LXR qemu/backends/tpm/tpm

   1/*
   2 * tpm_ioctl.h
   3 *
   4 * (c) Copyright IBM Corporation 2014, 2015.
   5 *
   6 * This file is licensed under the terms of the 3-clause BSD license
   7 */
   8#ifndef _TPM_IOCTL_H_
   9#define _TPM_IOCTL_H_
  10
  11#if defined(__CYGWIN__)
  12# define __USE_LINUX_IOCTL_DEFS
  13#endif
  14
  15#ifndef _WIN32
  16#include <sys/uio.h>
  17#include <sys/ioctl.h>
  18#endif
  19
  20#ifdef HAVE_SYS_IOCCOM_H
  21#include <sys/ioccom.h>
  22#endif
  23
  24/*
  25 * Every response from a command involving a TPM command execution must hold
  26 * the ptm_res as the first element.
  27 * ptm_res corresponds to the error code of a command executed by the TPM.
  28 */
  29
  30typedef uint32_t ptm_res;
  31
  32/* PTM_GET_TPMESTABLISHED: get the establishment bit */
  33struct ptm_est {
  34    union {
  35        struct {
  36            ptm_res tpm_result;
  37            unsigned char bit; /* TPM established bit */
  38        } resp; /* response */
  39    } u;
  40};
  41
  42/* PTM_RESET_TPMESTABLISHED: reset establishment bit */
  43struct ptm_reset_est {
  44    union {
  45        struct {
  46            uint8_t loc; /* locality to use */
  47        } req; /* request */
  48        struct {
  49            ptm_res tpm_result;
  50        } resp; /* response */
  51    } u;
  52};
  53
  54/* PTM_INIT */
  55struct ptm_init {
  56    union {
  57        struct {
  58            uint32_t init_flags; /* see definitions below */
  59        } req; /* request */
  60        struct {
  61            ptm_res tpm_result;
  62        } resp; /* response */
  63    } u;
  64};
  65
  66/* above init_flags */
  67#define PTM_INIT_FLAG_DELETE_VOLATILE (1 << 0)
  68    /* delete volatile state file after reading it */
  69
  70/* PTM_SET_LOCALITY */
  71struct ptm_loc {
  72    union {
  73        struct {
  74            uint8_t loc; /* locality to set */
  75        } req; /* request */
  76        struct {
  77            ptm_res tpm_result;
  78        } resp; /* response */
  79    } u;
  80};
  81
  82/* PTM_HASH_DATA: hash given data */
  83struct ptm_hdata {
  84    union {
  85        struct {
  86            uint32_t length;
  87            uint8_t data[4096];
  88        } req; /* request */
  89        struct {
  90            ptm_res tpm_result;
  91        } resp; /* response */
  92    } u;
  93};
  94
  95/*
  96 * size of the TPM state blob to transfer; x86_64 can handle 8k,
  97 * ppc64le only ~7k; keep the response below a 4k page size
  98 */
  99#define PTM_STATE_BLOB_SIZE (3 * 1024)
 100
 101/*
 102 * The following is the data structure to get state blobs from the TPM.
 103 * If the size of the state blob exceeds the PTM_STATE_BLOB_SIZE, multiple reads
 104 * with this ioctl and with adjusted offset are necessary. All bytes
 105 * must be transferred and the transfer is done once the last byte has been
 106 * returned.
 107 * It is possible to use the read() interface for reading the data; however, the
 108 * first bytes of the state blob will be part of the response to the ioctl(); a
 109 * subsequent read() is only necessary if the total length (totlength) exceeds
 110 * the number of received bytes. seek() is not supported.
 111 */
 112struct ptm_getstate {
 113    union {
 114        struct {
 115            uint32_t state_flags; /* may be: PTM_STATE_FLAG_DECRYPTED */
 116            uint32_t type;        /* which blob to pull */
 117            uint32_t offset;      /* offset from where to read */
 118        } req; /* request */
 119        struct {
 120            ptm_res tpm_result;
 121            uint32_t state_flags; /* may be: PTM_STATE_FLAG_ENCRYPTED */
 122            uint32_t totlength;   /* total length that will be transferred */
 123            uint32_t length;      /* number of bytes in following buffer */
 124            uint8_t  data[PTM_STATE_BLOB_SIZE];
 125        } resp; /* response */
 126    } u;
 127};
 128
 129/* TPM state blob types */
 130#define PTM_BLOB_TYPE_PERMANENT  1
 131#define PTM_BLOB_TYPE_VOLATILE   2
 132#define PTM_BLOB_TYPE_SAVESTATE  3
 133
 134/* state_flags above : */
 135#define PTM_STATE_FLAG_DECRYPTED     1 /* on input:  get decrypted state */
 136#define PTM_STATE_FLAG_ENCRYPTED     2 /* on output: state is encrypted */
 137
 138/*
 139 * The following is the data structure to set state blobs in the TPM.
 140 * If the size of the state blob exceeds the PTM_STATE_BLOB_SIZE, multiple
 141 * 'writes' using this ioctl are necessary. The last packet is indicated
 142 * by the length being smaller than the PTM_STATE_BLOB_SIZE.
 143 * The very first packet may have a length indicator of '0' enabling
 144 * a write() with all the bytes from a buffer. If the write() interface
 145 * is used, a final ioctl with a non-full buffer must be made to indicate
 146 * that all data were transferred (a write with 0 bytes would not work).
 147 */
 148struct ptm_setstate {
 149    union {
 150        struct {
 151            uint32_t state_flags; /* may be PTM_STATE_FLAG_ENCRYPTED */
 152            uint32_t type;        /* which blob to set */
 153            uint32_t length;      /* length of the data;
 154                                     use 0 on the first packet to
 155                                     transfer using write() */
 156            uint8_t data[PTM_STATE_BLOB_SIZE];
 157        } req; /* request */
 158        struct {
 159            ptm_res tpm_result;
 160        } resp; /* response */
 161    } u;
 162};
 163
 164/*
 165 * PTM_GET_CONFIG: Data structure to get runtime configuration information
 166 * such as which keys are applied.
 167 */
 168struct ptm_getconfig {
 169    union {
 170        struct {
 171            ptm_res tpm_result;
 172            uint32_t flags;
 173        } resp; /* response */
 174    } u;
 175};
 176
 177#define PTM_CONFIG_FLAG_FILE_KEY        0x1
 178#define PTM_CONFIG_FLAG_MIGRATION_KEY   0x2
 179
 180/*
 181 * PTM_SET_BUFFERSIZE: Set the buffer size to be used by the TPM.
 182 * A 0 on input queries for the current buffer size. Any other
 183 * number will try to set the buffer size. The returned number is
 184 * the buffer size that will be used, which can be larger than the
 185 * requested one, if it was below the minimum, or smaller than the
 186 * requested one, if it was above the maximum.
 187 */
 188struct ptm_setbuffersize {
 189    union {
 190        struct {
 191            uint32_t buffersize; /* 0 to query for current buffer size */
 192        } req; /* request */
 193        struct {
 194            ptm_res tpm_result;
 195            uint32_t buffersize; /* buffer size in use */
 196            uint32_t minsize; /* min. supported buffer size */
 197            uint32_t maxsize; /* max. supported buffer size */
 198        } resp; /* response */
 199    } u;
 200};
 201
 202#define PTM_GETINFO_SIZE (3 * 1024)
 203/*
 204 * PTM_GET_INFO: Get info about the TPM implementation (from libtpms)
 205 *
 206 * This request allows to indirectly call TPMLIB_GetInfo(flags) and
 207 * retrieve information from libtpms.
 208 * Only one transaction is currently necessary for returning results
 209 * to a client. Therefore, totlength and length will be the same if
 210 * offset is 0.
 211 */
 212struct ptm_getinfo {
 213    union {
 214        struct {
 215            uint64_t flags;
 216            uint32_t offset;      /* offset from where to read */
 217            uint32_t pad;         /* 32 bit arch */
 218        } req; /* request */
 219        struct {
 220            ptm_res tpm_result;
 221            uint32_t totlength;
 222            uint32_t length;
 223            char buffer[PTM_GETINFO_SIZE];
 224        } resp; /* response */
 225    } u;
 226};
 227
 228#define SWTPM_INFO_TPMSPECIFICATION ((uint64_t)1 << 0)
 229#define SWTPM_INFO_TPMATTRIBUTES    ((uint64_t)1 << 1)
 230
 231/*
 232 * PTM_LOCK_STORAGE: Lock the storage and retry n times
 233 */
 234struct ptm_lockstorage {
 235    union {
 236        struct {
 237            uint32_t retries; /* number of retries */
 238        } req; /* request */
 239        struct {
 240            ptm_res tpm_result;
 241        } resp; /* reponse */
 242    } u;
 243};
 244
 245typedef uint64_t ptm_cap;
 246typedef struct ptm_est ptm_est;
 247typedef struct ptm_reset_est ptm_reset_est;
 248typedef struct ptm_loc ptm_loc;
 249typedef struct ptm_hdata ptm_hdata;
 250typedef struct ptm_init ptm_init;
 251typedef struct ptm_getstate ptm_getstate;
 252typedef struct ptm_setstate ptm_setstate;
 253typedef struct ptm_getconfig ptm_getconfig;
 254typedef struct ptm_setbuffersize ptm_setbuffersize;
 255typedef struct ptm_getinfo ptm_getinfo;
 256typedef struct ptm_lockstorage ptm_lockstorage;
 257
 258/* capability flags returned by PTM_GET_CAPABILITY */
 259#define PTM_CAP_INIT               (1)
 260#define PTM_CAP_SHUTDOWN           (1 << 1)
 261#define PTM_CAP_GET_TPMESTABLISHED (1 << 2)
 262#define PTM_CAP_SET_LOCALITY       (1 << 3)
 263#define PTM_CAP_HASHING            (1 << 4)
 264#define PTM_CAP_CANCEL_TPM_CMD     (1 << 5)
 265#define PTM_CAP_STORE_VOLATILE     (1 << 6)
 266#define PTM_CAP_RESET_TPMESTABLISHED (1 << 7)
 267#define PTM_CAP_GET_STATEBLOB      (1 << 8)
 268#define PTM_CAP_SET_STATEBLOB      (1 << 9)
 269#define PTM_CAP_STOP               (1 << 10)
 270#define PTM_CAP_GET_CONFIG         (1 << 11)
 271#define PTM_CAP_SET_DATAFD         (1 << 12)
 272#define PTM_CAP_SET_BUFFERSIZE     (1 << 13)
 273#define PTM_CAP_GET_INFO           (1 << 14)
 274#define PTM_CAP_SEND_COMMAND_HEADER (1 << 15)
 275#define PTM_CAP_LOCK_STORAGE       (1 << 16)
 276
 277#ifndef _WIN32
 278enum {
 279    PTM_GET_CAPABILITY     = _IOR('P', 0, ptm_cap),
 280    PTM_INIT               = _IOWR('P', 1, ptm_init),
 281    PTM_SHUTDOWN           = _IOR('P', 2, ptm_res),
 282    PTM_GET_TPMESTABLISHED = _IOR('P', 3, ptm_est),
 283    PTM_SET_LOCALITY       = _IOWR('P', 4, ptm_loc),
 284    PTM_HASH_START         = _IOR('P', 5, ptm_res),
 285    PTM_HASH_DATA          = _IOWR('P', 6, ptm_hdata),
 286    PTM_HASH_END           = _IOR('P', 7, ptm_res),
 287    PTM_CANCEL_TPM_CMD     = _IOR('P', 8, ptm_res),
 288    PTM_STORE_VOLATILE     = _IOR('P', 9, ptm_res),
 289    PTM_RESET_TPMESTABLISHED = _IOWR('P', 10, ptm_reset_est),
 290    PTM_GET_STATEBLOB      = _IOWR('P', 11, ptm_getstate),
 291    PTM_SET_STATEBLOB      = _IOWR('P', 12, ptm_setstate),
 292    PTM_STOP               = _IOR('P', 13, ptm_res),
 293    PTM_GET_CONFIG         = _IOR('P', 14, ptm_getconfig),
 294    PTM_SET_DATAFD         = _IOR('P', 15, ptm_res),
 295    PTM_SET_BUFFERSIZE     = _IOWR('P', 16, ptm_setbuffersize),
 296    PTM_GET_INFO           = _IOWR('P', 17, ptm_getinfo),
 297    PTM_LOCK_STORAGE       = _IOWR('P', 18, ptm_lockstorage),
 298};
 299#endif
 300
 301/*
 302 * Commands used by the non-CUSE TPMs
 303 *
 304 * All messages container big-endian data.
 305 *
 306 * The return messages only contain the 'resp' part of the unions
 307 * in the data structures above. Besides that the limits in the
 308 * buffers above (ptm_hdata:u.req.data and ptm_get_state:u.resp.data
 309 * and ptm_set_state:u.req.data) are 0xffffffff.
 310 */
 311enum {
 312    CMD_GET_CAPABILITY = 1,   /* 0x01 */
 313    CMD_INIT,                 /* 0x02 */
 314    CMD_SHUTDOWN,             /* 0x03 */
 315    CMD_GET_TPMESTABLISHED,   /* 0x04 */
 316    CMD_SET_LOCALITY,         /* 0x05 */
 317    CMD_HASH_START,           /* 0x06 */
 318    CMD_HASH_DATA,            /* 0x07 */
 319    CMD_HASH_END,             /* 0x08 */
 320    CMD_CANCEL_TPM_CMD,       /* 0x09 */
 321    CMD_STORE_VOLATILE,       /* 0x0a */
 322    CMD_RESET_TPMESTABLISHED, /* 0x0b */
 323    CMD_GET_STATEBLOB,        /* 0x0c */
 324    CMD_SET_STATEBLOB,        /* 0x0d */
 325    CMD_STOP,                 /* 0x0e */
 326    CMD_GET_CONFIG,           /* 0x0f */
 327    CMD_SET_DATAFD,           /* 0x10 */
 328    CMD_SET_BUFFERSIZE,       /* 0x11 */
 329    CMD_GET_INFO,             /* 0x12 */
 330    CMD_LOCK_STORAGE,         /* 0x13 */
 331};
 332
 333#endif /* _TPM_IOCTL_H_ */
 334