coco/efi_secret/efi_secret.c

0001 // SPDX-License-Identifier: GPL-2.0
0002 /*
0003  * efi_secret module
0004  *
0005  * Copyright (C) 2022 IBM Corporation
0006  * Author: Dov Murik <dovmurik@linux.ibm.com>
0007  */
0008
0009 /**
0010  * DOC: efi_secret: Allow reading EFI confidential computing (coco) secret area
0011  * via securityfs interface.
0012  *
0013  * When the module is loaded (and securityfs is mounted, typically under
0014  * /sys/kernel/security), a "secrets/coco" directory is created in securityfs.
0015  * In it, a file is created for each secret entry.  The name of each such file
0016  * is the GUID of the secret entry, and its content is the secret data.
0017  */
0018
0019 #include <linux/platform_device.h>
0020 #include <linux/seq_file.h>
0021 #include <linux/fs.h>
0022 #include <linux/kernel.h>
0023 #include <linux/init.h>
0024 #include <linux/module.h>
0025 #include <linux/io.h>
0026 #include <linux/security.h>
0027 #include <linux/efi.h>
0028 #include <linux/cacheflush.h>
0029
0030 #define EFI_SECRET_NUM_FILES 64
0031
0032 struct efi_secret {
0033     struct dentry *secrets_dir;
0034     struct dentry *fs_dir;
0035     struct dentry *fs_files[EFI_SECRET_NUM_FILES];
0036     void __iomem *secret_data;
0037     u64 secret_data_len;
0038 };
0039
0040 /*
0041  * Structure of the EFI secret area
0042  *
0043  * Offset   Length
0044  * (bytes)  (bytes)  Usage
0045  * -------  -------  -----
0046  *       0       16  Secret table header GUID (must be 1e74f542-71dd-4d66-963e-ef4287ff173b)
0047  *      16        4  Length of bytes of the entire secret area
0048  *
0049  *      20       16  First secret entry's GUID
0050  *      36        4  First secret entry's length in bytes (= 16 + 4 + x)
0051  *      40        x  First secret entry's data
0052  *
0053  *    40+x       16  Second secret entry's GUID
0054  *    56+x        4  Second secret entry's length in bytes (= 16 + 4 + y)
0055  *    60+x        y  Second secret entry's data
0056  *
0057  * (... and so on for additional entries)
0058  *
0059  * The GUID of each secret entry designates the usage of the secret data.
0060  */
0061
0062 /**
0063  * struct secret_header - Header of entire secret area; this should be followed
0064  * by instances of struct secret_entry.
0065  * @guid:   Must be EFI_SECRET_TABLE_HEADER_GUID
0066  * @len:    Length in bytes of entire secret area, including header
0067  */
0068 struct secret_header {
0069     efi_guid_t guid;
0070     u32 len;
0071 } __attribute((packed));
0072
0073 /**
0074  * struct secret_entry - Holds one secret entry
0075  * @guid:   Secret-specific GUID (or NULL_GUID if this secret entry was deleted)
0076  * @len:    Length of secret entry, including its guid and len fields
0077  * @data:   The secret data (full of zeros if this secret entry was deleted)
0078  */
0079 struct secret_entry {
0080     efi_guid_t guid;
0081     u32 len;
0082     u8 data[];
0083 } __attribute((packed));
0084
0085 static size_t secret_entry_data_len(struct secret_entry *e)
0086 {
0087     return e->len - sizeof(*e);
0088 }
0089
0090 static struct efi_secret the_efi_secret;
0091
0092 static inline struct efi_secret *efi_secret_get(void)
0093 {
0094     return &the_efi_secret;
0095 }
0096
0097 static int efi_secret_bin_file_show(struct seq_file *file, void *data)
0098 {
0099     struct secret_entry *e = file->private;
0100
0101     if (e)
0102         seq_write(file, e->data, secret_entry_data_len(e));
0103
0104     return 0;
0105 }
0106 DEFINE_SHOW_ATTRIBUTE(efi_secret_bin_file);
0107
0108 /*
0109  * Overwrite memory content with zeroes, and ensure that dirty cache lines are
0110  * actually written back to memory, to clear out the secret.
0111  */
0112 static void wipe_memory(void *addr, size_t size)
0113 {
0114     memzero_explicit(addr, size);
0115 #ifdef CONFIG_X86
0116     clflush_cache_range(addr, size);
0117 #endif
0118 }
0119
0120 static int efi_secret_unlink(struct inode *dir, struct dentry *dentry)
0121 {
0122     struct efi_secret *s = efi_secret_get();
0123     struct inode *inode = d_inode(dentry);
0124     struct secret_entry *e = (struct secret_entry *)inode->i_private;
0125     int i;
0126
0127     if (e) {
0128         /* Zero out the secret data */
0129         wipe_memory(e->data, secret_entry_data_len(e));
0130         e->guid = NULL_GUID;
0131     }
0132
0133     inode->i_private = NULL;
0134
0135     for (i = 0; i < EFI_SECRET_NUM_FILES; i++)
0136         if (s->fs_files[i] == dentry)
0137             s->fs_files[i] = NULL;
0138
0139     /*
0140      * securityfs_remove tries to lock the directory's inode, but we reach
0141      * the unlink callback when it's already locked
0142      */
0143     inode_unlock(dir);
0144     securityfs_remove(dentry);
0145     inode_lock(dir);
0146
0147     return 0;
0148 }
0149
0150 static const struct inode_operations efi_secret_dir_inode_operations = {
0151     .lookup         = simple_lookup,
0152     .unlink         = efi_secret_unlink,
0153 };
0154
0155 static int efi_secret_map_area(struct platform_device *dev)
0156 {
0157     int ret;
0158     struct efi_secret *s = efi_secret_get();
0159     struct linux_efi_coco_secret_area *secret_area;
0160
0161     if (efi.coco_secret == EFI_INVALID_TABLE_ADDR) {
0162         dev_err(&dev->dev, "Secret area address is not available\n");
0163         return -EINVAL;
0164     }
0165
0166     secret_area = memremap(efi.coco_secret, sizeof(*secret_area), MEMREMAP_WB);
0167     if (secret_area == NULL) {
0168         dev_err(&dev->dev, "Could not map secret area EFI config entry\n");
0169         return -ENOMEM;
0170     }
0171     if (!secret_area->base_pa || secret_area->size < sizeof(struct secret_header)) {
0172         dev_err(&dev->dev,
0173             "Invalid secret area memory location (base_pa=0x%llx size=0x%llx)\n",
0174             secret_area->base_pa, secret_area->size);
0175         ret = -EINVAL;
0176         goto unmap;
0177     }
0178
0179     s->secret_data = ioremap_encrypted(secret_area->base_pa, secret_area->size);
0180     if (s->secret_data == NULL) {
0181         dev_err(&dev->dev, "Could not map secret area\n");
0182         ret = -ENOMEM;
0183         goto unmap;
0184     }
0185
0186     s->secret_data_len = secret_area->size;
0187     ret = 0;
0188
0189 unmap:
0190     memunmap(secret_area);
0191     return ret;
0192 }
0193
0194 static void efi_secret_securityfs_teardown(struct platform_device *dev)
0195 {
0196     struct efi_secret *s = efi_secret_get();
0197     int i;
0198
0199     for (i = (EFI_SECRET_NUM_FILES - 1); i >= 0; i--) {
0200         securityfs_remove(s->fs_files[i]);
0201         s->fs_files[i] = NULL;
0202     }
0203
0204     securityfs_remove(s->fs_dir);
0205     s->fs_dir = NULL;
0206
0207     securityfs_remove(s->secrets_dir);
0208     s->secrets_dir = NULL;
0209
0210     dev_dbg(&dev->dev, "Removed securityfs entries\n");
0211 }
0212
0213 static int efi_secret_securityfs_setup(struct platform_device *dev)
0214 {
0215     struct efi_secret *s = efi_secret_get();
0216     int ret = 0, i = 0, bytes_left;
0217     unsigned char *ptr;
0218     struct secret_header *h;
0219     struct secret_entry *e;
0220     struct dentry *dent;
0221     char guid_str[EFI_VARIABLE_GUID_LEN + 1];
0222
0223     ptr = (void __force *)s->secret_data;
0224     h = (struct secret_header *)ptr;
0225     if (efi_guidcmp(h->guid, EFI_SECRET_TABLE_HEADER_GUID)) {
0226         /*
0227          * This is not an error: it just means that EFI defines secret
0228          * area but it was not populated by the Guest Owner.
0229          */
0230         dev_dbg(&dev->dev, "EFI secret area does not start with correct GUID\n");
0231         return -ENODEV;
0232     }
0233     if (h->len < sizeof(*h)) {
0234         dev_err(&dev->dev, "EFI secret area reported length is too small\n");
0235         return -EINVAL;
0236     }
0237     if (h->len > s->secret_data_len) {
0238         dev_err(&dev->dev, "EFI secret area reported length is too big\n");
0239         return -EINVAL;
0240     }
0241
0242     s->secrets_dir = NULL;
0243     s->fs_dir = NULL;
0244     memset(s->fs_files, 0, sizeof(s->fs_files));
0245
0246     dent = securityfs_create_dir("secrets", NULL);
0247     if (IS_ERR(dent)) {
0248         dev_err(&dev->dev, "Error creating secrets securityfs directory entry err=%ld\n",
0249             PTR_ERR(dent));
0250         return PTR_ERR(dent);
0251     }
0252     s->secrets_dir = dent;
0253
0254     dent = securityfs_create_dir("coco", s->secrets_dir);
0255     if (IS_ERR(dent)) {
0256         dev_err(&dev->dev, "Error creating coco securityfs directory entry err=%ld\n",
0257             PTR_ERR(dent));
0258         return PTR_ERR(dent);
0259     }
0260     d_inode(dent)->i_op = &efi_secret_dir_inode_operations;
0261     s->fs_dir = dent;
0262
0263     bytes_left = h->len - sizeof(*h);
0264     ptr += sizeof(*h);
0265     while (bytes_left >= (int)sizeof(*e) && i < EFI_SECRET_NUM_FILES) {
0266         e = (struct secret_entry *)ptr;
0267         if (e->len < sizeof(*e) || e->len > (unsigned int)bytes_left) {
0268             dev_err(&dev->dev, "EFI secret area is corrupted\n");
0269             ret = -EINVAL;
0270             goto err_cleanup;
0271         }
0272
0273         /* Skip deleted entries (which will have NULL_GUID) */
0274         if (efi_guidcmp(e->guid, NULL_GUID)) {
0275             efi_guid_to_str(&e->guid, guid_str);
0276
0277             dent = securityfs_create_file(guid_str, 0440, s->fs_dir, (void *)e,
0278                               &efi_secret_bin_file_fops);
0279             if (IS_ERR(dent)) {
0280                 dev_err(&dev->dev, "Error creating efi_secret securityfs entry\n");
0281                 ret = PTR_ERR(dent);
0282                 goto err_cleanup;
0283             }
0284
0285             s->fs_files[i++] = dent;
0286         }
0287         ptr += e->len;
0288         bytes_left -= e->len;
0289     }
0290
0291     dev_info(&dev->dev, "Created %d entries in securityfs secrets/coco\n", i);
0292     return 0;
0293
0294 err_cleanup:
0295     efi_secret_securityfs_teardown(dev);
0296     return ret;
0297 }
0298
0299 static void efi_secret_unmap_area(void)
0300 {
0301     struct efi_secret *s = efi_secret_get();
0302
0303     if (s->secret_data) {
0304         iounmap(s->secret_data);
0305         s->secret_data = NULL;
0306         s->secret_data_len = 0;
0307     }
0308 }
0309
0310 static int efi_secret_probe(struct platform_device *dev)
0311 {
0312     int ret;
0313
0314     ret = efi_secret_map_area(dev);
0315     if (ret)
0316         return ret;
0317
0318     ret = efi_secret_securityfs_setup(dev);
0319     if (ret)
0320         goto err_unmap;
0321
0322     return ret;
0323
0324 err_unmap:
0325     efi_secret_unmap_area();
0326     return ret;
0327 }
0328
0329 static int efi_secret_remove(struct platform_device *dev)
0330 {
0331     efi_secret_securityfs_teardown(dev);
0332     efi_secret_unmap_area();
0333     return 0;
0334 }
0335
0336 static struct platform_driver efi_secret_driver = {
0337     .probe = efi_secret_probe,
0338     .remove = efi_secret_remove,
0339     .driver = {
0340         .name = "efi_secret",
0341     },
0342 };
0343
0344 module_platform_driver(efi_secret_driver);
0345
0346 MODULE_DESCRIPTION("Confidential computing EFI secret area access");
0347 MODULE_AUTHOR("IBM");
0348 MODULE_LICENSE("GPL");
0349 MODULE_ALIAS("platform:efi_secret");