIV(chip);
337
338 stop = jiffies + chip->vendor.timeout_d;
339 do {
340 tpm_reg = TPM_STS + 1;
341 status = I2C_READ_DATA(client, tpm_reg, &temp, 1);
342 if (status < 0)
343 goto end;
344
345 tpm_reg = tpm_reg + 1;
346 burstcnt = temp;
347 status = I2C_READ_DATA(client, tpm_reg, &temp, 1);
348 if (status < 0)
349 goto end;
350
351 burstcnt |= temp << 8;
352 if (burstcnt)
353 return burstcnt;
354 msleep(TPM_TIMEOUT);
355 } while (time_before(jiffies, stop));
356
357end:
358 return -EBUSY;
359} /* get_burstcount() */
360
361/*
362 * wait_for_stat wait for a TPM_STS value
363 * @param: chip, the tpm chip description
364 * @param: mask, the value mask to wait
365 * @param: timeout, the timeout
366 * @param: queue, the wait queue.
367 * @return: the tpm status, 0 if success, -ETIME if timeout is reached.
368 */
369static int wait_for_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
370 wait_queue_head_t *queue)
371{
372 unsigned long stop;
373 long rc;
374 u8 status;
375
376 if (chip->vendor.irq) {
377 rc = wait_for_serirq_timeout(chip, ((tpm_stm_i2c_status
378 (chip) & mask) ==
379 mask), timeout);
380 if (rc > 0)
381 return 0;
382 } else{
383 stop = jiffies + timeout;
384 do {
385 msleep(TPM_TIMEOUT);
386 status = tpm_stm_i2c_status(chip);
387 if ((status & mask) == mask)
388 return 0;
389 } while (time_before(jiffies, stop));
390 }
391 return -ETIME;
392} /* wait_for_stat() */
393
394/*
395 * recv_data receive data
396 * @param: chip, the tpm chip description
397 * @param: buf, the buffer where the data are received
398 * @param: count, the number of data to receive
399 * @return: the number of bytes read from TPM FIFO.
400 */
401static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count)
402{
403 int size = 0, burstcnt, len;
404 struct i2c_client *client;
405
406 client = (struct i2c_client *) TPM_VPRIV(chip);
407
408 while (size < count &&
409 wait_for_stat(chip,
410 TPM_STS_DATA_AVAIL | TPM_STS_VALID,
411 chip->vendor.timeout_c,
412 &chip->vendor.read_queue)
413 == 0) {
414 burstcnt = get_burstcount(chip);
415 len = min_t(int, burstcnt, count - size);
416 I2C_READ_DATA(client, TPM_DATA_FIFO, buf + size, len);
417 size += len;
418 }
419 return size;
420}
421
422/*
423 * tpm_ioserirq_handler the serirq irq handler
424 * @param: irq, the tpm chip description
425 * @param: dev_id, the description of the chip
426 * @return: the status of the handler.
427 */
428static irqreturn_t tpm_ioserirq_handler(int irq, void *dev_id)
429{
430 struct tpm_chip *chip = dev_id;
431 struct i2c_client *client;
432 struct st33zp24_platform_data *pin_infos;
433
434 disable_irq_nosync(irq);
435
436 client = (struct i2c_client *) TPM_VPRIV(chip);
437 pin_infos = client->dev.platform_data;
438
439 complete(&pin_infos->irq_detection);
440 return IRQ_HANDLED;
441} /* tpm_ioserirq_handler() */
442
443
444/*
445 * tpm_stm_i2c_send send TPM commands through the I2C bus.
446 *
447 * @param: chip, the tpm_chip description as specified in driver/char/tpm/tpm.h
448 * @param: buf, the buffer to send.
449 * @param: count, the number of bytes to send.
450 * @return: In case of success the number of bytes sent.
451 * In other case, a < 0 value describing the issue.
452 */
453static int tpm_stm_i2c_send(struct tpm_chip *chip, unsigned char *buf,
454 size_t len)
455{
456 u32 status,
457 burstcnt = 0, i, size;
458 int ret;
459 u8 data;
460 struct i2c_client *client;
461
462 if (chip == NULL)
463 return -EBUSY;
464 if (len < TPM_HEADER_SIZE)
465 return -EBUSY;
466
467 client = (struct i2c_client *)TPM_VPRIV(chip);
468
469 client->flags = 0;
470
471 ret = request_locality(chip);
472 if (ret < 0)
473 return ret;
474
475 status = tpm_stm_i2c_status(chip);
476 if ((status & TPM_STS_COMMAND_READY) == 0) {
477 tpm_stm_i2c_cancel(chip);
478 if (wait_for_stat
479 (chip, TPM_STS_COMMAND_READY, chip->vendor.timeout_b,
480 &chip->vendor.int_queue) < 0) {
481 ret = -ETIME;
482 goto out_err;
483 }
484 }
485
486 for (i = 0 ; i < len - 1 ;) {
487 burstcnt = get_burstcount(chip);
488 size = min_t(int, len - i - 1, burstcnt);
489 ret = I2C_WRITE_DATA(client, TPM_DATA_FIFO, buf, size);
490 if (ret < 0)
491 goto out_err;
492
493 i += size;
494 }
495
496 status = tpm_stm_i2c_status(chip);
497 if ((status & TPM_STS_DATA_EXPECT) == 0) {
498 ret = -EIO;
499 goto out_err;
500 }
501
502 ret = I2C_WRITE_DATA(client, TPM_DATA_FIFO, buf + len - 1, 1);
503 if (ret < 0)
504 goto out_err;
505
506 status = tpm_stm_i2c_status(chip);
507 if ((status & TPM_STS_DATA_EXPECT) != 0) {
508 ret = -EIO;
509 goto out_err;
510 }
511
512 data = TPM_STS_GO;
513 I2C_WRITE_DATA(client, TPM_STS, &data, 1);
514
515 return len;
516out_err:
517 tpm_stm_i2c_cancel(chip);
518 release_locality(chip);
519 return ret;
520}
521
522/*
523 * tpm_stm_i2c_recv received TPM response through the I2C bus.
524 * @param: chip, the tpm_chip description as specified in driver/char/tpm/tpm.h.
525 * @param: buf, the buffer to store datas.
526 * @param: count, the number of bytes to send.
527 * @return: In case of success the number of bytes received.
528 * In other case, a < 0 value describing the issue.
529 */
530static int tpm_stm_i2c_recv(struct tpm_chip *chip, unsigned char *buf,
531 size_t count)
532{
533 int size = 0;
534 int expected;
535
536 if (chip == NULL)
537 return -EBUSY;
538
539 if (count < TPM_HEADER_SIZE) {
540 size = -EIO;
541 goto out;
542 }
543
544 size = recv_data(chip, buf, TPM_HEADER_SIZE);
545 if (size < TPM_HEADER_SIZE) {
546 dev_err(chip->dev, "Unable to read header\n");
547 goto out;
548 }
549
550 expected = be32_to_cpu(*(__be32 *) (buf + 2));
551 if (expected > count) {
552 size = -EIO;
553 goto out;
554 }
555
556 size += recv_data(chip, &buf[TPM_HEADER_SIZE],
557 expected - TPM_HEADER_SIZE);
558 if (size < expected) {
559 dev_err(chip->dev, "Unable to read remainder of result\n");
560 size = -ETIME;
561 goto out;
562 }
563
564out:
565 chip->vendor.cancel(chip);
566 release_locality(chip);
567 return size;
568}
569
570static bool tpm_st33_i2c_req_canceled(struct tpm_chip *chip, u8 status)
571{
572 return (status == TPM_STS_COMMAND_READY);
573}
574
575static const struct file_operations tpm_st33_i2c_fops = {
576 .owner = THIS_MODULE,
577 .llseek = no_llseek,
578 .read = tpm_read,
579 .write = tpm_write,
580 .open = tpm_open,
581 .release = tpm_release,
582};
583
584static DEVICE_ATTR(pubek, S_IRUGO, tpm_show_pubek, NULL);
585static DEVICE_ATTR(pcrs, S_IRUGO, tpm_show_pcrs, NULL);
586static DEVICE_ATTR(enabled, S_IRUGO, tpm_show_enabled, NULL);
587static DEVICE_ATTR(active, S_IRUGO, tpm_show_active, NULL);
588static DEVICE_ATTR(owned, S_IRUGO, tpm_show_owned, NULL);
589static DEVICE_ATTR(temp_deactivated, S_IRUGO, tpm_show_temp_deactivated, NULL);
590static DEVICE_ATTR(caps, S_IRUGO, tpm_show_caps_1_2, NULL);
591static DEVICE_ATTR(cancel, S_IWUSR | S_IWGRP, NULL, tpm_store_cancel);
592
593static struct attribute *stm_tpm_attrs[] = {
594 &dev_attr_pubek.attr,
595 &dev_attr_pcrs.attr,
596 &dev_attr_enabled.attr,
597 &dev_attr_active.attr,
598 &dev_attr_owned.attr,
599 &dev_attr_temp_deactivated.attr,
600 &dev_attr_caps.attr,
601 &dev_attr_cancel.attr, NULL,
602};
603
604static struct attribute_group stm_tpm_attr_grp = {
605 .attrs = stm_tpm_attrs
606};
607
608static struct tpm_vendor_specific st_i2c_tpm = {
609 .send = tpm_stm_i2c_send,
610 .recv = tpm_stm_i2c_recv,
611 .cancel = tpm_stm_i2c_cancel,
612 .status = tpm_stm_i2c_status,
613 .req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
614 .req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
615 .req_canceled = tpm_st33_i2c_req_canceled,
616 .attr_group = &stm_tpm_attr_grp,
617 .miscdev = {.fops = &tpm_st33_i2c_fops,},
618};
619
620static int interrupts ;
621module_param(interrupts, int, 0444);
622MODULE_PARM_DESC(interrupts, "Enable interrupts");
623
624static int power_mgt = 1;
625module_param(power_mgt, int, 0444);
626MODULE_PARM_DESC(power_mgt, "Power Management");
627
628/*
629 * tpm_st33_i2c_probe initialize the TPM device
630 * @param: client, the i2c_client drescription (TPM I2C description).
631 * @param: id, the i2c_device_id struct.
632 * @return: 0 in case of success.
633 * -1 in other case.
634 */
635static int
636tpm_st33_i2c_probe(struct i2c_client *client, const struct i2c_device_id *id)
637{
638 int err;
639 u8 intmask;
640 struct tpm_chip *chip;
641 struct st33zp24_platform_data *platform_data;
642
643 if (client == NULL) {
644 pr_info("%s: i2c client is NULL. Device not accessible.\n",
645 __func__);
646 err = -ENODEV;
647 goto end;
648 }
649
650 if (!i2c_check_functionality(client->adapter, I2C_FUNC_I2C)) {
651 dev_info(&client->dev, "client not i2c capable\n");
652 err = -ENODEV;
653 goto end;
654 }
655
656 chip = tpm_register_hardware(&client->dev, &st_i2c_tpm);
657 if (!chip) {
658 dev_info(&client->dev, "fail chip\n");
659 err = -ENODEV;
660 goto end;
661 }
662
663 platform_data = client->dev.platform_data;
664
665 if (!platform_data) {
666 dev_info(&client->dev, "chip not available\n");
667 err = -ENODEV;
668 goto _tpm_clean_answer;
669 }
670
671 platform_data->tpm_i2c_buffer[0] =
672 kmalloc(TPM_BUFSIZE * sizeof(u8), GFP_KERNEL);
673 if (platform_data->tpm_i2c_buffer[0] == NULL) {
674 err = -ENOMEM;
675 goto _tpm_clean_answer;
676 }
677 platform_data->tpm_i2c_buffer[1] =
678 kmalloc(TPM_BUFSIZE * sizeof(u8), GFP_KERNEL);
679 if (platform_data->tpm_i2c_buffer[1] == NULL) {
680 err = -ENOMEM;
681 goto _tpm_clean_response1;
682 }
683
684 TPM_VPRIV(chip) = client;
685
686 chip->vendor.timeout_a = msecs_to_jiffies(TIS_SHORT_TIMEOUT);
687 chip->vendor.timeout_b = msecs_to_jiffies(TIS_LONG_TIMEOUT);
688 chip->vendor.timeout_c = msecs_to_jiffies(TIS_SHORT_TIMEOUT);
689 chip->vendor.timeout_d = msecs_to_jiffies(TIS_SHORT_TIMEOUT);
690
691 chip->vendor.locality = LOCALITY0;
692
693 if (power_mgt) {
694 err = gpio_request(platform_data->io_lpcpd, "TPM IO_LPCPD");
695 if (err)
696 goto _gpio_init1;
697 gpio_set_value(platform_data->io_lpcpd, 1);
698 }
699
700 if (interrupts) {
701 init_completion(&platform_data->irq_detection);
702 if (request_locality(chip) != LOCALITY0) {
703 err = -ENODEV;
704 goto _tpm_clean_response2;
705 }
706 err = gpio_request(platform_data->io_serirq, "TPM IO_SERIRQ");
707 if (err)
708 goto _gpio_init2;
709
710 clear_interruption(client);
711 err = request_irq(gpio_to_irq(platform_data->io_serirq),
712 &tpm_ioserirq_handler,
713 IRQF_TRIGGER_HIGH,
714 "TPM SERIRQ management", chip);
715 if (err < 0) {
716 dev_err(chip->dev , "TPM SERIRQ signals %d not available\n",
717 gpio_to_irq(platform_data->io_serirq));
718 goto _irq_set;
719 }
720
721 err = I2C_READ_DATA(client, TPM_INT_ENABLE, &intmask, 1);
722 if (err < 0)
723 goto _irq_set;
724
725 intmask |= TPM_INTF_CMD_READY_INT
726 | TPM_INTF_FIFO_AVALAIBLE_INT
727 | TPM_INTF_WAKE_UP_READY_INT
728 | TPM_INTF_LOCALITY_CHANGE_INT
729 | TPM_INTF_STS_VALID_INT
730 | TPM_INTF_DATA_AVAIL_INT;
731
732 err = I2C_WRITE_DATA(client, TPM_INT_ENABLE, &intmask, 1);
733 if (err < 0)
734 goto _irq_set;
735
736 intmask = TPM_GLOBAL_INT_ENABLE;
737 err = I2C_WRITE_DATA(client, (TPM_INT_ENABLE + 3), &intmask, 1);
738 if (err < 0)
739 goto _irq_set;
740
741 err = I2C_READ_DATA(client, TPM_INT_STATUS, &intmask, 1);
742 if (err < 0)
743 goto _irq_set;
744
745 chip->vendor.irq = interrupts;
746
747 tpm_gen_interrupt(chip);
748 }
749
750 tpm_get_timeouts(chip);
751
752 i2c_set_clientdata(client, chip);
753
754 dev_info(chip->dev, "TPM I2C Initialized\n");
755 return 0;
756_irq_set:
757 free_irq(gpio_to_irq(platform_data->io_serirq), (void *) chip);
758_gpio_init2:
759 if (interrupts)
760 gpio_free(platform_data->io_serirq);
761_gpio_init1:
762 if (power_mgt)
763 gpio_free(platform_data->io_lpcpd);
764_tpm_clean_response2:
765 kzfree(platform_data->tpm_i2c_buffer[1]);
766 platform_data->tpm_i2c_buffer[1] = NULL;
767_tpm_clean_response1:
768 kzfree(platform_data->tpm_i2c_buffer[0]);
769 platform_data->tpm_i2c_buffer[0] = NULL;
770_tpm_clean_answer:
771 tpm_remove_hardware(chip->dev);
772end:
773 pr_info("TPM I2C initialisation fail\n");
774 return err;
775}
776
777/*
778 * tpm_st33_i2c_remove remove the TPM device
779 * @param: client, the i2c_client drescription (TPM I2C description).
780 clear_bit(0, &chip->is_open);
781 * @return: 0 in case of success.
782 */
783static int tpm_st33_i2c_remove(struct i2c_client *client)
784{
785 struct tpm_chip *chip = (struct tpm_chip *)i2c_get_clientdata(client);
786 struct st33zp24_platform_data *pin_infos =
787 ((struct i2c_client *) TPM_VPRIV(chip))->dev.platform_data;
788
789 if (pin_infos != NULL) {
790 free_irq(pin_infos->io_serirq, chip);
791
792 gpio_free(pin_infos->io_serirq);
793 gpio_free(pin_infos->io_lpcpd);
794
795 tpm_remove_hardware(chip->dev);
796
797 if (pin_infos->tpm_i2c_buffer[1] != NULL) {
798 kzfree(pin_infos->tpm_i2c_buffer[1]);
799 pin_infos->tpm_i2c_buffer[1] = NULL;
800 }
801 if (pin_infos->tpm_i2c_buffer[0] != NULL) {
802 kzfree(pin_infos->tpm_i2c_buffer[0]);
803 pin_infos->tpm_i2c_buffer[0] = NULL;
804 }
805 }
806
807 return 0;
808}
809
810#ifdef CONFIG_PM_SLEEP
811/*
812 * tpm_st33_i2c_pm_suspend suspend the TPM device
813 * Added: Work around when suspend and no tpm application is running, suspend
814 * may fail because chip->data_buffer is not set (only set in tpm_open in Linux
815 * TPM core)
816 * @param: client, the i2c_client drescription (TPM I2C description).
817 * @param: mesg, the power management message.
818 * @return: 0 in case of success.
819 */
820static int tpm_st33_i2c_pm_suspend(struct device *dev)
821{
822 struct tpm_chip *chip = dev_get_drvdata(dev);
823 struct st33zp24_platform_data *pin_infos = dev->platform_data;
824 int ret = 0;
825
826 if (power_mgt)
827 gpio_set_value(pin_infos->io_lpcpd, 0);
828 else{
829 if (chip->data_buffer == NULL)
830 chip->data_buffer = pin_infos->tpm_i2c_buffer[0];
831 ret = tpm_pm_suspend(dev);
832 }
833 return ret;
834} /* tpm_st33_i2c_suspend() */
835
836/*
837 * tpm_st33_i2c_pm_resume resume the TPM device
838 * @param: client, the i2c_client drescription (TPM I2C description).
839 * @return: 0 in case of success.
840 */
841static int tpm_st33_i2c_pm_resume(struct device *dev)
842{
843 struct tpm_chip *chip = dev_get_drvdata(dev);
844 struct st33zp24_platform_data *pin_infos = dev->platform_data;
845
846 int ret = 0;
847
848 if (power_mgt) {
849 gpio_set_value(pin_infos->io_lpcpd, 1);
850 ret = wait_for_serirq_timeout(chip,
851 (chip->vendor.status(chip) &
852 TPM_STS_VALID) == TPM_STS_VALID,
853 chip->vendor.timeout_b);
854 } else{
855 if (chip->data_buffer == NULL)
856 chip->data_buffer = pin_infos->tpm_i2c_buffer[0];
857 ret = tpm_pm_resume(dev);
858 if (!ret)
859 tpm_do_selftest(chip);
860 }
861 return ret;
862} /* tpm_st33_i2c_pm_resume() */
863#endif
864
865static const struct i2c_device_id tpm_st33_i2c_id[] = {
866 {TPM_ST33_I2C, 0},
867 {}
868};
869MODULE_DEVICE_TABLE(i2c, tpm_st33_i2c_id);
870static SIMPLE_DEV_PM_OPS(tpm_st33_i2c_ops, tpm_st33_i2c_pm_suspend, tpm_st33_i2c_pm_resume);
871static struct i2c_driver tpm_st33_i2c_driver = {
872 .driver = {
873 .owner = THIS_MODULE,
874 .name = TPM_ST33_I2C,
875 .pm = &tpm_st33_i2c_ops,
876 },
877 .probe = tpm_st33_i2c_probe,
878 .remove = tpm_st33_i2c_remove,
879 .id_table = tpm_st33_i2c_id
880};
881
882module_i2c_driver(tpm_st33_i2c_driver);
883
884MODULE_AUTHOR("Christophe Ricard (tpmsupport@st.com)");
885MODULE_DESCRIPTION("STM TPM I2C ST33 Driver");
886MODULE_VERSION("1.2.0");
887MODULE_LICENSE("GPL");
diff --git a/drivers/char/tpm/tpm_i2c_stm_st33.h b/drivers/char/tpm/tpm_i2c_stm_st33.h
new file mode 100644
index 000000000000..439a43249aa6
--- /dev/null
+++ b/drivers/char/tpm/tpm_i2c_stm_st33.h
@@ -0,0 +1,61 @@
1/*
2 * STMicroelectronics TPM I2C Linux driver for TPM ST33ZP24
3 * Copyright (C) 2009, 2010 STMicroelectronics
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
18 *
19 * STMicroelectronics version 1.2.0, Copyright (C) 2010
20 * STMicroelectronics comes with ABSOLUTELY NO WARRANTY.
21 * This is free software, and you are welcome to redistribute it
22 * under certain conditions.
23 *
24 * @Author: Christophe RICARD tpmsupport@st.com
25 *
26 * @File: stm_st33_tpm_i2c.h
27 *
28 * @Date: 09/15/2010
29 */
30#ifndef __STM_ST33_TPM_I2C_MAIN_H__
31#define __STM_ST33_TPM_I2C_MAIN_H__
32
33#define TPM_ACCESS (0x0)
34#define TPM_STS (0x18)
35#define TPM_HASH_END (0x20)
36#define TPM_DATA_FIFO (0x24)
37#define TPM_HASH_DATA (0x24)
38#define TPM_HASH_START (0x28)
39#define TPM_INTF_CAPABILITY (0x14)
40#define TPM_INT_STATUS (0x10)
41#define TPM_INT_ENABLE (0x08)
42
43#define TPM_DUMMY_BYTE 0xAA
44#define TPM_WRITE_DIRECTION 0x80
45#define TPM_HEADER_SIZE 10
46#define TPM_BUFSIZE 2048
47
48#define LOCALITY0 0
49
50#define TPM_ST33_I2C "st33zp24_i2c"
51
52struct st33zp24_platform_data {
53 int io_serirq;
54 int io_lpcpd;
55 struct i2c_client *client;
56 u8 *tpm_i2c_buffer[2]; /* 0 Request 1 Response */
57 struct completion irq_detection;
58 struct mutex lock;
59};
60
61#endif /* __STM_ST33_TPM_I2C_MAIN_H__ */
diff --git a/drivers/char/tpm/tpm_ibmvtpm.c b/drivers/char/tpm/tpm_ibmvtpm.c
index 9978609d93b2..56b07c35a13e 100644
--- a/drivers/char/tpm/tpm_ibmvtpm.c
+++ b/drivers/char/tpm/tpm_ibmvtpm.c
@@ -64,7 +64,7 @@ static struct ibmvtpm_dev *ibmvtpm_get_data(const struct device *dev)
64{ 64{
65 struct tpm_chip *chip = dev_get_drvdata(dev); 65 struct tpm_chip *chip = dev_get_drvdata(dev);
66 if (chip) 66 if (chip)
67 return (struct ibmvtpm_dev *)chip->vendor.data; 67 return (struct ibmvtpm_dev *)TPM_VPRIV(chip);
68 return NULL; 68 return NULL;
69} 69}
70 70
@@ -83,7 +83,7 @@ static int tpm_ibmvtpm_recv(struct tpm_chip *chip, u8 *buf, size_t count)
83 u16 len; 83 u16 len;
84 int sig; 84 int sig;
85 85
86 ibmvtpm = (struct ibmvtpm_dev *)chip->vendor.data; 86 ibmvtpm = (struct ibmvtpm_dev *)TPM_VPRIV(chip);
87 87
88 if (!ibmvtpm->rtce_buf) { 88 if (!ibmvtpm->rtce_buf) {
89 dev_err(ibmvtpm->dev, "ibmvtpm device is not ready\n"); 89 dev_err(ibmvtpm->dev, "ibmvtpm device is not ready\n");
@@ -127,7 +127,7 @@ static int tpm_ibmvtpm_send(struct tpm_chip *chip, u8 *buf, size_t count)
127 u64 *word = (u64 *) &crq; 127 u64 *word = (u64 *) &crq;
128 int rc; 128 int rc;
129 129
130 ibmvtpm = (struct ibmvtpm_dev *)chip->vendor.data; 130 ibmvtpm = (struct ibmvtpm_dev *)TPM_VPRIV(chip);
131 131
132 if (!ibmvtpm->rtce_buf) { 132 if (!ibmvtpm->rtce_buf) {
133 dev_err(ibmvtpm->dev, "ibmvtpm device is not ready\n"); 133 dev_err(ibmvtpm->dev, "ibmvtpm device is not ready\n");
@@ -398,6 +398,11 @@ static int tpm_ibmvtpm_resume(struct device *dev)
398 return rc; 398 return rc;
399} 399}
400 400
401static bool tpm_ibmvtpm_req_canceled(struct tpm_chip *chip, u8 status)
402{
403 return (status == 0);
404}
405
401static const struct file_operations ibmvtpm_ops = { 406static const struct file_operations ibmvtpm_ops = {
402 .owner = THIS_MODULE, 407 .owner = THIS_MODULE,
403 .llseek = no_llseek, 408 .llseek = no_llseek,
@@ -441,7 +446,7 @@ static const struct tpm_vendor_specific tpm_ibmvtpm = {
441 .status = tpm_ibmvtpm_status, 446 .status = tpm_ibmvtpm_status,
442 .req_complete_mask = 0, 447 .req_complete_mask = 0,
443 .req_complete_val = 0, 448 .req_complete_val = 0,
444 .req_canceled = 0, 449 .req_canceled = tpm_ibmvtpm_req_canceled,
445 .attr_group = &ibmvtpm_attr_grp, 450 .attr_group = &ibmvtpm_attr_grp,
446 .miscdev = { .fops = &ibmvtpm_ops, }, 451 .miscdev = { .fops = &ibmvtpm_ops, },
447}; 452};
@@ -647,7 +652,7 @@ static int tpm_ibmvtpm_probe(struct vio_dev *vio_dev,
647 652
648 ibmvtpm->dev = dev; 653 ibmvtpm->dev = dev;
649 ibmvtpm->vdev = vio_dev; 654 ibmvtpm->vdev = vio_dev;
650 chip->vendor.data = (void *)ibmvtpm; 655 TPM_VPRIV(chip) = (void *)ibmvtpm;
651 656
652 spin_lock_init(&ibmvtpm->rtce_lock); 657 spin_lock_init(&ibmvtpm->rtce_lock);
653 658
diff --git a/drivers/char/tpm/tpm_nsc.c b/drivers/char/tpm/tpm_nsc.c
index 640c9a427b59..770c46f8eb30 100644
--- a/drivers/char/tpm/tpm_nsc.c
+++ b/drivers/char/tpm/tpm_nsc.c
@@ -227,6 +227,11 @@ static u8 tpm_nsc_status(struct tpm_chip *chip)
227 return inb(chip->vendor.base + NSC_STATUS); 227 return inb(chip->vendor.base + NSC_STATUS);
228} 228}
229 229
230static bool tpm_nsc_req_canceled(struct tpm_chip *chip, u8 status)
231{
232 return (status == NSC_STATUS_RDY);
233}
234
230static const struct file_operations nsc_ops = { 235static const struct file_operations nsc_ops = {
231 .owner = THIS_MODULE, 236 .owner = THIS_MODULE,
232 .llseek = no_llseek, 237 .llseek = no_llseek,
@@ -258,7 +263,7 @@ static const struct tpm_vendor_specific tpm_nsc = {
258 .status = tpm_nsc_status, 263 .status = tpm_nsc_status,
259 .req_complete_mask = NSC_STATUS_OBF, 264 .req_complete_mask = NSC_STATUS_OBF,
260 .req_complete_val = NSC_STATUS_OBF, 265 .req_complete_val = NSC_STATUS_OBF,
261 .req_canceled = NSC_STATUS_RDY, 266 .req_canceled = tpm_nsc_req_canceled,
262 .attr_group = &nsc_attr_grp, 267 .attr_group = &nsc_attr_grp,
263 .miscdev = { .fops = &nsc_ops, }, 268 .miscdev = { .fops = &nsc_ops, },
264}; 269};
diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
index ea31dafbcac2..8a41b6be23a0 100644
--- a/drivers/char/tpm/tpm_tis.c
+++ b/drivers/char/tpm/tpm_tis.c
@@ -84,6 +84,9 @@ static int is_itpm(struct pnp_dev *dev)
84 struct acpi_device *acpi = pnp_acpi_device(dev); 84 struct acpi_device *acpi = pnp_acpi_device(dev);
85 struct acpi_hardware_id *id; 85 struct acpi_hardware_id *id;
86 86
87 if (!acpi)
88 return 0;
89
87 list_for_each_entry(id, &acpi->pnp.ids, list) { 90 list_for_each_entry(id, &acpi->pnp.ids, list) {
88 if (!strcmp("INTC0102", id->id)) 91 if (!strcmp("INTC0102", id->id))
89 return 1; 92 return 1;
@@ -98,6 +101,22 @@ static inline int is_itpm(struct pnp_dev *dev)
98} 101}
99#endif 102#endif
100 103
104/* Before we attempt to access the TPM we must see that the valid bit is set.
105 * The specification says that this bit is 0 at reset and remains 0 until the
106 * 'TPM has gone through its self test and initialization and has established
107 * correct values in the other bits.' */
108static int wait_startup(struct tpm_chip *chip, int l)
109{
110 unsigned long stop = jiffies + chip->vendor.timeout_a;
111 do {
112 if (ioread8(chip->vendor.iobase + TPM_ACCESS(l)) &
113 TPM_ACCESS_VALID)
114 return 0;
115 msleep(TPM_TIMEOUT);
116 } while (time_before(jiffies, stop));
117 return -1;
118}
119
101static int check_locality(struct tpm_chip *chip, int l) 120static int check_locality(struct tpm_chip *chip, int l)
102{ 121{
103 if ((ioread8(chip->vendor.iobase + TPM_ACCESS(l)) & 122 if ((ioread8(chip->vendor.iobase + TPM_ACCESS(l)) &
@@ -198,7 +217,7 @@ static int recv_data(struct tpm_chip *chip, u8 *buf, size_t count)
198 wait_for_tpm_stat(chip, 217 wait_for_tpm_stat(chip,
199 TPM_STS_DATA_AVAIL | TPM_STS_VALID, 218 TPM_STS_DATA_AVAIL | TPM_STS_VALID,
200 chip->vendor.timeout_c, 219 chip->vendor.timeout_c,
201 &chip->vendor.read_queue) 220 &chip->vendor.read_queue, true)
202 == 0) { 221 == 0) {
203 burstcnt = get_burstcount(chip); 222 burstcnt = get_burstcount(chip);
204 for (; burstcnt > 0 && size < count; burstcnt--) 223 for (; burstcnt > 0 && size < count; burstcnt--)
@@ -241,7 +260,7 @@ static int tpm_tis_recv(struct tpm_chip *chip, u8 *buf, size_t count)
241 } 260 }
242 261
243 wait_for_tpm_stat(chip, TPM_STS_VALID, chip->vendor.timeout_c, 262 wait_for_tpm_stat(chip, TPM_STS_VALID, chip->vendor.timeout_c,
244 &chip->vendor.int_queue); 263 &chip->vendor.int_queue, false);
245 status = tpm_tis_status(chip); 264 status = tpm_tis_status(chip);
246 if (status & TPM_STS_DATA_AVAIL) { /* retry? */ 265 if (status & TPM_STS_DATA_AVAIL) { /* retry? */
247 dev_err(chip->dev, "Error left over data\n"); 266 dev_err(chip->dev, "Error left over data\n");
@@ -277,7 +296,7 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len)
277 tpm_tis_ready(chip); 296 tpm_tis_ready(chip);
278 if (wait_for_tpm_stat 297 if (wait_for_tpm_stat
279 (chip, TPM_STS_COMMAND_READY, chip->vendor.timeout_b, 298 (chip, TPM_STS_COMMAND_READY, chip->vendor.timeout_b,
280 &chip->vendor.int_queue) < 0) { 299 &chip->vendor.int_queue, false) < 0) {
281 rc = -ETIME; 300 rc = -ETIME;
282 goto out_err; 301 goto out_err;
283 } 302 }
@@ -292,7 +311,7 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len)
292 } 311 }
293 312
294 wait_for_tpm_stat(chip, TPM_STS_VALID, chip->vendor.timeout_c, 313 wait_for_tpm_stat(chip, TPM_STS_VALID, chip->vendor.timeout_c,
295 &chip->vendor.int_queue); 314 &chip->vendor.int_queue, false);
296 status = tpm_tis_status(chip); 315 status = tpm_tis_status(chip);
297 if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) { 316 if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) {
298 rc = -EIO; 317 rc = -EIO;
@@ -304,7 +323,7 @@ static int tpm_tis_send_data(struct tpm_chip *chip, u8 *buf, size_t len)
304 iowrite8(buf[count], 323 iowrite8(buf[count],
305 chip->vendor.iobase + TPM_DATA_FIFO(chip->vendor.locality)); 324 chip->vendor.iobase + TPM_DATA_FIFO(chip->vendor.locality));
306 wait_for_tpm_stat(chip, TPM_STS_VALID, chip->vendor.timeout_c, 325 wait_for_tpm_stat(chip, TPM_STS_VALID, chip->vendor.timeout_c,
307 &chip->vendor.int_queue); 326 &chip->vendor.int_queue, false);
308 status = tpm_tis_status(chip); 327 status = tpm_tis_status(chip);
309 if ((status & TPM_STS_DATA_EXPECT) != 0) { 328 if ((status & TPM_STS_DATA_EXPECT) != 0) {
310 rc = -EIO; 329 rc = -EIO;
@@ -342,7 +361,7 @@ static int tpm_tis_send(struct tpm_chip *chip, u8 *buf, size_t len)
342 if (wait_for_tpm_stat 361 if (wait_for_tpm_stat
343 (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID, 362 (chip, TPM_STS_DATA_AVAIL | TPM_STS_VALID,
344 tpm_calc_ordinal_duration(chip, ordinal), 363 tpm_calc_ordinal_duration(chip, ordinal),
345 &chip->vendor.read_queue) < 0) { 364 &chip->vendor.read_queue, false) < 0) {
346 rc = -ETIME; 365 rc = -ETIME;
347 goto out_err; 366 goto out_err;
348 } 367 }
@@ -374,7 +393,7 @@ static int probe_itpm(struct tpm_chip *chip)
374 if (vendor != TPM_VID_INTEL) 393 if (vendor != TPM_VID_INTEL)
375 return 0; 394 return 0;
376 395
377 itpm = 0; 396 itpm = false;
378 397
379 rc = tpm_tis_send_data(chip, cmd_getticks, len); 398 rc = tpm_tis_send_data(chip, cmd_getticks, len);
380 if (rc == 0) 399 if (rc == 0)
@@ -383,7 +402,7 @@ static int probe_itpm(struct tpm_chip *chip)
383 tpm_tis_ready(chip); 402 tpm_tis_ready(chip);
384 release_locality(chip, chip->vendor.locality, 0); 403 release_locality(chip, chip->vendor.locality, 0);
385 404
386 itpm = 1; 405 itpm = true;
387 406
388 rc = tpm_tis_send_data(chip, cmd_getticks, len); 407 rc = tpm_tis_send_data(chip, cmd_getticks, len);
389 if (rc == 0) { 408 if (rc == 0) {
@@ -400,6 +419,19 @@ out:
400 return rc; 419 return rc;
401} 420}
402 421
422static bool tpm_tis_req_canceled(struct tpm_chip *chip, u8 status)
423{
424 switch (chip->vendor.manufacturer_id) {
425 case TPM_VID_WINBOND:
426 return ((status == TPM_STS_VALID) ||
427 (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY)));
428 case TPM_VID_STM:
429 return (status == (TPM_STS_VALID | TPM_STS_COMMAND_READY));
430 default:
431 return (status == TPM_STS_COMMAND_READY);
432 }
433}
434
403static const struct file_operations tis_ops = { 435static const struct file_operations tis_ops = {
404 .owner = THIS_MODULE, 436 .owner = THIS_MODULE,
405 .llseek = no_llseek, 437 .llseek = no_llseek,
@@ -445,7 +477,7 @@ static struct tpm_vendor_specific tpm_tis = {
445 .cancel = tpm_tis_ready, 477 .cancel = tpm_tis_ready,
446 .req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID, 478 .req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
447 .req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID, 479 .req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
448 .req_canceled = TPM_STS_COMMAND_READY, 480 .req_canceled = tpm_tis_req_canceled,
449 .attr_group = &tis_attr_grp, 481 .attr_group = &tis_attr_grp,
450 .miscdev = { 482 .miscdev = {
451 .fops = &tis_ops,}, 483 .fops = &tis_ops,},
@@ -502,7 +534,7 @@ static irqreturn_t tis_int_handler(int dummy, void *dev_id)
502 return IRQ_HANDLED; 534 return IRQ_HANDLED;
503} 535}
504 536
505static bool interrupts = 1; 537static bool interrupts = true;
506module_param(interrupts, bool, 0444); 538module_param(interrupts, bool, 0444);
507MODULE_PARM_DESC(interrupts, "Enable interrupts"); 539MODULE_PARM_DESC(interrupts, "Enable interrupts");
508 540
@@ -528,12 +560,18 @@ static int tpm_tis_init(struct device *dev, resource_size_t start,
528 chip->vendor.timeout_c = msecs_to_jiffies(TIS_SHORT_TIMEOUT); 560 chip->vendor.timeout_c = msecs_to_jiffies(TIS_SHORT_TIMEOUT);
529 chip->vendor.timeout_d = msecs_to_jiffies(TIS_SHORT_TIMEOUT); 561 chip->vendor.timeout_d = msecs_to_jiffies(TIS_SHORT_TIMEOUT);
530 562
563 if (wait_startup(chip, 0) != 0) {
564 rc = -ENODEV;
565 goto out_err;
566 }
567
531 if (request_locality(chip, 0) != 0) { 568 if (request_locality(chip, 0) != 0) {
532 rc = -ENODEV; 569 rc = -ENODEV;
533 goto out_err; 570 goto out_err;
534 } 571 }
535 572
536 vendor = ioread32(chip->vendor.iobase + TPM_DID_VID(0)); 573 vendor = ioread32(chip->vendor.iobase + TPM_DID_VID(0));
574 chip->vendor.manufacturer_id = vendor;
537 575
538 dev_info(dev, 576 dev_info(dev,
539 "1.2 TPM (device-id 0x%X, rev-id %d)\n", 577 "1.2 TPM (device-id 0x%X, rev-id %d)\n",
@@ -545,7 +583,7 @@ static int tpm_tis_init(struct device *dev, resource_size_t start,
545 rc = -ENODEV; 583 rc = -ENODEV;
546 goto out_err; 584 goto out_err;
547 } 585 }
548 itpm = (probe == 0) ? 0 : 1; 586 itpm = !!probe;
549 } 587 }
550 588
551 if (itpm) 589 if (itpm)
@@ -741,10 +779,10 @@ static int tpm_tis_pnp_init(struct pnp_dev *pnp_dev,
741 if (pnp_irq_valid(pnp_dev, 0)) 779 if (pnp_irq_valid(pnp_dev, 0))
742 irq = pnp_irq(pnp_dev, 0); 780 irq = pnp_irq(pnp_dev, 0);
743 else 781 else
744 interrupts = 0; 782 interrupts = false;
745 783
746 if (is_itpm(pnp_dev)) 784 if (is_itpm(pnp_dev))
747 itpm = 1; 785 itpm = true;
748 786
749 return tpm_tis_init(&pnp_dev->dev, start, len, irq); 787 return tpm_tis_init(&pnp_dev->dev, start, len, irq);
750} 788}
diff --git a/lib/digsig.c b/lib/digsig.c
index dc2be7ed1765..2f31e6a45f0a 100644
--- a/lib/digsig.c
+++ b/lib/digsig.c
@@ -30,11 +30,10 @@
30 30
31static struct crypto_shash *shash; 31static struct crypto_shash *shash;
32 32
33static int pkcs_1_v1_5_decode_emsa(const unsigned char *msg, 33static const char *pkcs_1_v1_5_decode_emsa(const unsigned char *msg,
34 unsigned long msglen, 34 unsigned long msglen,
35 unsigned long modulus_bitlen, 35 unsigned long modulus_bitlen,
36 unsigned char *out, 36 unsigned long *outlen)
37 unsigned long *outlen)
38{ 37{
39 unsigned long modulus_len, ps_len, i; 38 unsigned long modulus_len, ps_len, i;
40 39
@@ -42,11 +41,11 @@ static int pkcs_1_v1_5_decode_emsa(const unsigned char *msg,
42 41
43 /* test message size */ 42 /* test message size */
44 if ((msglen > modulus_len) || (modulus_len < 11)) 43 if ((msglen > modulus_len) || (modulus_len < 11))
45 return -EINVAL; 44 return NULL;
46 45
47 /* separate encoded message */ 46 /* separate encoded message */
48 if ((msg[0] != 0x00) || (msg[1] != (unsigned char)1)) 47 if (msg[0] != 0x00 || msg[1] != 0x01)
49 return -EINVAL; 48 return NULL;
50 49
51 for (i = 2; i < modulus_len - 1; i++) 50 for (i = 2; i < modulus_len - 1; i++)
52 if (msg[i] != 0xFF) 51 if (msg[i] != 0xFF)
@@ -56,19 +55,13 @@ static int pkcs_1_v1_5_decode_emsa(const unsigned char *msg,
56 if (msg[i] != 0) 55 if (msg[i] != 0)
57 /* There was no octet with hexadecimal value 0x00 56 /* There was no octet with hexadecimal value 0x00
58 to separate ps from m. */ 57 to separate ps from m. */
59 return -EINVAL; 58 return NULL;
60 59
61 ps_len = i - 2; 60 ps_len = i - 2;
62 61
63 if (*outlen < (msglen - (2 + ps_len + 1))) {
64 *outlen = msglen - (2 + ps_len + 1);
65 return -EOVERFLOW;
66 }
67
68 *outlen = (msglen - (2 + ps_len + 1)); 62 *outlen = (msglen - (2 + ps_len + 1));
69 memcpy(out, &msg[2 + ps_len + 1], *outlen);
70 63
71 return 0; 64 return msg + 2 + ps_len + 1;
72} 65}
73 66
74/* 67/*
@@ -83,7 +76,8 @@ static int digsig_verify_rsa(struct key *key,
83 unsigned long mlen, mblen; 76 unsigned long mlen, mblen;
84 unsigned nret, l; 77 unsigned nret, l;
85 int head, i; 78 int head, i;
86 unsigned char *out1 = NULL, *out2 = NULL; 79 unsigned char *out1 = NULL;
80 const char *m;
87 MPI in = NULL, res = NULL, pkey[2]; 81 MPI in = NULL, res = NULL, pkey[2];
88 uint8_t *p, *datap, *endp; 82 uint8_t *p, *datap, *endp;
89 struct user_key_payload *ukp; 83 struct user_key_payload *ukp;
@@ -120,7 +114,7 @@ static int digsig_verify_rsa(struct key *key,
120 } 114 }
121 115
122 mblen = mpi_get_nbits(pkey[0]); 116 mblen = mpi_get_nbits(pkey[0]);
123 mlen = (mblen + 7)/8; 117 mlen = DIV_ROUND_UP(mblen, 8);
124 118
125 if (mlen == 0) 119 if (mlen == 0)
126 goto err; 120 goto err;
@@ -129,10 +123,6 @@ static int digsig_verify_rsa(struct key *key,
129 if (!out1) 123 if (!out1)
130 goto err; 124 goto err;
131 125
132 out2 = kzalloc(mlen, GFP_KERNEL);
133 if (!out2)
134 goto err;
135
136 nret = siglen; 126 nret = siglen;
137 in = mpi_read_from_buffer(sig, &nret); 127 in = mpi_read_from_buffer(sig, &nret);
138 if (!in) 128 if (!in)
@@ -164,18 +154,15 @@ static int digsig_verify_rsa(struct key *key,
164 154
165 kfree(p); 155 kfree(p);
166 156
167 err = pkcs_1_v1_5_decode_emsa(out1, len, mblen, out2, &len); 157 m = pkcs_1_v1_5_decode_emsa(out1, len, mblen, &len);
168 if (err)
169 goto err;
170 158
171 if (len != hlen || memcmp(out2, h, hlen)) 159 if (!m || len != hlen || memcmp(m, h, hlen))
172 err = -EINVAL; 160 err = -EINVAL;
173 161
174err: 162err:
175 mpi_free(in); 163 mpi_free(in);
176 mpi_free(res); 164 mpi_free(res);
177 kfree(out1); 165 kfree(out1);
178 kfree(out2);
179 while (--i >= 0) 166 while (--i >= 0)
180 mpi_free(pkey[i]); 167 mpi_free(pkey[i]);
181err1: 168err1:
diff --git a/lib/mpi/mpi-internal.h b/lib/mpi/mpi-internal.h
index 77adcf6bc257..60cf765628e9 100644
--- a/lib/mpi/mpi-internal.h
+++ b/lib/mpi/mpi-internal.h
@@ -65,10 +65,6 @@
65typedef mpi_limb_t *mpi_ptr_t; /* pointer to a limb */ 65typedef mpi_limb_t *mpi_ptr_t; /* pointer to a limb */
66typedef int mpi_size_t; /* (must be a signed type) */ 66typedef int mpi_size_t; /* (must be a signed type) */
67 67
68#define ABS(x) (x >= 0 ? x : -x)
69#define MIN(l, o) ((l) < (o) ? (l) : (o))
70#define MAX(h, i) ((h) > (i) ? (h) : (i))
71
72static inline int RESIZE_IF_NEEDED(MPI a, unsigned b) 68static inline int RESIZE_IF_NEEDED(MPI a, unsigned b)
73{ 69{
74 if (a->alloced < b) 70 if (a->alloced < b)
diff --git a/lib/mpi/mpicoder.c b/lib/mpi/mpicoder.c
index 3962b7f7fe3f..5f9c44cdf1f5 100644
--- a/lib/mpi/mpicoder.c
+++ b/lib/mpi/mpicoder.c
@@ -52,7 +52,7 @@ MPI mpi_read_raw_data(const void *xbuffer, size_t nbytes)
52 else 52 else
53 nbits = 0; 53 nbits = 0;
54 54
55 nlimbs = (nbytes + BYTES_PER_MPI_LIMB - 1) / BYTES_PER_MPI_LIMB; 55 nlimbs = DIV_ROUND_UP(nbytes, BYTES_PER_MPI_LIMB);
56 val = mpi_alloc(nlimbs); 56 val = mpi_alloc(nlimbs);
57 if (!val) 57 if (!val)
58 return NULL; 58 return NULL;
@@ -96,8 +96,8 @@ MPI mpi_read_from_buffer(const void *xbuffer, unsigned *ret_nread)
96 buffer += 2; 96 buffer += 2;
97 nread = 2; 97 nread = 2;
98 98
99 nbytes = (nbits + 7) / 8; 99 nbytes = DIV_ROUND_UP(nbits, 8);
100 nlimbs = (nbytes + BYTES_PER_MPI_LIMB - 1) / BYTES_PER_MPI_LIMB; 100 nlimbs = DIV_ROUND_UP(nbytes, BYTES_PER_MPI_LIMB);
101 val = mpi_alloc(nlimbs); 101 val = mpi_alloc(nlimbs);
102 if (!val) 102 if (!val)
103 return NULL; 103 return NULL;
@@ -193,7 +193,7 @@ int mpi_set_buffer(MPI a, const void *xbuffer, unsigned nbytes, int sign)
193 int nlimbs; 193 int nlimbs;
194 int i; 194 int i;
195 195
196 nlimbs = (nbytes + BYTES_PER_MPI_LIMB - 1) / BYTES_PER_MPI_LIMB; 196 nlimbs = DIV_ROUND_UP(nbytes, BYTES_PER_MPI_LIMB);
197 if (RESIZE_IF_NEEDED(a, nlimbs) < 0) 197 if (RESIZE_IF_NEEDED(a, nlimbs) < 0)
198 return -ENOMEM; 198 return -ENOMEM;
199 a->sign = sign; 199 a->sign = sign;
diff --git a/security/integrity/Kconfig b/security/integrity/Kconfig
index 5bd1cc1b4a54..4bb3a775a996 100644
--- a/security/integrity/Kconfig
+++ b/security/integrity/Kconfig
@@ -17,5 +17,17 @@ config INTEGRITY_SIGNATURE
17 This is useful for evm and module keyrings, when keys are 17 This is useful for evm and module keyrings, when keys are
18 usually only added from initramfs. 18 usually only added from initramfs.
19 19
20config INTEGRITY_ASYMMETRIC_KEYS
21 boolean "Enable asymmetric keys support"
22 depends on INTEGRITY_SIGNATURE
23 default n
24 select ASYMMETRIC_KEY_TYPE
25 select ASYMMETRIC_PUBLIC_KEY_SUBTYPE
26 select PUBLIC_KEY_ALGO_RSA
27 select X509_CERTIFICATE_PARSER
28 help
29 This option enables digital signature verification using
30 asymmetric keys.
31
20source security/integrity/ima/Kconfig 32source security/integrity/ima/Kconfig
21source security/integrity/evm/Kconfig 33source security/integrity/evm/Kconfig
diff --git a/security/integrity/Makefile b/security/integrity/Makefile
index d43799cc14f6..ebb6409b3fcb 100644
--- a/security/integrity/Makefile
+++ b/security/integrity/Makefile
@@ -4,6 +4,7 @@
4 4
5obj-$(CONFIG_INTEGRITY) += integrity.o 5obj-$(CONFIG_INTEGRITY) += integrity.o
6obj-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o 6obj-$(CONFIG_INTEGRITY_SIGNATURE) += digsig.o
7obj-$(CONFIG_INTEGRITY_ASYMMETRIC_KEYS) += digsig_asymmetric.o
7 8
8integrity-y := iint.o 9integrity-y := iint.o
9 10
diff --git a/security/integrity/digsig.c b/security/integrity/digsig.c
index 2dc167d7cde9..0b759e17a131 100644
--- a/security/integrity/digsig.c
+++ b/security/integrity/digsig.c
@@ -44,5 +44,14 @@ int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
44 } 44 }
45 } 45 }
46 46
47 return digsig_verify(keyring[id], sig, siglen, digest, digestlen); 47 switch (sig[0]) {
48 case 1:
49 return digsig_verify(keyring[id], sig, siglen,
50 digest, digestlen);
51 case 2:
52 return asymmetric_verify(keyring[id], sig, siglen,
53 digest, digestlen);
54 }
55
56 return -EOPNOTSUPP;
48} 57}
diff --git a/security/integrity/digsig_asymmetric.c b/security/integrity/digsig_asymmetric.c
new file mode 100644
index 000000000000..b4754667659d
--- /dev/null
+++ b/security/integrity/digsig_asymmetric.c
@@ -0,0 +1,115 @@
1/*
2 * Copyright (C) 2013 Intel Corporation
3 *
4 * Author:
5 * Dmitry Kasatkin <dmitry.kasatkin@intel.com>
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, version 2 of the License.
10 *
11 */
12
13#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
14
15#include <linux/err.h>
16#include <linux/key-type.h>
17#include <crypto/public_key.h>
18#include <keys/asymmetric-type.h>
19
20#include "integrity.h"
21
22/*
23 * signature format v2 - for using with asymmetric keys
24 */
25struct signature_v2_hdr {
26 uint8_t version; /* signature format version */
27 uint8_t hash_algo; /* Digest algorithm [enum pkey_hash_algo] */
28 uint32_t keyid; /* IMA key identifier - not X509/PGP specific*/
29 uint16_t sig_size; /* signature size */
30 uint8_t sig[0]; /* signature payload */
31} __packed;
32
33/*
34 * Request an asymmetric key.
35 */
36static struct key *request_asymmetric_key(struct key *keyring, uint32_t keyid)
37{
38 struct key *key;
39 char name[12];
40
41 sprintf(name, "id:%x", keyid);
42
43 pr_debug("key search: \"%s\"\n", name);
44
45 if (keyring) {
46 /* search in specific keyring */
47 key_ref_t kref;
48 kref = keyring_search(make_key_ref(keyring, 1),
49 &key_type_asymmetric, name);
50 if (IS_ERR(kref))
51 key = ERR_CAST(kref);
52 else
53 key = key_ref_to_ptr(kref);
54 } else {
55 key = request_key(&key_type_asymmetric, name, NULL);
56 }
57
58 if (IS_ERR(key)) {
59 pr_warn("Request for unknown key '%s' err %ld\n",
60 name, PTR_ERR(key));
61 switch (PTR_ERR(key)) {
62 /* Hide some search errors */
63 case -EACCES:
64 case -ENOTDIR:
65 case -EAGAIN:
66 return ERR_PTR(-ENOKEY);
67 default:
68 return key;
69 }
70 }
71
72 pr_debug("%s() = 0 [%x]\n", __func__, key_serial(key));
73
74 return key;
75}
76
77int asymmetric_verify(struct key *keyring, const char *sig,
78 int siglen, const char *data, int datalen)
79{
80 struct public_key_signature pks;
81 struct signature_v2_hdr *hdr = (struct signature_v2_hdr *)sig;
82 struct key *key;
83 int ret = -ENOMEM;
84
85 if (siglen <= sizeof(*hdr))
86 return -EBADMSG;
87
88 siglen -= sizeof(*hdr);
89
90 if (siglen != __be16_to_cpu(hdr->sig_size))
91 return -EBADMSG;
92
93 if (hdr->hash_algo >= PKEY_HASH__LAST)
94 return -ENOPKG;
95
96 key = request_asymmetric_key(keyring, __be32_to_cpu(hdr->keyid));
97 if (IS_ERR(key))
98 return PTR_ERR(key);
99
100 memset(&pks, 0, sizeof(pks));
101
102 pks.pkey_hash_algo = hdr->hash_algo;
103 pks.digest = (u8 *)data;
104 pks.digest_size = datalen;
105 pks.nr_mpi = 1;
106 pks.rsa.s = mpi_read_raw_data(hdr->sig, siglen);
107
108 if (pks.rsa.s)
109 ret = verify_signature(key, &pks);
110
111 mpi_free(pks.rsa.s);
112 key_put(key);
113 pr_debug("%s() = %d\n", __func__, ret);
114 return ret;
115}
diff --git a/security/integrity/evm/Kconfig b/security/integrity/evm/Kconfig
index afbb59dd262d..fea9749c3756 100644
--- a/security/integrity/evm/Kconfig
+++ b/security/integrity/evm/Kconfig
@@ -11,3 +11,16 @@ config EVM
11 integrity attacks. 11 integrity attacks.
12 12
13 If you are unsure how to answer this question, answer N. 13 If you are unsure how to answer this question, answer N.
14
15config EVM_HMAC_VERSION
16 int "EVM HMAC version"
17 depends on EVM
18 default 2
19 help
20 This options adds EVM HMAC version support.
21 1 - original version
22 2 - add per filesystem unique identifier (UUID) (default)
23
24 WARNING: changing the HMAC calculation method or adding
25 additional info to the calculation, requires existing EVM
26 labeled file systems to be relabeled.
diff --git a/security/integrity/evm/evm.h b/security/integrity/evm/evm.h
index c885247ebcf7..30bd1ec0232e 100644
--- a/security/integrity/evm/evm.h
+++ b/security/integrity/evm/evm.h
@@ -24,6 +24,7 @@
24extern int evm_initialized; 24extern int evm_initialized;
25extern char *evm_hmac; 25extern char *evm_hmac;
26extern char *evm_hash; 26extern char *evm_hash;
27extern int evm_hmac_version;
27 28
28extern struct crypto_shash *hmac_tfm; 29extern struct crypto_shash *hmac_tfm;
29extern struct crypto_shash *hash_tfm; 30extern struct crypto_shash *hash_tfm;
@@ -45,6 +46,5 @@ extern int evm_calc_hash(struct dentry *dentry, const char *req_xattr_name,
45extern int evm_init_hmac(struct inode *inode, const struct xattr *xattr, 46extern int evm_init_hmac(struct inode *inode, const struct xattr *xattr,
46 char *hmac_val); 47 char *hmac_val);
47extern int evm_init_secfs(void); 48extern int evm_init_secfs(void);
48extern void evm_cleanup_secfs(void);
49 49
50#endif 50#endif
diff --git a/security/integrity/evm/evm_crypto.c b/security/integrity/evm/evm_crypto.c
index 7dd538ef5b83..3bab89eb21d6 100644
--- a/security/integrity/evm/evm_crypto.c
+++ b/security/integrity/evm/evm_crypto.c
@@ -110,6 +110,9 @@ static void hmac_add_misc(struct shash_desc *desc, struct inode *inode,
110 hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid); 110 hmac_misc.gid = from_kgid(&init_user_ns, inode->i_gid);
111 hmac_misc.mode = inode->i_mode; 111 hmac_misc.mode = inode->i_mode;
112 crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof hmac_misc); 112 crypto_shash_update(desc, (const u8 *)&hmac_misc, sizeof hmac_misc);
113 if (evm_hmac_version > 1)
114 crypto_shash_update(desc, inode->i_sb->s_uuid,
115 sizeof(inode->i_sb->s_uuid));
113 crypto_shash_final(desc, digest); 116 crypto_shash_final(desc, digest);
114} 117}
115 118
diff --git a/security/integrity/evm/evm_main.c b/security/integrity/evm/evm_main.c
index eb5484504f50..cdbde1762189 100644
--- a/security/integrity/evm/evm_main.c
+++ b/security/integrity/evm/evm_main.c
@@ -26,6 +26,7 @@ int evm_initialized;
26 26
27char *evm_hmac = "hmac(sha1)"; 27char *evm_hmac = "hmac(sha1)";
28char *evm_hash = "sha1"; 28char *evm_hash = "sha1";
29int evm_hmac_version = CONFIG_EVM_HMAC_VERSION;
29 30
30char *evm_config_xattrnames[] = { 31char *evm_config_xattrnames[] = {
31#ifdef CONFIG_SECURITY_SELINUX 32#ifdef CONFIG_SECURITY_SELINUX
@@ -427,15 +428,6 @@ err:
427 return error; 428 return error;
428} 429}
429 430
430static void __exit cleanup_evm(void)
431{
432 evm_cleanup_secfs();
433 if (hmac_tfm)
434 crypto_free_shash(hmac_tfm);
435 if (hash_tfm)
436 crypto_free_shash(hash_tfm);
437}
438
439/* 431/*
440 * evm_display_config - list the EVM protected security extended attributes 432 * evm_display_config - list the EVM protected security extended attributes
441 */ 433 */
diff --git a/security/integrity/evm/evm_secfs.c b/security/integrity/evm/evm_secfs.c
index ac7629950578..30f670ad6ac3 100644
--- a/security/integrity/evm/evm_secfs.c
+++ b/security/integrity/evm/evm_secfs.c
@@ -100,9 +100,3 @@ int __init evm_init_secfs(void)
100 error = -EFAULT; 100 error = -EFAULT;
101 return error; 101 return error;
102} 102}
103
104void __exit evm_cleanup_secfs(void)
105{
106 if (evm_init_tpm)
107 securityfs_remove(evm_init_tpm);
108}
diff --git a/security/integrity/iint.c b/security/integrity/iint.c
index d82a5a13d855..74522dbd10a6 100644
--- a/security/integrity/iint.c
+++ b/security/integrity/iint.c
@@ -72,7 +72,10 @@ static void iint_free(struct integrity_iint_cache *iint)
72{ 72{
73 iint->version = 0; 73 iint->version = 0;
74 iint->flags = 0UL; 74 iint->flags = 0UL;
75 iint->ima_status = INTEGRITY_UNKNOWN; 75 iint->ima_file_status = INTEGRITY_UNKNOWN;
76 iint->ima_mmap_status = INTEGRITY_UNKNOWN;
77 iint->ima_bprm_status = INTEGRITY_UNKNOWN;
78 iint->ima_module_status = INTEGRITY_UNKNOWN;
76 iint->evm_status = INTEGRITY_UNKNOWN; 79 iint->evm_status = INTEGRITY_UNKNOWN;
77 kmem_cache_free(iint_cache, iint); 80 kmem_cache_free(iint_cache, iint);
78} 81}
@@ -149,7 +152,10 @@ static void init_once(void *foo)
149 memset(iint, 0, sizeof *iint); 152 memset(iint, 0, sizeof *iint);
150 iint->version = 0; 153 iint->version = 0;
151 iint->flags = 0UL; 154 iint->flags = 0UL;
152 iint->ima_status = INTEGRITY_UNKNOWN; 155 iint->ima_file_status = INTEGRITY_UNKNOWN;
156 iint->ima_mmap_status = INTEGRITY_UNKNOWN;
157 iint->ima_bprm_status = INTEGRITY_UNKNOWN;
158 iint->ima_module_status = INTEGRITY_UNKNOWN;
153 iint->evm_status = INTEGRITY_UNKNOWN; 159 iint->evm_status = INTEGRITY_UNKNOWN;
154} 160}
155 161
diff --git a/security/integrity/ima/ima.h b/security/integrity/ima/ima.h
index 079a85dc37b2..a41c9c18e5e0 100644
--- a/security/integrity/ima/ima.h
+++ b/security/integrity/ima/ima.h
@@ -84,11 +84,12 @@ void ima_fs_cleanup(void);
84int ima_inode_alloc(struct inode *inode); 84int ima_inode_alloc(struct inode *inode);
85int ima_add_template_entry(struct ima_template_entry *entry, int violation, 85int ima_add_template_entry(struct ima_template_entry *entry, int violation,
86 const char *op, struct inode *inode); 86 const char *op, struct inode *inode);
87int ima_calc_hash(struct file *file, char *digest); 87int ima_calc_file_hash(struct file *file, char *digest);
88int ima_calc_template_hash(int template_len, void *template, char *digest); 88int ima_calc_buffer_hash(const void *data, int len, char *digest);
89int ima_calc_boot_aggregate(char *digest); 89int ima_calc_boot_aggregate(char *digest);
90void ima_add_violation(struct inode *inode, const unsigned char *filename, 90void ima_add_violation(struct inode *inode, const unsigned char *filename,
91 const char *op, const char *cause); 91 const char *op, const char *cause);
92int ima_init_crypto(void);
92 93
93/* 94/*
94 * used to protect h_table and sha_table 95 * used to protect h_table and sha_table
@@ -119,6 +120,7 @@ void ima_audit_measurement(struct integrity_iint_cache *iint,
119int ima_store_template(struct ima_template_entry *entry, int violation, 120int ima_store_template(struct ima_template_entry *entry, int violation,
120 struct inode *inode); 121 struct inode *inode);
121void ima_template_show(struct seq_file *m, void *e, enum ima_show_type show); 122void ima_template_show(struct seq_file *m, void *e, enum ima_show_type show);
123const char *ima_d_path(struct path *path, char **pathbuf);
122 124
123/* rbtree tree calls to lookup, insert, delete 125/* rbtree tree calls to lookup, insert, delete
124 * integrity data associated with an inode. 126 * integrity data associated with an inode.
@@ -127,7 +129,7 @@ struct integrity_iint_cache *integrity_iint_insert(struct inode *inode);
127struct integrity_iint_cache *integrity_iint_find(struct inode *inode); 129struct integrity_iint_cache *integrity_iint_find(struct inode *inode);
128 130
129/* IMA policy related functions */ 131/* IMA policy related functions */
130enum ima_hooks { FILE_CHECK = 1, FILE_MMAP, BPRM_CHECK, MODULE_CHECK, POST_SETATTR }; 132enum ima_hooks { FILE_CHECK = 1, MMAP_CHECK, BPRM_CHECK, MODULE_CHECK, POST_SETATTR };
131 133
132int ima_match_policy(struct inode *inode, enum ima_hooks func, int mask, 134int ima_match_policy(struct inode *inode, enum ima_hooks func, int mask,
133 int flags); 135 int flags);
@@ -142,13 +144,16 @@ void ima_delete_rules(void);
142#define IMA_APPRAISE_MODULES 0x04 144#define IMA_APPRAISE_MODULES 0x04
143 145
144#ifdef CONFIG_IMA_APPRAISE 146#ifdef CONFIG_IMA_APPRAISE
145int ima_appraise_measurement(struct integrity_iint_cache *iint, 147int ima_appraise_measurement(int func, struct integrity_iint_cache *iint,
146 struct file *file, const unsigned char *filename); 148 struct file *file, const unsigned char *filename);
147int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func); 149int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func);
148void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file); 150void ima_update_xattr(struct integrity_iint_cache *iint, struct file *file);
151enum integrity_status ima_get_cache_status(struct integrity_iint_cache *iint,
152 int func);
149 153
150#else 154#else
151static inline int ima_appraise_measurement(struct integrity_iint_cache *iint, 155static inline int ima_appraise_measurement(int func,
156 struct integrity_iint_cache *iint,
152 struct file *file, 157 struct file *file,
153 const unsigned char *filename) 158 const unsigned char *filename)
154{ 159{
@@ -165,6 +170,12 @@ static inline void ima_update_xattr(struct integrity_iint_cache *iint,
165 struct file *file) 170 struct file *file)
166{ 171{
167} 172}
173
174static inline enum integrity_status ima_get_cache_status(struct integrity_iint_cache
175 *iint, int func)
176{
177 return INTEGRITY_UNKNOWN;
178}
168#endif 179#endif
169 180
170/* LSM based policy rules require audit */ 181/* LSM based policy rules require audit */
diff --git a/security/integrity/ima/ima_api.c b/security/integrity/ima/ima_api.c
index 0cea3db21657..d9030b29d84d 100644
--- a/security/integrity/ima/ima_api.c
+++ b/security/integrity/ima/ima_api.c
@@ -50,8 +50,8 @@ int ima_store_template(struct ima_template_entry *entry,
50 entry->template_len = sizeof(entry->template); 50 entry->template_len = sizeof(entry->template);
51 51
52 if (!violation) { 52 if (!violation) {
53 result = ima_calc_template_hash(entry->template_len, 53 result = ima_calc_buffer_hash(&entry->template,
54 &entry->template, 54 entry->template_len,
55 entry->digest); 55 entry->digest);
56 if (result < 0) { 56 if (result < 0) {
57 integrity_audit_msg(AUDIT_INTEGRITY_PCR, inode, 57 integrity_audit_msg(AUDIT_INTEGRITY_PCR, inode,
@@ -100,12 +100,12 @@ err_out:
100 * ima_get_action - appraise & measure decision based on policy. 100 * ima_get_action - appraise & measure decision based on policy.
101 * @inode: pointer to inode to measure 101 * @inode: pointer to inode to measure
102 * @mask: contains the permission mask (MAY_READ, MAY_WRITE, MAY_EXECUTE) 102 * @mask: contains the permission mask (MAY_READ, MAY_WRITE, MAY_EXECUTE)
103 * @function: calling function (FILE_CHECK, BPRM_CHECK, FILE_MMAP, MODULE_CHECK) 103 * @function: calling function (FILE_CHECK, BPRM_CHECK, MMAP_CHECK, MODULE_CHECK)
104 * 104 *
105 * The policy is defined in terms of keypairs: 105 * The policy is defined in terms of keypairs:
106 * subj=, obj=, type=, func=, mask=, fsmagic= 106 * subj=, obj=, type=, func=, mask=, fsmagic=
107 * subj,obj, and type: are LSM specific. 107 * subj,obj, and type: are LSM specific.
108 * func: FILE_CHECK | BPRM_CHECK | FILE_MMAP | MODULE_CHECK 108 * func: FILE_CHECK | BPRM_CHECK | MMAP_CHECK | MODULE_CHECK
109 * mask: contains the permission mask 109 * mask: contains the permission mask
110 * fsmagic: hex value 110 * fsmagic: hex value
111 * 111 *
@@ -148,7 +148,7 @@ int ima_collect_measurement(struct integrity_iint_cache *iint,
148 u64 i_version = file->f_dentry->d_inode->i_version; 148 u64 i_version = file->f_dentry->d_inode->i_version;
149 149
150 iint->ima_xattr.type = IMA_XATTR_DIGEST; 150 iint->ima_xattr.type = IMA_XATTR_DIGEST;
151 result = ima_calc_hash(file, iint->ima_xattr.digest); 151 result = ima_calc_file_hash(file, iint->ima_xattr.digest);
152 if (!result) { 152 if (!result) {
153 iint->version = i_version; 153 iint->version = i_version;
154 iint->flags |= IMA_COLLECTED; 154 iint->flags |= IMA_COLLECTED;
@@ -237,3 +237,20 @@ void ima_audit_measurement(struct integrity_iint_cache *iint,
237 237
238 iint->flags |= IMA_AUDITED; 238 iint->flags |= IMA_AUDITED;
239} 239}
240
241const char *ima_d_path(struct path *path, char **pathbuf)
242{
243 char *pathname = NULL;
244
245 /* We will allow 11 spaces for ' (deleted)' to be appended */
246 *pathbuf = kmalloc(PATH_MAX + 11, GFP_KERNEL);
247 if (*pathbuf) {
248 pathname = d_path(path, *pathbuf, PATH_MAX + 11);
249 if (IS_ERR(pathname)) {
250 kfree(*pathbuf);
251 *pathbuf = NULL;
252 pathname = NULL;
253 }
254 }
255 return pathname;
256}
diff --git a/security/integrity/ima/ima_appraise.c b/security/integrity/ima/ima_appraise.c
index bdc8ba1d1d27..2d4becab8918 100644
--- a/security/integrity/ima/ima_appraise.c
+++ b/security/integrity/ima/ima_appraise.c
@@ -42,12 +42,69 @@ int ima_must_appraise(struct inode *inode, int mask, enum ima_hooks func)
42 return ima_match_policy(inode, func, mask, IMA_APPRAISE); 42 return ima_match_policy(inode, func, mask, IMA_APPRAISE);
43} 43}
44 44
45static void ima_fix_xattr(struct dentry *dentry, 45static int ima_fix_xattr(struct dentry *dentry,
46 struct integrity_iint_cache *iint) 46 struct integrity_iint_cache *iint)
47{ 47{
48 iint->ima_xattr.type = IMA_XATTR_DIGEST; 48 iint->ima_xattr.type = IMA_XATTR_DIGEST;
49 __vfs_setxattr_noperm(dentry, XATTR_NAME_IMA, (u8 *)&iint->ima_xattr, 49 return __vfs_setxattr_noperm(dentry, XATTR_NAME_IMA,
50 sizeof iint->ima_xattr, 0); 50 (u8 *)&iint->ima_xattr,
51 sizeof(iint->ima_xattr), 0);
52}
53
54/* Return specific func appraised cached result */
55enum integrity_status ima_get_cache_status(struct integrity_iint_cache *iint,
56 int func)
57{
58 switch(func) {
59 case MMAP_CHECK:
60 return iint->ima_mmap_status;
61 case BPRM_CHECK:
62 return iint->ima_bprm_status;
63 case MODULE_CHECK:
64 return iint->ima_module_status;
65 case FILE_CHECK:
66 default:
67 return iint->ima_file_status;
68 }
69}
70
71static void ima_set_cache_status(struct integrity_iint_cache *iint,
72 int func, enum integrity_status status)
73{
74 switch(func) {
75 case MMAP_CHECK:
76 iint->ima_mmap_status = status;
77 break;
78 case BPRM_CHECK:
79 iint->ima_bprm_status = status;
80 break;
81 case MODULE_CHECK:
82 iint->ima_module_status = status;
83 break;
84 case FILE_CHECK:
85 default:
86 iint->ima_file_status = status;
87 break;
88 }
89}
90
91static void ima_cache_flags(struct integrity_iint_cache *iint, int func)
92{
93 switch(func) {
94 case MMAP_CHECK:
95 iint->flags |= (IMA_MMAP_APPRAISED | IMA_APPRAISED);
96 break;
97 case BPRM_CHECK:
98 iint->flags |= (IMA_BPRM_APPRAISED | IMA_APPRAISED);
99 break;
100 case MODULE_CHECK:
101 iint->flags |= (IMA_MODULE_APPRAISED | IMA_APPRAISED);
102 break;
103 case FILE_CHECK:
104 default:
105 iint->flags |= (IMA_FILE_APPRAISED | IMA_APPRAISED);
106 break;
107 }
51} 108}
52 109
53/* 110/*
@@ -58,7 +115,7 @@ static void ima_fix_xattr(struct dentry *dentry,
58 * 115 *
59 * Return 0 on success, error code otherwise 116 * Return 0 on success, error code otherwise
60 */ 117 */
61int ima_appraise_measurement(struct integrity_iint_cache *iint, 118int ima_appraise_measurement(int func, struct integrity_iint_cache *iint,
62 struct file *file, const unsigned char *filename) 119 struct file *file, const unsigned char *filename)
63{ 120{
64 struct dentry *dentry = file->f_dentry; 121 struct dentry *dentry = file->f_dentry;
@@ -74,9 +131,6 @@ int ima_appraise_measurement(struct integrity_iint_cache *iint,
74 if (!inode->i_op->getxattr) 131 if (!inode->i_op->getxattr)
75 return INTEGRITY_UNKNOWN; 132 return INTEGRITY_UNKNOWN;
76 133
77 if (iint->flags & IMA_APPRAISED)
78 return iint->ima_status;
79
80 rc = vfs_getxattr_alloc(dentry, XATTR_NAME_IMA, (char **)&xattr_value, 134 rc = vfs_getxattr_alloc(dentry, XATTR_NAME_IMA, (char **)&xattr_value,
81 0, GFP_NOFS); 135 0, GFP_NOFS);
82 if (rc <= 0) { 136 if (rc <= 0) {
@@ -98,19 +152,18 @@ int ima_appraise_measurement(struct integrity_iint_cache *iint,
98 cause = "invalid-HMAC"; 152 cause = "invalid-HMAC";
99 goto out; 153 goto out;
100 } 154 }
101
102 switch (xattr_value->type) { 155 switch (xattr_value->type) {
103 case IMA_XATTR_DIGEST: 156 case IMA_XATTR_DIGEST:
157 if (iint->flags & IMA_DIGSIG_REQUIRED) {
158 cause = "IMA signature required";
159 status = INTEGRITY_FAIL;
160 break;
161 }
104 rc = memcmp(xattr_value->digest, iint->ima_xattr.digest, 162 rc = memcmp(xattr_value->digest, iint->ima_xattr.digest,
105 IMA_DIGEST_SIZE); 163 IMA_DIGEST_SIZE);
106 if (rc) { 164 if (rc) {
107 cause = "invalid-hash"; 165 cause = "invalid-hash";
108 status = INTEGRITY_FAIL; 166 status = INTEGRITY_FAIL;
109 print_hex_dump_bytes("security.ima: ", DUMP_PREFIX_NONE,
110 xattr_value, sizeof(*xattr_value));
111 print_hex_dump_bytes("collected: ", DUMP_PREFIX_NONE,
112 (u8 *)&iint->ima_xattr,
113 sizeof iint->ima_xattr);
114 break; 167 break;
115 } 168 }
116 status = INTEGRITY_PASS; 169 status = INTEGRITY_PASS;
@@ -141,15 +194,15 @@ out:
141 if ((ima_appraise & IMA_APPRAISE_FIX) && 194 if ((ima_appraise & IMA_APPRAISE_FIX) &&
142 (!xattr_value || 195 (!xattr_value ||
143 xattr_value->type != EVM_IMA_XATTR_DIGSIG)) { 196 xattr_value->type != EVM_IMA_XATTR_DIGSIG)) {
144 ima_fix_xattr(dentry, iint); 197 if (!ima_fix_xattr(dentry, iint))
145 status = INTEGRITY_PASS; 198 status = INTEGRITY_PASS;
146 } 199 }
147 integrity_audit_msg(AUDIT_INTEGRITY_DATA, inode, filename, 200 integrity_audit_msg(AUDIT_INTEGRITY_DATA, inode, filename,
148 op, cause, rc, 0); 201 op, cause, rc, 0);
149 } else { 202 } else {
150 iint->flags |= IMA_APPRAISED; 203 ima_cache_flags(iint, func);
151 } 204 }
152 iint->ima_status = status; 205 ima_set_cache_status(iint, func, status);
153 kfree(xattr_value); 206 kfree(xattr_value);
154 return status; 207 return status;
155} 208}
@@ -195,10 +248,11 @@ void ima_inode_post_setattr(struct dentry *dentry)
195 must_appraise = ima_must_appraise(inode, MAY_ACCESS, POST_SETATTR); 248 must_appraise = ima_must_appraise(inode, MAY_ACCESS, POST_SETATTR);
196 iint = integrity_iint_find(inode); 249 iint = integrity_iint_find(inode);
197 if (iint) { 250 if (iint) {
251 iint->flags &= ~(IMA_APPRAISE | IMA_APPRAISED |
252 IMA_APPRAISE_SUBMASK | IMA_APPRAISED_SUBMASK |
253 IMA_ACTION_FLAGS);
198 if (must_appraise) 254 if (must_appraise)
199 iint->flags |= IMA_APPRAISE; 255 iint->flags |= IMA_APPRAISE;
200 else
201 iint->flags &= ~(IMA_APPRAISE | IMA_APPRAISED);
202 } 256 }
203 if (!must_appraise) 257 if (!must_appraise)
204 rc = inode->i_op->removexattr(dentry, XATTR_NAME_IMA); 258 rc = inode->i_op->removexattr(dentry, XATTR_NAME_IMA);
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index b21ee5b5495a..b691e0f3830c 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -19,38 +19,41 @@
19#include <linux/scatterlist.h> 19#include <linux/scatterlist.h>
20#include <linux/err.h> 20#include <linux/err.h>
21#include <linux/slab.h> 21#include <linux/slab.h>
22#include <crypto/hash.h>
22#include "ima.h" 23#include "ima.h"
23 24
24static int init_desc(struct hash_desc *desc) 25static struct crypto_shash *ima_shash_tfm;
26
27int ima_init_crypto(void)
25{ 28{
26 int rc; 29 long rc;
27 30
28 desc->tfm = crypto_alloc_hash(ima_hash, 0, CRYPTO_ALG_ASYNC); 31 ima_shash_tfm = crypto_alloc_shash(ima_hash, 0, 0);
29 if (IS_ERR(desc->tfm)) { 32 if (IS_ERR(ima_shash_tfm)) {
30 pr_info("IMA: failed to load %s transform: %ld\n", 33 rc = PTR_ERR(ima_shash_tfm);
31 ima_hash, PTR_ERR(desc->tfm)); 34 pr_err("Can not allocate %s (reason: %ld)\n", ima_hash, rc);
32 rc = PTR_ERR(desc->tfm);
33 return rc; 35 return rc;
34 } 36 }
35 desc->flags = 0; 37 return 0;
36 rc = crypto_hash_init(desc);
37 if (rc)
38 crypto_free_hash(desc->tfm);
39 return rc;
40} 38}
41 39
42/* 40/*
43 * Calculate the MD5/SHA1 file digest 41 * Calculate the MD5/SHA1 file digest
44 */ 42 */
45int ima_calc_hash(struct file *file, char *digest) 43int ima_calc_file_hash(struct file *file, char *digest)
46{ 44{
47 struct hash_desc desc;
48 struct scatterlist sg[1];
49 loff_t i_size, offset = 0; 45 loff_t i_size, offset = 0;
50 char *rbuf; 46 char *rbuf;
51 int rc, read = 0; 47 int rc, read = 0;
48 struct {
49 struct shash_desc shash;
50 char ctx[crypto_shash_descsize(ima_shash_tfm)];
51 } desc;
52 52
53 rc = init_desc(&desc); 53 desc.shash.tfm = ima_shash_tfm;
54 desc.shash.flags = 0;
55
56 rc = crypto_shash_init(&desc.shash);
54 if (rc != 0) 57 if (rc != 0)
55 return rc; 58 return rc;
56 59
@@ -75,41 +78,34 @@ int ima_calc_hash(struct file *file, char *digest)
75 if (rbuf_len == 0) 78 if (rbuf_len == 0)
76 break; 79 break;
77 offset += rbuf_len; 80 offset += rbuf_len;
78 sg_init_one(sg, rbuf, rbuf_len);
79 81
80 rc = crypto_hash_update(&desc, sg, rbuf_len); 82 rc = crypto_shash_update(&desc.shash, rbuf, rbuf_len);
81 if (rc) 83 if (rc)
82 break; 84 break;
83 } 85 }
84 kfree(rbuf); 86 kfree(rbuf);
85 if (!rc) 87 if (!rc)
86 rc = crypto_hash_final(&desc, digest); 88 rc = crypto_shash_final(&desc.shash, digest);
87 if (read) 89 if (read)
88 file->f_mode &= ~FMODE_READ; 90 file->f_mode &= ~FMODE_READ;
89out: 91out:
90 crypto_free_hash(desc.tfm);
91 return rc; 92 return rc;
92} 93}
93 94
94/* 95/*
95 * Calculate the hash of a given template 96 * Calculate the hash of a given buffer
96 */ 97 */
97int ima_calc_template_hash(int template_len, void *template, char *digest) 98int ima_calc_buffer_hash(const void *data, int len, char *digest)
98{ 99{
99 struct hash_desc desc; 100 struct {
100 struct scatterlist sg[1]; 101 struct shash_desc shash;
101 int rc; 102 char ctx[crypto_shash_descsize(ima_shash_tfm)];
103 } desc;
102 104
103 rc = init_desc(&desc); 105 desc.shash.tfm = ima_shash_tfm;
104 if (rc != 0) 106 desc.shash.flags = 0;
105 return rc;
106 107
107 sg_init_one(sg, template, template_len); 108 return crypto_shash_digest(&desc.shash, data, len, digest);
108 rc = crypto_hash_update(&desc, sg, template_len);
109 if (!rc)
110 rc = crypto_hash_final(&desc, digest);
111 crypto_free_hash(desc.tfm);
112 return rc;
113} 109}
114 110
115static void __init ima_pcrread(int idx, u8 *pcr) 111static void __init ima_pcrread(int idx, u8 *pcr)
@@ -126,12 +122,17 @@ static void __init ima_pcrread(int idx, u8 *pcr)
126 */ 122 */
127int __init ima_calc_boot_aggregate(char *digest) 123int __init ima_calc_boot_aggregate(char *digest)
128{ 124{
129 struct hash_desc desc;
130 struct scatterlist sg;
131 u8 pcr_i[IMA_DIGEST_SIZE]; 125 u8 pcr_i[IMA_DIGEST_SIZE];
132 int rc, i; 126 int rc, i;
127 struct {
128 struct shash_desc shash;
129 char ctx[crypto_shash_descsize(ima_shash_tfm)];
130 } desc;
131
132 desc.shash.tfm = ima_shash_tfm;
133 desc.shash.flags = 0;
133 134
134 rc = init_desc(&desc); 135 rc = crypto_shash_init(&desc.shash);
135 if (rc != 0) 136 if (rc != 0)
136 return rc; 137 return rc;
137 138
@@ -139,11 +140,9 @@ int __init ima_calc_boot_aggregate(char *digest)
139 for (i = TPM_PCR0; i < TPM_PCR8; i++) { 140 for (i = TPM_PCR0; i < TPM_PCR8; i++) {
140 ima_pcrread(i, pcr_i); 141 ima_pcrread(i, pcr_i);
141 /* now accumulate with current aggregate */ 142 /* now accumulate with current aggregate */
142 sg_init_one(&sg, pcr_i, IMA_DIGEST_SIZE); 143 rc = crypto_shash_update(&desc.shash, pcr_i, IMA_DIGEST_SIZE);
143 rc = crypto_hash_update(&desc, &sg, IMA_DIGEST_SIZE);
144 } 144 }
145 if (!rc) 145 if (!rc)
146 crypto_hash_final(&desc, digest); 146 crypto_shash_final(&desc.shash, digest);
147 crypto_free_hash(desc.tfm);
148 return rc; 147 return rc;
149} 148}
diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c
index b5dfd534f13d..162ea723db3d 100644
--- a/security/integrity/ima/ima_init.c
+++ b/security/integrity/ima/ima_init.c
@@ -85,6 +85,9 @@ int __init ima_init(void)
85 if (!ima_used_chip) 85 if (!ima_used_chip)
86 pr_info("IMA: No TPM chip found, activating TPM-bypass!\n"); 86 pr_info("IMA: No TPM chip found, activating TPM-bypass!\n");
87 87
88 rc = ima_init_crypto();
89 if (rc)
90 return rc;
88 ima_add_boot_aggregate(); /* boot aggregate must be first entry */ 91 ima_add_boot_aggregate(); /* boot aggregate must be first entry */
89 ima_init_policy(); 92 ima_init_policy();
90 93
diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
index dba965de90d3..5127afcc4b89 100644
--- a/security/integrity/ima/ima_main.c
+++ b/security/integrity/ima/ima_main.c
@@ -61,7 +61,8 @@ static void ima_rdwr_violation_check(struct file *file)
61 fmode_t mode = file->f_mode; 61 fmode_t mode = file->f_mode;
62 int must_measure; 62 int must_measure;
63 bool send_tomtou = false, send_writers = false; 63 bool send_tomtou = false, send_writers = false;
64 unsigned char *pathname = NULL, *pathbuf = NULL; 64 char *pathbuf = NULL;
65 const char *pathname;
65 66
66 if (!S_ISREG(inode->i_mode) || !ima_initialized) 67 if (!S_ISREG(inode->i_mode) || !ima_initialized)
67 return; 68 return;
@@ -86,22 +87,15 @@ out:
86 if (!send_tomtou && !send_writers) 87 if (!send_tomtou && !send_writers)
87 return; 88 return;
88 89
89 /* We will allow 11 spaces for ' (deleted)' to be appended */ 90 pathname = ima_d_path(&file->f_path, &pathbuf);
90 pathbuf = kmalloc(PATH_MAX + 11, GFP_KERNEL); 91 if (!pathname || strlen(pathname) > IMA_EVENT_NAME_LEN_MAX)
91 if (pathbuf) { 92 pathname = dentry->d_name.name;
92 pathname = d_path(&file->f_path, pathbuf, PATH_MAX + 11); 93
93 if (IS_ERR(pathname))
94 pathname = NULL;
95 else if (strlen(pathname) > IMA_EVENT_NAME_LEN_MAX)
96 pathname = NULL;
97 }
98 if (send_tomtou) 94 if (send_tomtou)
99 ima_add_violation(inode, 95 ima_add_violation(inode, pathname,
100 !pathname ? dentry->d_name.name : pathname,
101 "invalid_pcr", "ToMToU"); 96 "invalid_pcr", "ToMToU");
102 if (send_writers) 97 if (send_writers)
103 ima_add_violation(inode, 98 ima_add_violation(inode, pathname,
104 !pathname ? dentry->d_name.name : pathname,
105 "invalid_pcr", "open_writers"); 99 "invalid_pcr", "open_writers");
106 kfree(pathbuf); 100 kfree(pathbuf);
107} 101}
@@ -145,25 +139,31 @@ void ima_file_free(struct file *file)
145 ima_check_last_writer(iint, inode, file); 139 ima_check_last_writer(iint, inode, file);
146} 140}
147 141
148static int process_measurement(struct file *file, const unsigned char *filename, 142static int process_measurement(struct file *file, const char *filename,
149 int mask, int function) 143 int mask, int function)
150{ 144{
151 struct inode *inode = file->f_dentry->d_inode; 145 struct inode *inode = file->f_dentry->d_inode;
152 struct integrity_iint_cache *iint; 146 struct integrity_iint_cache *iint;
153 unsigned char *pathname = NULL, *pathbuf = NULL; 147 char *pathbuf = NULL;
154 int rc = -ENOMEM, action, must_appraise; 148 const char *pathname = NULL;
149 int rc = -ENOMEM, action, must_appraise, _func;
155 150
156 if (!ima_initialized || !S_ISREG(inode->i_mode)) 151 if (!ima_initialized || !S_ISREG(inode->i_mode))
157 return 0; 152 return 0;
158 153
159 /* Determine if in appraise/audit/measurement policy, 154 /* Return an IMA_MEASURE, IMA_APPRAISE, IMA_AUDIT action
160 * returns IMA_MEASURE, IMA_APPRAISE, IMA_AUDIT bitmask. */ 155 * bitmask based on the appraise/audit/measurement policy.
156 * Included is the appraise submask.
157 */
161 action = ima_get_action(inode, mask, function); 158 action = ima_get_action(inode, mask, function);
162 if (!action) 159 if (!action)
163 return 0; 160 return 0;
164 161
165 must_appraise = action & IMA_APPRAISE; 162 must_appraise = action & IMA_APPRAISE;
166 163
164 /* Is the appraise rule hook specific? */
165 _func = (action & IMA_FILE_APPRAISE) ? FILE_CHECK : function;
166
167 mutex_lock(&inode->i_mutex); 167 mutex_lock(&inode->i_mutex);
168 168
169 iint = integrity_inode_get(inode); 169 iint = integrity_inode_get(inode);
@@ -171,44 +171,45 @@ static int process_measurement(struct file *file, const unsigned char *filename,
171 goto out; 171 goto out;
172 172
173 /* Determine if already appraised/measured based on bitmask 173 /* Determine if already appraised/measured based on bitmask
174 * (IMA_MEASURE, IMA_MEASURED, IMA_APPRAISE, IMA_APPRAISED, 174 * (IMA_MEASURE, IMA_MEASURED, IMA_XXXX_APPRAISE, IMA_XXXX_APPRAISED,
175 * IMA_AUDIT, IMA_AUDITED) */ 175 * IMA_AUDIT, IMA_AUDITED)
176 */
176 iint->flags |= action; 177 iint->flags |= action;
178 action &= IMA_DO_MASK;
177 action &= ~((iint->flags & IMA_DONE_MASK) >> 1); 179 action &= ~((iint->flags & IMA_DONE_MASK) >> 1);
178 180
179 /* Nothing to do, just return existing appraised status */ 181 /* Nothing to do, just return existing appraised status */
180 if (!action) { 182 if (!action) {
181 if (iint->flags & IMA_APPRAISED) 183 if (must_appraise)
182 rc = iint->ima_status; 184 rc = ima_get_cache_status(iint, _func);
183 goto out; 185 goto out_digsig;
184 } 186 }
185 187
186 rc = ima_collect_measurement(iint, file); 188 rc = ima_collect_measurement(iint, file);
187 if (rc != 0) 189 if (rc != 0)
188 goto out; 190 goto out_digsig;
191
192 if (function != BPRM_CHECK)
193 pathname = ima_d_path(&file->f_path, &pathbuf);
194
195 if (!pathname)
196 pathname = filename;
189 197
190 if (function != BPRM_CHECK) {
191 /* We will allow 11 spaces for ' (deleted)' to be appended */
192 pathbuf = kmalloc(PATH_MAX + 11, GFP_KERNEL);
193 if (pathbuf) {
194 pathname =
195 d_path(&file->f_path, pathbuf, PATH_MAX + 11);
196 if (IS_ERR(pathname))
197 pathname = NULL;
198 }
199 }
200 if (action & IMA_MEASURE) 198 if (action & IMA_MEASURE)
201 ima_store_measurement(iint, file, 199 ima_store_measurement(iint, file, pathname);
202 !pathname ? filename : pathname); 200 if (action & IMA_APPRAISE_SUBMASK)
203 if (action & IMA_APPRAISE) 201 rc = ima_appraise_measurement(_func, iint, file, pathname);
204 rc = ima_appraise_measurement(iint, file,
205 !pathname ? filename : pathname);
206 if (action & IMA_AUDIT) 202 if (action & IMA_AUDIT)
207 ima_audit_measurement(iint, !pathname ? filename : pathname); 203 ima_audit_measurement(iint, pathname);
208 kfree(pathbuf); 204 kfree(pathbuf);
205out_digsig:
206 if ((mask & MAY_WRITE) && (iint->flags & IMA_DIGSIG))
207 rc = -EACCES;
209out: 208out:
210 mutex_unlock(&inode->i_mutex); 209 mutex_unlock(&inode->i_mutex);
211 return (rc && must_appraise) ? -EACCES : 0; 210 if ((rc && must_appraise) && (ima_appraise & IMA_APPRAISE_ENFORCE))
211 return -EACCES;
212 return 0;
212} 213}
213 214
214/** 215/**
@@ -219,19 +220,15 @@ out:
219 * Measure files being mmapped executable based on the ima_must_measure() 220 * Measure files being mmapped executable based on the ima_must_measure()
220 * policy decision. 221 * policy decision.
221 * 222 *
222 * Return 0 on success, an error code on failure. 223 * On success return 0. On integrity appraisal error, assuming the file
223 * (Based on the results of appraise_measurement().) 224 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
224 */ 225 */
225int ima_file_mmap(struct file *file, unsigned long prot) 226int ima_file_mmap(struct file *file, unsigned long prot)
226{ 227{
227 int rc = 0; 228 if (file && (prot & PROT_EXEC))
228 229 return process_measurement(file, file->f_dentry->d_name.name,
229 if (!file) 230 MAY_EXEC, MMAP_CHECK);
230 return 0; 231 return 0;
231 if (prot & PROT_EXEC)
232 rc = process_measurement(file, file->f_dentry->d_name.name,
233 MAY_EXEC, FILE_MMAP);
234 return (ima_appraise & IMA_APPRAISE_ENFORCE) ? rc : 0;
235} 232}
236 233
237/** 234/**
@@ -244,18 +241,15 @@ int ima_file_mmap(struct file *file, unsigned long prot)
244 * So we can be certain that what we verify and measure here is actually 241 * So we can be certain that what we verify and measure here is actually
245 * what is being executed. 242 * what is being executed.
246 * 243 *
247 * Return 0 on success, an error code on failure. 244 * On success return 0. On integrity appraisal error, assuming the file
248 * (Based on the results of appraise_measurement().) 245 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
249 */ 246 */
250int ima_bprm_check(struct linux_binprm *bprm) 247int ima_bprm_check(struct linux_binprm *bprm)
251{ 248{
252 int rc; 249 return process_measurement(bprm->file,
253
254 rc = process_measurement(bprm->file,
255 (strcmp(bprm->filename, bprm->interp) == 0) ? 250 (strcmp(bprm->filename, bprm->interp) == 0) ?
256 bprm->filename : bprm->interp, 251 bprm->filename : bprm->interp,
257 MAY_EXEC, BPRM_CHECK); 252 MAY_EXEC, BPRM_CHECK);
258 return (ima_appraise & IMA_APPRAISE_ENFORCE) ? rc : 0;
259} 253}
260 254
261/** 255/**
@@ -265,18 +259,15 @@ int ima_bprm_check(struct linux_binprm *bprm)
265 * 259 *
266 * Measure files based on the ima_must_measure() policy decision. 260 * Measure files based on the ima_must_measure() policy decision.
267 * 261 *
268 * Always return 0 and audit dentry_open failures. 262 * On success return 0. On integrity appraisal error, assuming the file
269 * (Return code will be based upon measurement appraisal.) 263 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
270 */ 264 */
271int ima_file_check(struct file *file, int mask) 265int ima_file_check(struct file *file, int mask)
272{ 266{
273 int rc;
274
275 ima_rdwr_violation_check(file); 267 ima_rdwr_violation_check(file);
276 rc = process_measurement(file, file->f_dentry->d_name.name, 268 return process_measurement(file, file->f_dentry->d_name.name,
277 mask & (MAY_READ | MAY_WRITE | MAY_EXEC), 269 mask & (MAY_READ | MAY_WRITE | MAY_EXEC),
278 FILE_CHECK); 270 FILE_CHECK);
279 return (ima_appraise & IMA_APPRAISE_ENFORCE) ? rc : 0;
280} 271}
281EXPORT_SYMBOL_GPL(ima_file_check); 272EXPORT_SYMBOL_GPL(ima_file_check);
282 273
@@ -286,23 +277,20 @@ EXPORT_SYMBOL_GPL(ima_file_check);
286 * 277 *
287 * Measure/appraise kernel modules based on policy. 278 * Measure/appraise kernel modules based on policy.
288 * 279 *
289 * Always return 0 and audit dentry_open failures. 280 * On success return 0. On integrity appraisal error, assuming the file
290 * Return code is based upon measurement appraisal. 281 * is in policy and IMA-appraisal is in enforcing mode, return -EACCES.
291 */ 282 */
292int ima_module_check(struct file *file) 283int ima_module_check(struct file *file)
293{ 284{
294 int rc = 0;
295
296 if (!file) { 285 if (!file) {
297 if (ima_appraise & IMA_APPRAISE_MODULES) {
298#ifndef CONFIG_MODULE_SIG_FORCE 286#ifndef CONFIG_MODULE_SIG_FORCE
299 rc = -EACCES; /* INTEGRITY_UNKNOWN */ 287 if (ima_appraise & IMA_APPRAISE_MODULES)
288 return -EACCES; /* INTEGRITY_UNKNOWN */
300#endif 289#endif
301 } 290 return 0; /* We rely on module signature checking */
302 } else 291 }
303 rc = process_measurement(file, file->f_dentry->d_name.name, 292 return process_measurement(file, file->f_dentry->d_name.name,
304 MAY_EXEC, MODULE_CHECK); 293 MAY_EXEC, MODULE_CHECK);
305 return (ima_appraise & IMA_APPRAISE_ENFORCE) ? rc : 0;
306} 294}
307 295
308static int __init init_ima(void) 296static int __init init_ima(void)
diff --git a/security/integrity/ima/ima_policy.c b/security/integrity/ima/ima_policy.c
index 479fca940bb5..b27535a13a79 100644
--- a/security/integrity/ima/ima_policy.c
+++ b/security/integrity/ima/ima_policy.c
@@ -16,6 +16,7 @@
16#include <linux/magic.h> 16#include <linux/magic.h>
17#include <linux/parser.h> 17#include <linux/parser.h>
18#include <linux/slab.h> 18#include <linux/slab.h>
19#include <linux/genhd.h>
19 20
20#include "ima.h" 21#include "ima.h"
21 22
@@ -25,6 +26,7 @@
25#define IMA_FSMAGIC 0x0004 26#define IMA_FSMAGIC 0x0004
26#define IMA_UID 0x0008 27#define IMA_UID 0x0008
27#define IMA_FOWNER 0x0010 28#define IMA_FOWNER 0x0010
29#define IMA_FSUUID 0x0020
28 30
29#define UNKNOWN 0 31#define UNKNOWN 0
30#define MEASURE 0x0001 /* same as IMA_MEASURE */ 32#define MEASURE 0x0001 /* same as IMA_MEASURE */
@@ -45,10 +47,12 @@ struct ima_rule_entry {
45 enum ima_hooks func; 47 enum ima_hooks func;
46 int mask; 48 int mask;
47 unsigned long fsmagic; 49 unsigned long fsmagic;
50 u8 fsuuid[16];
48 kuid_t uid; 51 kuid_t uid;
49 kuid_t fowner; 52 kuid_t fowner;
50 struct { 53 struct {
51 void *rule; /* LSM file metadata specific */ 54 void *rule; /* LSM file metadata specific */
55 void *args_p; /* audit value */
52 int type; /* audit type */ 56 int type; /* audit type */
53 } lsm[MAX_LSM_RULES]; 57 } lsm[MAX_LSM_RULES];
54}; 58};
@@ -74,7 +78,7 @@ static struct ima_rule_entry default_rules[] = {
74 {.action = DONT_MEASURE,.fsmagic = BINFMTFS_MAGIC,.flags = IMA_FSMAGIC}, 78 {.action = DONT_MEASURE,.fsmagic = BINFMTFS_MAGIC,.flags = IMA_FSMAGIC},
75 {.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC}, 79 {.action = DONT_MEASURE,.fsmagic = SECURITYFS_MAGIC,.flags = IMA_FSMAGIC},
76 {.action = DONT_MEASURE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC}, 80 {.action = DONT_MEASURE,.fsmagic = SELINUX_MAGIC,.flags = IMA_FSMAGIC},
77 {.action = MEASURE,.func = FILE_MMAP,.mask = MAY_EXEC, 81 {.action = MEASURE,.func = MMAP_CHECK,.mask = MAY_EXEC,
78 .flags = IMA_FUNC | IMA_MASK}, 82 .flags = IMA_FUNC | IMA_MASK},
79 {.action = MEASURE,.func = BPRM_CHECK,.mask = MAY_EXEC, 83 {.action = MEASURE,.func = BPRM_CHECK,.mask = MAY_EXEC,
80 .flags = IMA_FUNC | IMA_MASK}, 84 .flags = IMA_FUNC | IMA_MASK},
@@ -119,6 +123,35 @@ static int __init default_appraise_policy_setup(char *str)
119} 123}
120__setup("ima_appraise_tcb", default_appraise_policy_setup); 124__setup("ima_appraise_tcb", default_appraise_policy_setup);
121 125
126/*
127 * Although the IMA policy does not change, the LSM policy can be
128 * reloaded, leaving the IMA LSM based rules referring to the old,
129 * stale LSM policy.
130 *
131 * Update the IMA LSM based rules to reflect the reloaded LSM policy.
132 * We assume the rules still exist; and BUG_ON() if they don't.
133 */
134static void ima_lsm_update_rules(void)
135{
136 struct ima_rule_entry *entry, *tmp;
137 int result;
138 int i;
139
140 mutex_lock(&ima_rules_mutex);
141 list_for_each_entry_safe(entry, tmp, &ima_policy_rules, list) {
142 for (i = 0; i < MAX_LSM_RULES; i++) {
143 if (!entry->lsm[i].rule)
144 continue;
145 result = security_filter_rule_init(entry->lsm[i].type,
146 Audit_equal,
147 entry->lsm[i].args_p,
148 &entry->lsm[i].rule);
149 BUG_ON(!entry->lsm[i].rule);
150 }
151 }
152 mutex_unlock(&ima_rules_mutex);
153}
154
122/** 155/**
123 * ima_match_rules - determine whether an inode matches the measure rule. 156 * ima_match_rules - determine whether an inode matches the measure rule.
124 * @rule: a pointer to a rule 157 * @rule: a pointer to a rule
@@ -142,6 +175,9 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
142 if ((rule->flags & IMA_FSMAGIC) 175 if ((rule->flags & IMA_FSMAGIC)
143 && rule->fsmagic != inode->i_sb->s_magic) 176 && rule->fsmagic != inode->i_sb->s_magic)
144 return false; 177 return false;
178 if ((rule->flags & IMA_FSUUID) &&
179 memcmp(rule->fsuuid, inode->i_sb->s_uuid, sizeof(rule->fsuuid)))
180 return false;
145 if ((rule->flags & IMA_UID) && !uid_eq(rule->uid, cred->uid)) 181 if ((rule->flags & IMA_UID) && !uid_eq(rule->uid, cred->uid))
146 return false; 182 return false;
147 if ((rule->flags & IMA_FOWNER) && !uid_eq(rule->fowner, inode->i_uid)) 183 if ((rule->flags & IMA_FOWNER) && !uid_eq(rule->fowner, inode->i_uid))
@@ -149,10 +185,11 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
149 for (i = 0; i < MAX_LSM_RULES; i++) { 185 for (i = 0; i < MAX_LSM_RULES; i++) {
150 int rc = 0; 186 int rc = 0;
151 u32 osid, sid; 187 u32 osid, sid;
188 int retried = 0;
152 189
153 if (!rule->lsm[i].rule) 190 if (!rule->lsm[i].rule)
154 continue; 191 continue;
155 192retry:
156 switch (i) { 193 switch (i) {
157 case LSM_OBJ_USER: 194 case LSM_OBJ_USER:
158 case LSM_OBJ_ROLE: 195 case LSM_OBJ_ROLE:
@@ -176,12 +213,39 @@ static bool ima_match_rules(struct ima_rule_entry *rule,
176 default: 213 default:
177 break; 214 break;
178 } 215 }
216 if ((rc < 0) && (!retried)) {
217 retried = 1;
218 ima_lsm_update_rules();
219 goto retry;
220 }
179 if (!rc) 221 if (!rc)
180 return false; 222 return false;
181 } 223 }
182 return true; 224 return true;
183} 225}
184 226
227/*
228 * In addition to knowing that we need to appraise the file in general,
229 * we need to differentiate between calling hooks, for hook specific rules.
230 */
231static int get_subaction(struct ima_rule_entry *rule, int func)
232{
233 if (!(rule->flags & IMA_FUNC))
234 return IMA_FILE_APPRAISE;
235
236 switch(func) {
237 case MMAP_CHECK:
238 return IMA_MMAP_APPRAISE;
239 case BPRM_CHECK:
240 return IMA_BPRM_APPRAISE;
241 case MODULE_CHECK:
242 return IMA_MODULE_APPRAISE;
243 case FILE_CHECK:
244 default:
245 return IMA_FILE_APPRAISE;
246 }
247}
248
185/** 249/**
186 * ima_match_policy - decision based on LSM and other conditions 250 * ima_match_policy - decision based on LSM and other conditions
187 * @inode: pointer to an inode for which the policy decision is being made 251 * @inode: pointer to an inode for which the policy decision is being made
@@ -209,7 +273,12 @@ int ima_match_policy(struct inode *inode, enum ima_hooks func, int mask,
209 if (!ima_match_rules(entry, inode, func, mask)) 273 if (!ima_match_rules(entry, inode, func, mask))
210 continue; 274 continue;
211 275
276 action |= entry->flags & IMA_ACTION_FLAGS;
277
212 action |= entry->action & IMA_DO_MASK; 278 action |= entry->action & IMA_DO_MASK;
279 if (entry->action & IMA_APPRAISE)
280 action |= get_subaction(entry, func);
281
213 if (entry->action & IMA_DO_MASK) 282 if (entry->action & IMA_DO_MASK)
214 actmask &= ~(entry->action | entry->action << 1); 283 actmask &= ~(entry->action | entry->action << 1);
215 else 284 else
@@ -282,7 +351,8 @@ enum {
282 Opt_audit, 351 Opt_audit,
283 Opt_obj_user, Opt_obj_role, Opt_obj_type, 352 Opt_obj_user, Opt_obj_role, Opt_obj_type,
284 Opt_subj_user, Opt_subj_role, Opt_subj_type, 353 Opt_subj_user, Opt_subj_role, Opt_subj_type,
285 Opt_func, Opt_mask, Opt_fsmagic, Opt_uid, Opt_fowner 354 Opt_func, Opt_mask, Opt_fsmagic, Opt_uid, Opt_fowner,
355 Opt_appraise_type, Opt_fsuuid
286}; 356};
287 357
288static match_table_t policy_tokens = { 358static match_table_t policy_tokens = {
@@ -300,25 +370,35 @@ static match_table_t policy_tokens = {
300 {Opt_func, "func=%s"}, 370 {Opt_func, "func=%s"},
301 {Opt_mask, "mask=%s"}, 371 {Opt_mask, "mask=%s"},
302 {Opt_fsmagic, "fsmagic=%s"}, 372 {Opt_fsmagic, "fsmagic=%s"},
373 {Opt_fsuuid, "fsuuid=%s"},
303 {Opt_uid, "uid=%s"}, 374 {Opt_uid, "uid=%s"},
304 {Opt_fowner, "fowner=%s"}, 375 {Opt_fowner, "fowner=%s"},
376 {Opt_appraise_type, "appraise_type=%s"},
305 {Opt_err, NULL} 377 {Opt_err, NULL}
306}; 378};
307 379
308static int ima_lsm_rule_init(struct ima_rule_entry *entry, 380static int ima_lsm_rule_init(struct ima_rule_entry *entry,
309 char *args, int lsm_rule, int audit_type) 381 substring_t *args, int lsm_rule, int audit_type)
310{ 382{
311 int result; 383 int result;
312 384
313 if (entry->lsm[lsm_rule].rule) 385 if (entry->lsm[lsm_rule].rule)
314 return -EINVAL; 386 return -EINVAL;
315 387
388 entry->lsm[lsm_rule].args_p = match_strdup(args);
389 if (!entry->lsm[lsm_rule].args_p)
390 return -ENOMEM;
391
316 entry->lsm[lsm_rule].type = audit_type; 392 entry->lsm[lsm_rule].type = audit_type;
317 result = security_filter_rule_init(entry->lsm[lsm_rule].type, 393 result = security_filter_rule_init(entry->lsm[lsm_rule].type,
318 Audit_equal, args, 394 Audit_equal,
395 entry->lsm[lsm_rule].args_p,
319 &entry->lsm[lsm_rule].rule); 396 &entry->lsm[lsm_rule].rule);
320 if (!entry->lsm[lsm_rule].rule) 397 if (!entry->lsm[lsm_rule].rule) {
398 kfree(entry->lsm[lsm_rule].args_p);
321 return -EINVAL; 399 return -EINVAL;
400 }
401
322 return result; 402 return result;
323} 403}
324 404
@@ -404,8 +484,9 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
404 entry->func = FILE_CHECK; 484 entry->func = FILE_CHECK;
405 else if (strcmp(args[0].from, "MODULE_CHECK") == 0) 485 else if (strcmp(args[0].from, "MODULE_CHECK") == 0)
406 entry->func = MODULE_CHECK; 486 entry->func = MODULE_CHECK;
407 else if (strcmp(args[0].from, "FILE_MMAP") == 0) 487 else if ((strcmp(args[0].from, "FILE_MMAP") == 0)
408 entry->func = FILE_MMAP; 488 || (strcmp(args[0].from, "MMAP_CHECK") == 0))
489 entry->func = MMAP_CHECK;
409 else if (strcmp(args[0].from, "BPRM_CHECK") == 0) 490 else if (strcmp(args[0].from, "BPRM_CHECK") == 0)
410 entry->func = BPRM_CHECK; 491 entry->func = BPRM_CHECK;
411 else 492 else
@@ -445,6 +526,19 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
445 if (!result) 526 if (!result)
446 entry->flags |= IMA_FSMAGIC; 527 entry->flags |= IMA_FSMAGIC;
447 break; 528 break;
529 case Opt_fsuuid:
530 ima_log_string(ab, "fsuuid", args[0].from);
531
532 if (memchr_inv(entry->fsuuid, 0x00,
533 sizeof(entry->fsuuid))) {
534 result = -EINVAL;
535 break;
536 }
537
538 part_pack_uuid(args[0].from, entry->fsuuid);
539 entry->flags |= IMA_FSUUID;
540 result = 0;
541 break;
448 case Opt_uid: 542 case Opt_uid:
449 ima_log_string(ab, "uid", args[0].from); 543 ima_log_string(ab, "uid", args[0].from);
450 544
@@ -481,40 +575,52 @@ static int ima_parse_rule(char *rule, struct ima_rule_entry *entry)
481 break; 575 break;
482 case Opt_obj_user: 576 case Opt_obj_user:
483 ima_log_string(ab, "obj_user", args[0].from); 577 ima_log_string(ab, "obj_user", args[0].from);
484 result = ima_lsm_rule_init(entry, args[0].from, 578 result = ima_lsm_rule_init(entry, args,
485 LSM_OBJ_USER, 579 LSM_OBJ_USER,
486 AUDIT_OBJ_USER); 580 AUDIT_OBJ_USER);
487 break; 581 break;
488 case Opt_obj_role: 582 case Opt_obj_role:
489 ima_log_string(ab, "obj_role", args[0].from); 583 ima_log_string(ab, "obj_role", args[0].from);
490 result = ima_lsm_rule_init(entry, args[0].from, 584 result = ima_lsm_rule_init(entry, args,
491 LSM_OBJ_ROLE, 585 LSM_OBJ_ROLE,
492 AUDIT_OBJ_ROLE); 586 AUDIT_OBJ_ROLE);
493 break; 587 break;
494 case Opt_obj_type: 588 case Opt_obj_type:
495 ima_log_string(ab, "obj_type", args[0].from); 589 ima_log_string(ab, "obj_type", args[0].from);
496 result = ima_lsm_rule_init(entry, args[0].from, 590 result = ima_lsm_rule_init(entry, args,
497 LSM_OBJ_TYPE, 591 LSM_OBJ_TYPE,
498 AUDIT_OBJ_TYPE); 592 AUDIT_OBJ_TYPE);
499 break; 593 break;
500 case Opt_subj_user: 594 case Opt_subj_user:
501 ima_log_string(ab, "subj_user", args[0].from); 595 ima_log_string(ab, "subj_user", args[0].from);
502 result = ima_lsm_rule_init(entry, args[0].from, 596 result = ima_lsm_rule_init(entry, args,
503 LSM_SUBJ_USER, 597 LSM_SUBJ_USER,
504 AUDIT_SUBJ_USER); 598 AUDIT_SUBJ_USER);
505 break; 599 break;
506 case Opt_subj_role: 600 case Opt_subj_role:
507 ima_log_string(ab, "subj_role", args[0].from); 601 ima_log_string(ab, "subj_role", args[0].from);
508 result = ima_lsm_rule_init(entry, args[0].from, 602 result = ima_lsm_rule_init(entry, args,
509 LSM_SUBJ_ROLE, 603 LSM_SUBJ_ROLE,
510 AUDIT_SUBJ_ROLE); 604 AUDIT_SUBJ_ROLE);
511 break; 605 break;
512 case Opt_subj_type: 606 case Opt_subj_type:
513 ima_log_string(ab, "subj_type", args[0].from); 607 ima_log_string(ab, "subj_type", args[0].from);
514 result = ima_lsm_rule_init(entry, args[0].from, 608 result = ima_lsm_rule_init(entry, args,
515 LSM_SUBJ_TYPE, 609 LSM_SUBJ_TYPE,
516 AUDIT_SUBJ_TYPE); 610 AUDIT_SUBJ_TYPE);
517 break; 611 break;
612 case Opt_appraise_type:
613 if (entry->action != APPRAISE) {
614 result = -EINVAL;
615 break;
616 }
617
618 ima_log_string(ab, "appraise_type", args[0].from);
619 if ((strcmp(args[0].from, "imasig")) == 0)
620 entry->flags |= IMA_DIGSIG_REQUIRED;
621 else
622 result = -EINVAL;
623 break;
518 case Opt_err: 624 case Opt_err:
519 ima_log_string(ab, "UNKNOWN", p); 625 ima_log_string(ab, "UNKNOWN", p);
520 result = -EINVAL; 626 result = -EINVAL;
@@ -590,9 +696,13 @@ ssize_t ima_parse_add_rule(char *rule)
590void ima_delete_rules(void) 696void ima_delete_rules(void)
591{ 697{
592 struct ima_rule_entry *entry, *tmp; 698 struct ima_rule_entry *entry, *tmp;
699 int i;
593 700
594 mutex_lock(&ima_rules_mutex); 701 mutex_lock(&ima_rules_mutex);
595 list_for_each_entry_safe(entry, tmp, &ima_policy_rules, list) { 702 list_for_each_entry_safe(entry, tmp, &ima_policy_rules, list) {
703 for (i = 0; i < MAX_LSM_RULES; i++)
704 kfree(entry->lsm[i].args_p);
705
596 list_del(&entry->list); 706 list_del(&entry->list);
597 kfree(entry); 707 kfree(entry);
598 } 708 }
diff --git a/security/integrity/integrity.h b/security/integrity/integrity.h
index e9db763a875e..84c37c4db914 100644
--- a/security/integrity/integrity.h
+++ b/security/integrity/integrity.h
@@ -14,23 +14,41 @@
14#include <linux/types.h> 14#include <linux/types.h>
15#include <linux/integrity.h> 15#include <linux/integrity.h>
16#include <crypto/sha.h> 16#include <crypto/sha.h>
17#include <linux/key.h>
17 18
18/* iint action cache flags */ 19/* iint action cache flags */
19#define IMA_MEASURE 0x0001 20#define IMA_MEASURE 0x00000001
20#define IMA_MEASURED 0x0002 21#define IMA_MEASURED 0x00000002
21#define IMA_APPRAISE 0x0004 22#define IMA_APPRAISE 0x00000004
22#define IMA_APPRAISED 0x0008 23#define IMA_APPRAISED 0x00000008
23/*#define IMA_COLLECT 0x0010 do not use this flag */ 24/*#define IMA_COLLECT 0x00000010 do not use this flag */
24#define IMA_COLLECTED 0x0020 25#define IMA_COLLECTED 0x00000020
25#define IMA_AUDIT 0x0040 26#define IMA_AUDIT 0x00000040
26#define IMA_AUDITED 0x0080 27#define IMA_AUDITED 0x00000080
27 28
28/* iint cache flags */ 29/* iint cache flags */
29#define IMA_DIGSIG 0x0100 30#define IMA_ACTION_FLAGS 0xff000000
31#define IMA_DIGSIG 0x01000000
32#define IMA_DIGSIG_REQUIRED 0x02000000
30 33
31#define IMA_DO_MASK (IMA_MEASURE | IMA_APPRAISE | IMA_AUDIT) 34#define IMA_DO_MASK (IMA_MEASURE | IMA_APPRAISE | IMA_AUDIT | \
32#define IMA_DONE_MASK (IMA_MEASURED | IMA_APPRAISED | IMA_AUDITED \ 35 IMA_APPRAISE_SUBMASK)
33 | IMA_COLLECTED) 36#define IMA_DONE_MASK (IMA_MEASURED | IMA_APPRAISED | IMA_AUDITED | \
37 IMA_COLLECTED | IMA_APPRAISED_SUBMASK)
38
39/* iint subaction appraise cache flags */
40#define IMA_FILE_APPRAISE 0x00000100
41#define IMA_FILE_APPRAISED 0x00000200
42#define IMA_MMAP_APPRAISE 0x00000400
43#define IMA_MMAP_APPRAISED 0x00000800
44#define IMA_BPRM_APPRAISE 0x00001000
45#define IMA_BPRM_APPRAISED 0x00002000
46#define IMA_MODULE_APPRAISE 0x00004000
47#define IMA_MODULE_APPRAISED 0x00008000
48#define IMA_APPRAISE_SUBMASK (IMA_FILE_APPRAISE | IMA_MMAP_APPRAISE | \
49 IMA_BPRM_APPRAISE | IMA_MODULE_APPRAISE)
50#define IMA_APPRAISED_SUBMASK (IMA_FILE_APPRAISED | IMA_MMAP_APPRAISED | \
51 IMA_BPRM_APPRAISED | IMA_MODULE_APPRAISED)
34 52
35enum evm_ima_xattr_type { 53enum evm_ima_xattr_type {
36 IMA_XATTR_DIGEST = 0x01, 54 IMA_XATTR_DIGEST = 0x01,
@@ -48,10 +66,13 @@ struct integrity_iint_cache {
48 struct rb_node rb_node; /* rooted in integrity_iint_tree */ 66 struct rb_node rb_node; /* rooted in integrity_iint_tree */
49 struct inode *inode; /* back pointer to inode in question */ 67 struct inode *inode; /* back pointer to inode in question */
50 u64 version; /* track inode changes */ 68 u64 version; /* track inode changes */
51 unsigned short flags; 69 unsigned long flags;
52 struct evm_ima_xattr_data ima_xattr; 70 struct evm_ima_xattr_data ima_xattr;
53 enum integrity_status ima_status; 71 enum integrity_status ima_file_status:4;
54 enum integrity_status evm_status; 72 enum integrity_status ima_mmap_status:4;
73 enum integrity_status ima_bprm_status:4;
74 enum integrity_status ima_module_status:4;
75 enum integrity_status evm_status:4;
55}; 76};
56 77
57/* rbtree tree calls to lookup, insert, delete 78/* rbtree tree calls to lookup, insert, delete
@@ -81,5 +102,16 @@ static inline int integrity_digsig_verify(const unsigned int id,
81 102
82#endif /* CONFIG_INTEGRITY_SIGNATURE */ 103#endif /* CONFIG_INTEGRITY_SIGNATURE */
83 104
105#ifdef CONFIG_INTEGRITY_ASYMMETRIC_KEYS
106int asymmetric_verify(struct key *keyring, const char *sig,
107 int siglen, const char *data, int datalen);
108#else
109static inline int asymmetric_verify(struct key *keyring, const char *sig,
110 int siglen, const char *data, int datalen)
111{
112 return -EOPNOTSUPP;
113}
114#endif
115
84/* set during initialization */ 116/* set during initialization */
85extern int iint_initialized; 117extern int iint_initialized;
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-26 16:53:22 -0500