tpm-linux.cpp@ 90915

Last change on this file since 90915 was 90915, checked in by vboxsync, 4 years ago
Runtime: Add simple RTTpm* API for uniform access to a host TPM and completely untested implementation for Linux, bugref:10075
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 7.7 KB

Line
1	/* $Id: tpm-linux.cpp 90915 2021-08-26 15:08:03Z vboxsync $ */
2	/** @file
3	* IPRT - Trusted Platform Module (TPM) access, Linux variant.
4	*/
5
6	/*
7	* Copyright (C) 2021 Oracle Corporation
8	*
9	* This file is part of VirtualBox Open Source Edition (OSE), as
10	* available from http://www.215389.xyz. This file is free software;
11	* you can redistribute it and/or modify it under the terms of the GNU
12	* General Public License (GPL) as published by the Free Software
13	* Foundation, in version 2 as it comes in the "COPYING" file of the
14	* VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15	* hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16	*
17	* The contents of this file may alternatively be used under the terms
18	* of the Common Development and Distribution License Version 1.0
19	* (CDDL) only, as it comes in the "COPYING.CDDL" file of the
20	* VirtualBox OSE distribution, in which case the provisions of the
21	* CDDL are applicable instead of those of the GPL.
22	*
23	* You may elect to license modified versions of this file under the
24	* terms and conditions of either the GPL or the CDDL or both.
25	*/
26
27
28	/*********************************************************************************************************************************
29	* Header Files *
30	*********************************************************************************************************************************/
31	#define LOG_GROUP RTLOGGROUP_DEFAULT
32	#include <iprt/tpm.h>
33
34	#include <iprt/assertcompile.h>
35	#include <iprt/asm.h>
36	#include <iprt/err.h>
37	#include <iprt/file.h>
38	#include <iprt/log.h>
39	#include <iprt/mem.h>
40	#include <iprt/string.h>
41	#include <iprt/linux/sysfs.h>
42
43
44	/*********************************************************************************************************************************
45	* Defined Constants And Macros *
46	*********************************************************************************************************************************/
47
48
49	/*********************************************************************************************************************************
50	* Structures and Typedefs *
51	*********************************************************************************************************************************/
52
53	/**
54	* Internal TPM instance data.
55	*/
56	typedef struct RTTPMINT
57	{
58	/** Handle to the /dev/tpmX device. */
59	RTFILE hTpmDev;
60	/** Handle to the sysfs cancel interface. */
61	RTFILE hTpmCancel;
62	/** The deduced TPM version. */
63	RTTPMVERSION enmTpmVers;
64	/** Flag whether a request is currently being executed. */
65	volatile bool fReqExec;
66	} RTTPMINT;
67	/** Pointer to the internal TPM instance data. */
68	typedef RTTPMINT *PRTTPMINT;
69
70
71	/*********************************************************************************************************************************
72	* Internal Functions *
73	*********************************************************************************************************************************/
74
75	RTDECL(int) RTTpmOpen(PRTTPM phTpm, uint32_t idTpm)
76	{
77	AssertPtrReturn(phTpm, VERR_INVALID_POINTER);
78	if (idTpm == RTTPM_ID_DEFAULT)
79	idTpm = 0;
80
81	int rc = VINF_SUCCESS;
82	PRTTPMINT pThis = (PRTTPMINT)RTMemAllocZ(sizeof(*pThis));
83	if (pThis)
84	{
85	pThis->hTpmDev = NIL_RTFILE;
86	pThis->hTpmCancel = NIL_RTFILE;
87	pThis->enmTpmVers = RTTPMVERSION_UNKNOWN;
88	pThis->fReqExec = false;
89
90	rc = RTFileOpenF(&pThis->hTpmDev, RTFILE_O_OPEN \| RTFILE_O_READWRITE \| RTFILE_O_DENY_NONE,
91	"/dev/tpm%u", idTpm);
92	if (RT_SUCCESS(rc))
93	{
94	/* Open the sysfs path to cancel a request, either /sys/class/tpm/tpmX/device/cancel or /sys/class/misc/tpmX/device/cancel. */
95	rc = RTFileOpenF(&pThis->hTpmCancel, RTFILE_O_OPEN \| RTFILE_O_WRITE \| RTFILE_O_DENY_NONE,
96	"/sys/class/tpm/tpm%u/device/cancel", idTpm);
97	if (rc == VERR_FILE_NOT_FOUND)
98	rc = RTFileOpenF(&pThis->hTpmCancel, RTFILE_O_OPEN \| RTFILE_O_WRITE \| RTFILE_O_DENY_NONE,
99	"/sys/class/misc/tpm%u/device/cancel", idTpm);
100	if ( RT_SUCCESS(rc)
101	\|\| rc == VERR_FILE_NOT_FOUND)
102	{
103	/* Try to figure out the TPM version. */
104	int64_t iVersion = 0;
105	rc = RTLinuxSysFsReadIntFile(10 /uBase/, &iVersion, "/sys/class/tpm/tpm%u/tpm_version_major", idTpm);
106	if (rc == VERR_FILE_NOT_FOUND)
107	rc = RTLinuxSysFsReadIntFile(10 /uBase/, &iVersion, "/sys/class/misc/tpm%u/tpm_version_major", idTpm);
108	if (RT_SUCCESS(rc))
109	{
110	if (iVersion == 1)
111	pThis->enmTpmVers = RTTPMVERSION_1_2;
112	else if (iVersion == 2)
113	pThis->enmTpmVers = RTTPMVERSION_2_0;
114	}
115
116	*phTpm = pThis;
117	return VINF_SUCCESS;
118	}
119
120	RTFileClose(pThis->hTpmDev);
121	pThis->hTpmDev = NIL_RTFILE;
122	}
123
124	RTMemFree(pThis);
125	}
126	else
127	rc = VERR_NO_MEMORY;
128	return rc;
129	}
130
131
132	RTDECL(int) RTTpmClose(RTTPM hTpm)
133	{
134	PRTTPMINT pThis = hTpm;
135
136	AssertPtrReturn(pThis, VERR_INVALID_HANDLE);
137
138	RTFileClose(pThis->hTpmDev);
139	if (pThis->hTpmCancel != NIL_RTFILE)
140	RTFileClose(pThis->hTpmCancel);
141
142	pThis->hTpmDev = NIL_RTFILE;
143	pThis->hTpmCancel = NIL_RTFILE;
144	RTMemFree(pThis);
145	return VINF_SUCCESS;
146	}
147
148
149	RTDECL(RTTPMVERSION) RTTpmGetVersion(RTTPM hTpm)
150	{
151	PRTTPMINT pThis = hTpm;
152
153	AssertPtrReturn(pThis, RTTPMVERSION_INVALID);
154	return pThis->enmTpmVers;
155	}
156
157
158	RTDECL(int) RTTpmReqCancel(RTTPM hTpm)
159	{
160	PRTTPMINT pThis = hTpm;
161
162	AssertPtrReturn(pThis, VERR_INVALID_HANDLE);
163	if (pThis->hTpmCancel == NIL_RTFILE)
164	return VERR_NOT_SUPPORTED;
165
166	if (ASMAtomicReadBool(&pThis->fReqExec))
167	{
168	uint8_t bCancel = '-';
169	return RTFileWrite(pThis->hTpmCancel, &bCancel, sizeof(bCancel), NULL /pcbWritten/);
170	}
171
172	return VINF_SUCCESS;
173	}
174
175
176	RTDECL(int) RTTpmReqExec(RTTPM hTpm, uint8_t bLoc, const void *pvReq, size_t cbReq,
177	void pvResp, size_t cbRespMax, size_t pcbResp)
178	{
179	PRTTPMINT pThis = hTpm;
180
181	AssertPtrReturn(pThis, VERR_INVALID_HANDLE);
182	AssertPtrReturn(pvReq, VERR_INVALID_POINTER);
183	AssertPtrReturn(pvResp, VERR_INVALID_POINTER);
184	AssertReturn(cbReq && cbRespMax, VERR_INVALID_PARAMETER);
185	AssertReturn(bLoc == 0, VERR_NOT_SUPPORTED); /** @todo There doesn't seem to be a way to use a different locality. */
186
187	/* The request has to be supplied by a single blocking write. */
188	ASMAtomicXchgBool(&pThis->fReqExec, true);
189	int rc = RTFileWrite(pThis->hTpmDev, pvReq, cbReq, NULL /pcbWritten/);
190	if (RT_SUCCESS(rc))
191	{
192	size_t cbResp = 0;
193	/* The response has to be retrieved in a single read as well. */
194	rc = RTFileRead(pThis->hTpmDev, pvResp, cbRespMax, &cbResp);
195	ASMAtomicXchgBool(&pThis->fReqExec, false);
196	if (RT_SUCCESS(rc))
197	{
198	/* Check whether the response is complete. */
199	if ( cbResp >= sizeof(TPMRESPHDR)
200	&& RTTpmRespGetSz((PCTPMRESPHDR)pvResp) == cbResp)
201	{
202	if (pcbResp)
203	*pcbResp = cbResp;
204	}
205	else
206	rc = VERR_BUFFER_OVERFLOW;
207	}
208	}
209
210	return rc;
211	}
212

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/VBox/Runtime/r3/linux/tpm-linux.cpp@ 90915

Download in other formats: