xref: /qemu/backends/tpm/tpm_ioctl.h (revision 7025114b) 
1 /*
2  * tpm_ioctl.h
3  *
4  * (c) Copyright IBM Corporation 2014, 2015.
5  *
6  * This file is licensed under the terms of the 3-clause BSD license
7  */
8 
9 #ifndef TPM_IOCTL_H
10 #define TPM_IOCTL_H
11 
12 #ifndef _WIN32
13 #include <sys/uio.h>
14 #include <sys/ioctl.h>
15 #endif
16 
17 #ifdef HAVE_SYS_IOCCOM_H
18 #include <sys/ioccom.h>
19 #endif
20 
21 /*
22  * Every response from a command involving a TPM command execution must hold
23  * the ptm_res as the first element.
24  * ptm_res corresponds to the error code of a command executed by the TPM.
25  */
26 
27 typedef uint32_t ptm_res;
28 
29 /* PTM_GET_TPMESTABLISHED: get the establishment bit */
30 struct ptm_est {
31     union {
32         struct {
33             ptm_res tpm_result;
34             unsigned char bit; /* TPM established bit */
35         } resp; /* response */
36     } u;
37 };
38 
39 /* PTM_RESET_TPMESTABLISHED: reset establishment bit */
40 struct ptm_reset_est {
41     union {
42         struct {
43             uint8_t loc; /* locality to use */
44         } req; /* request */
45         struct {
46             ptm_res tpm_result;
47         } resp; /* response */
48     } u;
49 };
50 
51 /* PTM_INIT */
52 struct ptm_init {
53     union {
54         struct {
55             uint32_t init_flags; /* see definitions below */
56         } req; /* request */
57         struct {
58             ptm_res tpm_result;
59         } resp; /* response */
60     } u;
61 };
62 
63 /* above init_flags */
64 #define PTM_INIT_FLAG_DELETE_VOLATILE (1 << 0)
65     /* delete volatile state file after reading it */
66 
67 /* PTM_SET_LOCALITY */
68 struct ptm_loc {
69     union {
70         struct {
71             uint8_t loc; /* locality to set */
72         } req; /* request */
73         struct {
74             ptm_res tpm_result;
75         } resp; /* response */
76     } u;
77 };
78 
79 /* PTM_HASH_DATA: hash given data */
80 struct ptm_hdata {
81     union {
82         struct {
83             uint32_t length;
84             uint8_t data[4096];
85         } req; /* request */
86         struct {
87             ptm_res tpm_result;
88         } resp; /* response */
89     } u;
90 };
91 
92 /*
93  * size of the TPM state blob to transfer; x86_64 can handle 8k,
94  * ppc64le only ~7k; keep the response below a 4k page size
95  */
96 #define PTM_STATE_BLOB_SIZE (3 * 1024)
97 
98 /*
99  * The following is the data structure to get state blobs from the TPM.
100  * If the size of the state blob exceeds the PTM_STATE_BLOB_SIZE, multiple reads
101  * with this ioctl and with adjusted offset are necessary. All bytes
102  * must be transferred and the transfer is done once the last byte has been
103  * returned.
104  * It is possible to use the read() interface for reading the data; however, the
105  * first bytes of the state blob will be part of the response to the ioctl(); a
106  * subsequent read() is only necessary if the total length (totlength) exceeds
107  * the number of received bytes. seek() is not supported.
108  */
109 struct ptm_getstate {
110     union {
111         struct {
112             uint32_t state_flags; /* may be: PTM_STATE_FLAG_DECRYPTED */
113             uint32_t type;        /* which blob to pull */
114             uint32_t offset;      /* offset from where to read */
115         } req; /* request */
116         struct {
117             ptm_res tpm_result;
118             uint32_t state_flags; /* may be: PTM_STATE_FLAG_ENCRYPTED */
119             uint32_t totlength;   /* total length that will be transferred */
120             uint32_t length;      /* number of bytes in following buffer */
121             uint8_t  data[PTM_STATE_BLOB_SIZE];
122         } resp; /* response */
123     } u;
124 };
125 
126 /* TPM state blob types */
127 #define PTM_BLOB_TYPE_PERMANENT  1
128 #define PTM_BLOB_TYPE_VOLATILE   2
129 #define PTM_BLOB_TYPE_SAVESTATE  3
130 
131 /* state_flags above : */
132 #define PTM_STATE_FLAG_DECRYPTED     1 /* on input:  get decrypted state */
133 #define PTM_STATE_FLAG_ENCRYPTED     2 /* on output: state is encrypted */
134 
135 /*
136  * The following is the data structure to set state blobs in the TPM.
137  * If the size of the state blob exceeds the PTM_STATE_BLOB_SIZE, multiple
138  * 'writes' using this ioctl are necessary. The last packet is indicated
139  * by the length being smaller than the PTM_STATE_BLOB_SIZE.
140  * The very first packet may have a length indicator of '0' enabling
141  * a write() with all the bytes from a buffer. If the write() interface
142  * is used, a final ioctl with a non-full buffer must be made to indicate
143  * that all data were transferred (a write with 0 bytes would not work).
144  */
145 struct ptm_setstate {
146     union {
147         struct {
148             uint32_t state_flags; /* may be PTM_STATE_FLAG_ENCRYPTED */
149             uint32_t type;        /* which blob to set */
150             uint32_t length;      /* length of the data;
151                                      use 0 on the first packet to
152                                      transfer using write() */
153             uint8_t data[PTM_STATE_BLOB_SIZE];
154         } req; /* request */
155         struct {
156             ptm_res tpm_result;
157         } resp; /* response */
158     } u;
159 };
160 
161 /*
162  * PTM_GET_CONFIG: Data structure to get runtime configuration information
163  * such as which keys are applied.
164  */
165 struct ptm_getconfig {
166     union {
167         struct {
168             ptm_res tpm_result;
169             uint32_t flags;
170         } resp; /* response */
171     } u;
172 };
173 
174 #define PTM_CONFIG_FLAG_FILE_KEY        0x1
175 #define PTM_CONFIG_FLAG_MIGRATION_KEY   0x2
176 
177 /*
178  * PTM_SET_BUFFERSIZE: Set the buffer size to be used by the TPM.
179  * A 0 on input queries for the current buffer size. Any other
180  * number will try to set the buffer size. The returned number is
181  * the buffer size that will be used, which can be larger than the
182  * requested one, if it was below the minimum, or smaller than the
183  * requested one, if it was above the maximum.
184  */
185 struct ptm_setbuffersize {
186     union {
187         struct {
188             uint32_t buffersize; /* 0 to query for current buffer size */
189         } req; /* request */
190         struct {
191             ptm_res tpm_result;
192             uint32_t buffersize; /* buffer size in use */
193             uint32_t minsize; /* min. supported buffer size */
194             uint32_t maxsize; /* max. supported buffer size */
195         } resp; /* response */
196     } u;
197 };
198 
199 
200 typedef uint64_t ptm_cap;
201 typedef struct ptm_est ptm_est;
202 typedef struct ptm_reset_est ptm_reset_est;
203 typedef struct ptm_loc ptm_loc;
204 typedef struct ptm_hdata ptm_hdata;
205 typedef struct ptm_init ptm_init;
206 typedef struct ptm_getstate ptm_getstate;
207 typedef struct ptm_setstate ptm_setstate;
208 typedef struct ptm_getconfig ptm_getconfig;
209 typedef struct ptm_setbuffersize ptm_setbuffersize;
210 
211 /* capability flags returned by PTM_GET_CAPABILITY */
212 #define PTM_CAP_INIT               (1)
213 #define PTM_CAP_SHUTDOWN           (1 << 1)
214 #define PTM_CAP_GET_TPMESTABLISHED (1 << 2)
215 #define PTM_CAP_SET_LOCALITY       (1 << 3)
216 #define PTM_CAP_HASHING            (1 << 4)
217 #define PTM_CAP_CANCEL_TPM_CMD     (1 << 5)
218 #define PTM_CAP_STORE_VOLATILE     (1 << 6)
219 #define PTM_CAP_RESET_TPMESTABLISHED (1 << 7)
220 #define PTM_CAP_GET_STATEBLOB      (1 << 8)
221 #define PTM_CAP_SET_STATEBLOB      (1 << 9)
222 #define PTM_CAP_STOP               (1 << 10)
223 #define PTM_CAP_GET_CONFIG         (1 << 11)
224 #define PTM_CAP_SET_DATAFD         (1 << 12)
225 #define PTM_CAP_SET_BUFFERSIZE     (1 << 13)
226 
227 #ifndef _WIN32
228 enum {
229     PTM_GET_CAPABILITY     = _IOR('P', 0, ptm_cap),
230     PTM_INIT               = _IOWR('P', 1, ptm_init),
231     PTM_SHUTDOWN           = _IOR('P', 2, ptm_res),
232     PTM_GET_TPMESTABLISHED = _IOR('P', 3, ptm_est),
233     PTM_SET_LOCALITY       = _IOWR('P', 4, ptm_loc),
234     PTM_HASH_START         = _IOR('P', 5, ptm_res),
235     PTM_HASH_DATA          = _IOWR('P', 6, ptm_hdata),
236     PTM_HASH_END           = _IOR('P', 7, ptm_res),
237     PTM_CANCEL_TPM_CMD     = _IOR('P', 8, ptm_res),
238     PTM_STORE_VOLATILE     = _IOR('P', 9, ptm_res),
239     PTM_RESET_TPMESTABLISHED = _IOWR('P', 10, ptm_reset_est),
240     PTM_GET_STATEBLOB      = _IOWR('P', 11, ptm_getstate),
241     PTM_SET_STATEBLOB      = _IOWR('P', 12, ptm_setstate),
242     PTM_STOP               = _IOR('P', 13, ptm_res),
243     PTM_GET_CONFIG         = _IOR('P', 14, ptm_getconfig),
244     PTM_SET_DATAFD         = _IOR('P', 15, ptm_res),
245     PTM_SET_BUFFERSIZE     = _IOWR('P', 16, ptm_setbuffersize),
246 };
247 #endif
248 
249 /*
250  * Commands used by the non-CUSE TPMs
251  *
252  * All messages container big-endian data.
253  *
254  * The return messages only contain the 'resp' part of the unions
255  * in the data structures above. Besides that the limits in the
256  * buffers above (ptm_hdata:u.req.data and ptm_get_state:u.resp.data
257  * and ptm_set_state:u.req.data) are 0xffffffff.
258  */
259 enum {
260     CMD_GET_CAPABILITY = 1,
261     CMD_INIT,
262     CMD_SHUTDOWN,
263     CMD_GET_TPMESTABLISHED,
264     CMD_SET_LOCALITY,
265     CMD_HASH_START,
266     CMD_HASH_DATA,
267     CMD_HASH_END,
268     CMD_CANCEL_TPM_CMD,
269     CMD_STORE_VOLATILE,
270     CMD_RESET_TPMESTABLISHED,
271     CMD_GET_STATEBLOB,
272     CMD_SET_STATEBLOB,
273     CMD_STOP,
274     CMD_GET_CONFIG,
275     CMD_SET_DATAFD,
276     CMD_SET_BUFFERSIZE,
277 };
278 
279 #endif /* TPM_IOCTL_H */
280