report.c 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /* Copyright(c) 2023 Intel Corporation. All rights reserved. */
  3. #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
  4. #include <linux/tsm.h>
  5. #include <linux/err.h>
  6. #include <linux/slab.h>
  7. #include <linux/rwsem.h>
  8. #include <linux/string.h>
  9. #include <linux/module.h>
  10. #include <linux/cleanup.h>
  11. #include <linux/configfs.h>
  12. static struct tsm_provider {
  13. const struct tsm_report_ops *ops;
  14. void *data;
  15. atomic_t count;
  16. } provider;
  17. static DECLARE_RWSEM(tsm_rwsem);
  18. /**
  19. * DOC: Trusted Security Module (TSM) Attestation Report Interface
  20. *
  21. * The TSM report interface is a common provider of blobs that facilitate
  22. * attestation of a TVM (confidential computing guest) by an attestation
  23. * service. A TSM report combines a user-defined blob (likely a public-key with
  24. * a nonce for a key-exchange protocol) with a signed attestation report. That
  25. * combined blob is then used to obtain secrets provided by an agent that can
  26. * validate the attestation report. The expectation is that this interface is
  27. * invoked infrequently, however configfs allows for multiple agents to
  28. * own their own report generation instances to generate reports as
  29. * often as needed.
  30. *
  31. * The attestation report format is TSM provider specific, when / if a standard
  32. * materializes that can be published instead of the vendor layout. Until then
  33. * the 'provider' attribute indicates the format of 'outblob', and optionally
  34. * 'auxblob' and 'manifestblob'.
  35. */
  36. struct tsm_report_state {
  37. struct tsm_report report;
  38. unsigned long write_generation;
  39. unsigned long read_generation;
  40. struct config_item cfg;
  41. };
  42. enum tsm_data_select {
  43. TSM_REPORT,
  44. TSM_CERTS,
  45. TSM_MANIFEST,
  46. };
  47. static struct tsm_report *to_tsm_report(struct config_item *cfg)
  48. {
  49. struct tsm_report_state *state =
  50. container_of(cfg, struct tsm_report_state, cfg);
  51. return &state->report;
  52. }
  53. static struct tsm_report_state *to_state(struct tsm_report *report)
  54. {
  55. return container_of(report, struct tsm_report_state, report);
  56. }
  57. static int try_advance_write_generation(struct tsm_report *report)
  58. {
  59. struct tsm_report_state *state = to_state(report);
  60. lockdep_assert_held_write(&tsm_rwsem);
  61. /*
  62. * Malicious or broken userspace has written enough times for
  63. * read_generation == write_generation by modular arithmetic without an
  64. * interim read. Stop accepting updates until the current report
  65. * configuration is read.
  66. */
  67. if (state->write_generation == state->read_generation - 1)
  68. return -EBUSY;
  69. state->write_generation++;
  70. return 0;
  71. }
  72. static ssize_t tsm_report_privlevel_store(struct config_item *cfg,
  73. const char *buf, size_t len)
  74. {
  75. struct tsm_report *report = to_tsm_report(cfg);
  76. unsigned int val;
  77. int rc;
  78. rc = kstrtouint(buf, 0, &val);
  79. if (rc)
  80. return rc;
  81. guard(rwsem_write)(&tsm_rwsem);
  82. if (!provider.ops)
  83. return -ENXIO;
  84. /*
  85. * The valid privilege levels that a TSM might accept, if it accepts a
  86. * privilege level setting at all, are a max of TSM_PRIVLEVEL_MAX (see
  87. * SEV-SNP GHCB) and a minimum of a TSM selected floor value no less
  88. * than 0.
  89. */
  90. if (provider.ops->privlevel_floor > val || val > TSM_REPORT_PRIVLEVEL_MAX)
  91. return -EINVAL;
  92. rc = try_advance_write_generation(report);
  93. if (rc)
  94. return rc;
  95. report->desc.privlevel = val;
  96. return len;
  97. }
  98. CONFIGFS_ATTR_WO(tsm_report_, privlevel);
  99. static ssize_t tsm_report_privlevel_floor_show(struct config_item *cfg,
  100. char *buf)
  101. {
  102. guard(rwsem_read)(&tsm_rwsem);
  103. if (!provider.ops)
  104. return -ENXIO;
  105. return sysfs_emit(buf, "%u\n", provider.ops->privlevel_floor);
  106. }
  107. CONFIGFS_ATTR_RO(tsm_report_, privlevel_floor);
  108. static ssize_t tsm_report_service_provider_store(struct config_item *cfg,
  109. const char *buf, size_t len)
  110. {
  111. struct tsm_report *report = to_tsm_report(cfg);
  112. size_t sp_len;
  113. char *sp;
  114. int rc;
  115. guard(rwsem_write)(&tsm_rwsem);
  116. rc = try_advance_write_generation(report);
  117. if (rc)
  118. return rc;
  119. sp_len = (buf[len - 1] != '\n') ? len : len - 1;
  120. sp = kstrndup(buf, sp_len, GFP_KERNEL);
  121. if (!sp)
  122. return -ENOMEM;
  123. kfree(report->desc.service_provider);
  124. report->desc.service_provider = sp;
  125. return len;
  126. }
  127. CONFIGFS_ATTR_WO(tsm_report_, service_provider);
  128. static ssize_t tsm_report_service_guid_store(struct config_item *cfg,
  129. const char *buf, size_t len)
  130. {
  131. struct tsm_report *report = to_tsm_report(cfg);
  132. int rc;
  133. guard(rwsem_write)(&tsm_rwsem);
  134. rc = try_advance_write_generation(report);
  135. if (rc)
  136. return rc;
  137. report->desc.service_guid = guid_null;
  138. rc = guid_parse(buf, &report->desc.service_guid);
  139. if (rc)
  140. return rc;
  141. return len;
  142. }
  143. CONFIGFS_ATTR_WO(tsm_report_, service_guid);
  144. static ssize_t tsm_report_service_manifest_version_store(struct config_item *cfg,
  145. const char *buf, size_t len)
  146. {
  147. struct tsm_report *report = to_tsm_report(cfg);
  148. unsigned int val;
  149. int rc;
  150. rc = kstrtouint(buf, 0, &val);
  151. if (rc)
  152. return rc;
  153. guard(rwsem_write)(&tsm_rwsem);
  154. rc = try_advance_write_generation(report);
  155. if (rc)
  156. return rc;
  157. report->desc.service_manifest_version = val;
  158. return len;
  159. }
  160. CONFIGFS_ATTR_WO(tsm_report_, service_manifest_version);
  161. static ssize_t tsm_report_inblob_write(struct config_item *cfg,
  162. const void *buf, size_t count)
  163. {
  164. struct tsm_report *report = to_tsm_report(cfg);
  165. int rc;
  166. guard(rwsem_write)(&tsm_rwsem);
  167. rc = try_advance_write_generation(report);
  168. if (rc)
  169. return rc;
  170. report->desc.inblob_len = count;
  171. memcpy(report->desc.inblob, buf, count);
  172. return count;
  173. }
  174. CONFIGFS_BIN_ATTR_WO(tsm_report_, inblob, NULL, TSM_REPORT_INBLOB_MAX);
  175. static ssize_t tsm_report_generation_show(struct config_item *cfg, char *buf)
  176. {
  177. struct tsm_report *report = to_tsm_report(cfg);
  178. struct tsm_report_state *state = to_state(report);
  179. guard(rwsem_read)(&tsm_rwsem);
  180. return sysfs_emit(buf, "%lu\n", state->write_generation);
  181. }
  182. CONFIGFS_ATTR_RO(tsm_report_, generation);
  183. static ssize_t tsm_report_provider_show(struct config_item *cfg, char *buf)
  184. {
  185. guard(rwsem_read)(&tsm_rwsem);
  186. if (!provider.ops)
  187. return -ENXIO;
  188. return sysfs_emit(buf, "%s\n", provider.ops->name);
  189. }
  190. CONFIGFS_ATTR_RO(tsm_report_, provider);
  191. static ssize_t __read_report(struct tsm_report *report, void *buf, size_t count,
  192. enum tsm_data_select select)
  193. {
  194. loff_t offset = 0;
  195. ssize_t len;
  196. u8 *out;
  197. if (select == TSM_REPORT) {
  198. out = report->outblob;
  199. len = report->outblob_len;
  200. } else if (select == TSM_MANIFEST) {
  201. out = report->manifestblob;
  202. len = report->manifestblob_len;
  203. } else {
  204. out = report->auxblob;
  205. len = report->auxblob_len;
  206. }
  207. /*
  208. * Recall that a NULL @buf is configfs requesting the size of
  209. * the buffer.
  210. */
  211. if (!buf)
  212. return len;
  213. return memory_read_from_buffer(buf, count, &offset, out, len);
  214. }
  215. static ssize_t read_cached_report(struct tsm_report *report, void *buf,
  216. size_t count, enum tsm_data_select select)
  217. {
  218. struct tsm_report_state *state = to_state(report);
  219. guard(rwsem_read)(&tsm_rwsem);
  220. if (!report->desc.inblob_len)
  221. return -EINVAL;
  222. /*
  223. * A given TSM backend always fills in ->outblob regardless of
  224. * whether the report includes an auxblob/manifestblob or not.
  225. */
  226. if (!report->outblob ||
  227. state->read_generation != state->write_generation)
  228. return -EWOULDBLOCK;
  229. return __read_report(report, buf, count, select);
  230. }
  231. static ssize_t tsm_report_read(struct tsm_report *report, void *buf,
  232. size_t count, enum tsm_data_select select)
  233. {
  234. struct tsm_report_state *state = to_state(report);
  235. const struct tsm_report_ops *ops;
  236. ssize_t rc;
  237. /* try to read from the existing report if present and valid... */
  238. rc = read_cached_report(report, buf, count, select);
  239. if (rc >= 0 || rc != -EWOULDBLOCK)
  240. return rc;
  241. /* slow path, report may need to be regenerated... */
  242. guard(rwsem_write)(&tsm_rwsem);
  243. ops = provider.ops;
  244. if (!ops)
  245. return -ENXIO;
  246. if (!report->desc.inblob_len)
  247. return -EINVAL;
  248. /* did another thread already generate this report? */
  249. if (report->outblob &&
  250. state->read_generation == state->write_generation)
  251. goto out;
  252. kvfree(report->outblob);
  253. kvfree(report->auxblob);
  254. kvfree(report->manifestblob);
  255. report->outblob = NULL;
  256. report->auxblob = NULL;
  257. report->manifestblob = NULL;
  258. rc = ops->report_new(report, provider.data);
  259. if (rc < 0)
  260. return rc;
  261. state->read_generation = state->write_generation;
  262. out:
  263. return __read_report(report, buf, count, select);
  264. }
  265. static ssize_t tsm_report_outblob_read(struct config_item *cfg, void *buf,
  266. size_t count)
  267. {
  268. struct tsm_report *report = to_tsm_report(cfg);
  269. return tsm_report_read(report, buf, count, TSM_REPORT);
  270. }
  271. CONFIGFS_BIN_ATTR_RO(tsm_report_, outblob, NULL, TSM_REPORT_OUTBLOB_MAX);
  272. static ssize_t tsm_report_auxblob_read(struct config_item *cfg, void *buf,
  273. size_t count)
  274. {
  275. struct tsm_report *report = to_tsm_report(cfg);
  276. return tsm_report_read(report, buf, count, TSM_CERTS);
  277. }
  278. CONFIGFS_BIN_ATTR_RO(tsm_report_, auxblob, NULL, TSM_REPORT_OUTBLOB_MAX);
  279. static ssize_t tsm_report_manifestblob_read(struct config_item *cfg, void *buf,
  280. size_t count)
  281. {
  282. struct tsm_report *report = to_tsm_report(cfg);
  283. return tsm_report_read(report, buf, count, TSM_MANIFEST);
  284. }
  285. CONFIGFS_BIN_ATTR_RO(tsm_report_, manifestblob, NULL, TSM_REPORT_OUTBLOB_MAX);
  286. static struct configfs_attribute *tsm_report_attrs[] = {
  287. [TSM_REPORT_GENERATION] = &tsm_report_attr_generation,
  288. [TSM_REPORT_PROVIDER] = &tsm_report_attr_provider,
  289. [TSM_REPORT_PRIVLEVEL] = &tsm_report_attr_privlevel,
  290. [TSM_REPORT_PRIVLEVEL_FLOOR] = &tsm_report_attr_privlevel_floor,
  291. [TSM_REPORT_SERVICE_PROVIDER] = &tsm_report_attr_service_provider,
  292. [TSM_REPORT_SERVICE_GUID] = &tsm_report_attr_service_guid,
  293. [TSM_REPORT_SERVICE_MANIFEST_VER] = &tsm_report_attr_service_manifest_version,
  294. NULL,
  295. };
  296. static struct configfs_bin_attribute *tsm_report_bin_attrs[] = {
  297. [TSM_REPORT_INBLOB] = &tsm_report_attr_inblob,
  298. [TSM_REPORT_OUTBLOB] = &tsm_report_attr_outblob,
  299. [TSM_REPORT_AUXBLOB] = &tsm_report_attr_auxblob,
  300. [TSM_REPORT_MANIFESTBLOB] = &tsm_report_attr_manifestblob,
  301. NULL,
  302. };
  303. static void tsm_report_item_release(struct config_item *cfg)
  304. {
  305. struct tsm_report *report = to_tsm_report(cfg);
  306. struct tsm_report_state *state = to_state(report);
  307. kvfree(report->manifestblob);
  308. kvfree(report->auxblob);
  309. kvfree(report->outblob);
  310. kfree(report->desc.service_provider);
  311. kfree(state);
  312. }
  313. static struct configfs_item_operations tsm_report_item_ops = {
  314. .release = tsm_report_item_release,
  315. };
  316. static bool tsm_report_is_visible(struct config_item *item,
  317. struct configfs_attribute *attr, int n)
  318. {
  319. guard(rwsem_read)(&tsm_rwsem);
  320. if (!provider.ops)
  321. return false;
  322. if (!provider.ops->report_attr_visible)
  323. return true;
  324. return provider.ops->report_attr_visible(n);
  325. }
  326. static bool tsm_report_is_bin_visible(struct config_item *item,
  327. struct configfs_bin_attribute *attr, int n)
  328. {
  329. guard(rwsem_read)(&tsm_rwsem);
  330. if (!provider.ops)
  331. return false;
  332. if (!provider.ops->report_bin_attr_visible)
  333. return true;
  334. return provider.ops->report_bin_attr_visible(n);
  335. }
  336. static struct configfs_group_operations tsm_report_attr_group_ops = {
  337. .is_visible = tsm_report_is_visible,
  338. .is_bin_visible = tsm_report_is_bin_visible,
  339. };
  340. static const struct config_item_type tsm_report_type = {
  341. .ct_owner = THIS_MODULE,
  342. .ct_bin_attrs = tsm_report_bin_attrs,
  343. .ct_attrs = tsm_report_attrs,
  344. .ct_item_ops = &tsm_report_item_ops,
  345. .ct_group_ops = &tsm_report_attr_group_ops,
  346. };
  347. static struct config_item *tsm_report_make_item(struct config_group *group,
  348. const char *name)
  349. {
  350. struct tsm_report_state *state;
  351. guard(rwsem_read)(&tsm_rwsem);
  352. if (!provider.ops)
  353. return ERR_PTR(-ENXIO);
  354. state = kzalloc_obj(*state);
  355. if (!state)
  356. return ERR_PTR(-ENOMEM);
  357. atomic_inc(&provider.count);
  358. config_item_init_type_name(&state->cfg, name, &tsm_report_type);
  359. return &state->cfg;
  360. }
  361. static void tsm_report_drop_item(struct config_group *group, struct config_item *item)
  362. {
  363. config_item_put(item);
  364. atomic_dec(&provider.count);
  365. }
  366. static struct configfs_group_operations tsm_report_group_ops = {
  367. .make_item = tsm_report_make_item,
  368. .drop_item = tsm_report_drop_item,
  369. };
  370. static const struct config_item_type tsm_reports_type = {
  371. .ct_owner = THIS_MODULE,
  372. .ct_group_ops = &tsm_report_group_ops,
  373. };
  374. static const struct config_item_type tsm_root_group_type = {
  375. .ct_owner = THIS_MODULE,
  376. };
  377. static struct configfs_subsystem tsm_configfs = {
  378. .su_group = {
  379. .cg_item = {
  380. .ci_namebuf = "tsm",
  381. .ci_type = &tsm_root_group_type,
  382. },
  383. },
  384. .su_mutex = __MUTEX_INITIALIZER(tsm_configfs.su_mutex),
  385. };
  386. int tsm_report_register(const struct tsm_report_ops *ops, void *priv)
  387. {
  388. const struct tsm_report_ops *conflict;
  389. guard(rwsem_write)(&tsm_rwsem);
  390. conflict = provider.ops;
  391. if (conflict) {
  392. pr_err("\"%s\" ops already registered\n", conflict->name);
  393. return -EBUSY;
  394. }
  395. if (atomic_read(&provider.count)) {
  396. pr_err("configfs/tsm/report not empty\n");
  397. return -EBUSY;
  398. }
  399. provider.ops = ops;
  400. provider.data = priv;
  401. return 0;
  402. }
  403. EXPORT_SYMBOL_GPL(tsm_report_register);
  404. int tsm_report_unregister(const struct tsm_report_ops *ops)
  405. {
  406. guard(rwsem_write)(&tsm_rwsem);
  407. if (ops != provider.ops)
  408. return -EBUSY;
  409. if (atomic_read(&provider.count))
  410. pr_warn("\"%s\" unregistered with items present in configfs/tsm/report\n",
  411. provider.ops->name);
  412. provider.ops = NULL;
  413. provider.data = NULL;
  414. return 0;
  415. }
  416. EXPORT_SYMBOL_GPL(tsm_report_unregister);
  417. static struct config_group *tsm_report_group;
  418. static int __init tsm_report_init(void)
  419. {
  420. struct config_group *root = &tsm_configfs.su_group;
  421. struct config_group *tsm;
  422. int rc;
  423. config_group_init(root);
  424. rc = configfs_register_subsystem(&tsm_configfs);
  425. if (rc)
  426. return rc;
  427. tsm = configfs_register_default_group(root, "report",
  428. &tsm_reports_type);
  429. if (IS_ERR(tsm)) {
  430. configfs_unregister_subsystem(&tsm_configfs);
  431. return PTR_ERR(tsm);
  432. }
  433. tsm_report_group = tsm;
  434. return 0;
  435. }
  436. module_init(tsm_report_init);
  437. static void __exit tsm_report_exit(void)
  438. {
  439. configfs_unregister_default_group(tsm_report_group);
  440. configfs_unregister_subsystem(&tsm_configfs);
  441. }
  442. module_exit(tsm_report_exit);
  443. MODULE_LICENSE("GPL");
  444. MODULE_DESCRIPTION("Provide Trusted Security Module attestation reports via configfs");