Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/drivers/char/tpm/eventlog/common.c 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) // SPDX-License-Identifier: GPL-2.0-or-later
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * Copyright (C) 2005, 2012 IBM Corporation
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  * Authors:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6)  *	Kent Yoder <key@linux.vnet.ibm.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7)  *	Seiji Munetoh <munetoh@jp.ibm.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8)  *	Stefan Berger <stefanb@us.ibm.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9)  *	Reiner Sailer <sailer@watson.ibm.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10)  *	Kylene Hall <kjhall@us.ibm.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11)  *	Nayna Jain <nayna@linux.vnet.ibm.com>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13)  * Access to the event log created by a system's firmware / BIOS
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16) #include <linux/seq_file.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17) #include <linux/fs.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18) #include <linux/security.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19) #include <linux/module.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20) #include <linux/tpm_eventlog.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22) #include "../tpm.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) #include "common.h"
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) static int tpm_bios_measurements_open(struct inode *inode,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) 					    struct file *file)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) 	int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) 	struct seq_file *seq;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) 	struct tpm_chip_seqops *chip_seqops;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) 	const struct seq_operations *seqops;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) 	struct tpm_chip *chip;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) 	inode_lock(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) 	if (!inode->i_private) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) 		inode_unlock(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) 		return -ENODEV;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) 	chip_seqops = (struct tpm_chip_seqops *)inode->i_private;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) 	seqops = chip_seqops->seqops;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) 	chip = chip_seqops->chip;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) 	get_device(&chip->dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) 	inode_unlock(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) 	/* now register seq file */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) 	err = seq_open(file, seqops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) 	if (!err) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) 		seq = file->private_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) 		seq->private = chip;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) 	return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55) static int tpm_bios_measurements_release(struct inode *inode,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56) 					 struct file *file)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) 	struct seq_file *seq = (struct seq_file *)file->private_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 	struct tpm_chip *chip = (struct tpm_chip *)seq->private;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) 	put_device(&chip->dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) 	return seq_release(inode, file);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) static const struct file_operations tpm_bios_measurements_ops = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 	.owner = THIS_MODULE,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) 	.open = tpm_bios_measurements_open,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) 	.read = seq_read,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 	.llseek = seq_lseek,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) 	.release = tpm_bios_measurements_release,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) static int tpm_read_log(struct tpm_chip *chip)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) 	int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) 	if (chip->log.bios_event_log != NULL) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 		dev_dbg(&chip->dev,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) 			"%s: ERROR - event log already initialized\n",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 			__func__);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) 		return -EFAULT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 	rc = tpm_read_log_acpi(chip);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 	if (rc != -ENODEV)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) 		return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) 	rc = tpm_read_log_efi(chip);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 	if (rc != -ENODEV)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 		return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 	return tpm_read_log_of(chip);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97)  * tpm_bios_log_setup() - Read the event log from the firmware
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98)  * @chip: TPM chip to use.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100)  * If an event log is found then the securityfs files are setup to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101)  * export it to userspace, otherwise nothing is done.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) void tpm_bios_log_setup(struct tpm_chip *chip)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) 	const char *name = dev_name(&chip->dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) 	unsigned int cnt;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) 	int log_version;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) 	int rc = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 	if (chip->flags & TPM_CHIP_FLAG_VIRTUAL)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) 		return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) 	rc = tpm_read_log(chip);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114) 	if (rc < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115) 		return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) 	log_version = rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) 	cnt = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) 	chip->bios_dir[cnt] = securityfs_create_dir(name, NULL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) 	/* NOTE: securityfs_create_dir can return ENODEV if securityfs is
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) 	 * compiled out. The caller should ignore the ENODEV return code.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) 	if (IS_ERR(chip->bios_dir[cnt]))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) 		goto err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) 	cnt++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) 	chip->bin_log_seqops.chip = chip;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) 	if (log_version == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) 		chip->bin_log_seqops.seqops =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) 			&tpm2_binary_b_measurements_seqops;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131) 	else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132) 		chip->bin_log_seqops.seqops =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) 			&tpm1_binary_b_measurements_seqops;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) 	chip->bios_dir[cnt] =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) 	    securityfs_create_file("binary_bios_measurements",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) 				   0440, chip->bios_dir[0],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) 				   (void *)&chip->bin_log_seqops,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) 				   &tpm_bios_measurements_ops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) 	if (IS_ERR(chip->bios_dir[cnt]))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) 		goto err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) 	cnt++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) 	if (!(chip->flags & TPM_CHIP_FLAG_TPM2)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) 		chip->ascii_log_seqops.chip = chip;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) 		chip->ascii_log_seqops.seqops =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) 			&tpm1_ascii_b_measurements_seqops;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) 		chip->bios_dir[cnt] =
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) 			securityfs_create_file("ascii_bios_measurements",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) 					       0440, chip->bios_dir[0],
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) 					       (void *)&chip->ascii_log_seqops,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) 					       &tpm_bios_measurements_ops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) 		if (IS_ERR(chip->bios_dir[cnt]))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) 			goto err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) 		cnt++;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) 	return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) err:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) 	chip->bios_dir[cnt] = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) 	tpm_bios_log_teardown(chip);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) 	return;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) void tpm_bios_log_teardown(struct tpm_chip *chip)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) 	int i;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) 	struct inode *inode;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) 	/* securityfs_remove currently doesn't take care of handling sync
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) 	 * between removal and opening of pseudo files. To handle this, a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) 	 * workaround is added by making i_private = NULL here during removal
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) 	 * and to check it during open(), both within inode_lock()/unlock().
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) 	 * This design ensures that open() either safely gets kref or fails.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) 	for (i = (TPM_NUM_EVENT_LOG_FILES - 1); i >= 0; i--) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) 		if (chip->bios_dir[i]) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) 			inode = d_inode(chip->bios_dir[i]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) 			inode_lock(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) 			inode->i_private = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) 			inode_unlock(inode);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) 			securityfs_remove(chip->bios_dir[i]);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) 		}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) }
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.