1// SPDX-License-Identifier: GPL-2.0 2/* 3 * Greybus Component Authentication Protocol (CAP) Driver. 4 * 5 * Copyright 2016 Google Inc. 6 * Copyright 2016 Linaro Ltd. 7 */ 8 9#include <linux/greybus.h> 10#include <linux/cdev.h> 11#include <linux/fs.h> 12#include <linux/ioctl.h> 13#include <linux/uaccess.h> 14 15#include "greybus_authentication.h" 16#include "firmware.h" 17 18#define CAP_TIMEOUT_MS 1000 19 20/* 21 * Number of minor devices this driver supports. 22 * There will be exactly one required per Interface. 23 */ 24#define NUM_MINORS U8_MAX 25 26struct gb_cap { 27 struct device *parent; 28 struct gb_connection *connection; 29 struct kref kref; 30 struct list_head node; 31 bool disabled; /* connection getting disabled */ 32 33 struct mutex mutex; 34 struct cdev cdev; 35 struct device *class_device; 36 dev_t dev_num; 37}; 38 39static const struct class cap_class = { 40 .name = "gb_authenticate", 41}; 42 43static dev_t cap_dev_num; 44static DEFINE_IDA(cap_minors_map); 45static LIST_HEAD(cap_list); 46static DEFINE_MUTEX(list_mutex); 47 48static void cap_kref_release(struct kref *kref) 49{ 50 struct gb_cap *cap = container_of(kref, struct gb_cap, kref); 51 52 kfree(cap); 53} 54 55/* 56 * All users of cap take a reference (from within list_mutex lock), before 57 * they get a pointer to play with. And the structure will be freed only after 58 * the last user has put the reference to it. 59 */ 60static void put_cap(struct gb_cap *cap) 61{ 62 kref_put(&cap->kref, cap_kref_release); 63} 64 65/* Caller must call put_cap() after using struct gb_cap */ 66static struct gb_cap *get_cap(struct cdev *cdev) 67{ 68 struct gb_cap *cap; 69 70 mutex_lock(&list_mutex); 71 72 list_for_each_entry(cap, &cap_list, node) { 73 if (&cap->cdev == cdev) { 74 kref_get(&cap->kref); 75 goto unlock; 76 } 77 } 78 79 cap = NULL; 80 81unlock: 82 mutex_unlock(&list_mutex); 83 84 return cap; 85} 86 87static int cap_get_endpoint_uid(struct gb_cap *cap, u8 *euid) 88{ 89 struct gb_connection *connection = cap->connection; 90 struct gb_cap_get_endpoint_uid_response response; 91 int ret; 92 93 ret = gb_operation_sync(connection, GB_CAP_TYPE_GET_ENDPOINT_UID, NULL, 94 0, &response, sizeof(response)); 95 if (ret) { 96 dev_err(cap->parent, "failed to get endpoint uid (%d)\n", ret); 97 return ret; 98 } 99 100 memcpy(euid, response.uid, sizeof(response.uid)); 101 102 return 0; 103} 104 105static int cap_get_ims_certificate(struct gb_cap *cap, u32 class, u32 id, 106 u8 *certificate, u32 *size, u8 *result) 107{ 108 struct gb_connection *connection = cap->connection; 109 struct gb_cap_get_ims_certificate_request *request; 110 struct gb_cap_get_ims_certificate_response *response; 111 size_t max_size = gb_operation_get_payload_size_max(connection); 112 struct gb_operation *op; 113 int ret; 114 115 op = gb_operation_create_flags(connection, 116 GB_CAP_TYPE_GET_IMS_CERTIFICATE, 117 sizeof(*request), max_size, 118 GB_OPERATION_FLAG_SHORT_RESPONSE, 119 GFP_KERNEL); 120 if (!op) 121 return -ENOMEM; 122 123 request = op->request->payload; 124 request->certificate_class = cpu_to_le32(class); 125 request->certificate_id = cpu_to_le32(id); 126 127 ret = gb_operation_request_send_sync(op); 128 if (ret) { 129 dev_err(cap->parent, "failed to get certificate (%d)\n", ret); 130 goto done; 131 } 132 133 response = op->response->payload; 134 *result = response->result_code; 135 *size = op->response->payload_size - sizeof(*response); 136 memcpy(certificate, response->certificate, *size); 137 138done: 139 gb_operation_put(op); 140 return ret; 141} 142 143static int cap_authenticate(struct gb_cap *cap, u32 auth_type, u8 *uid, 144 u8 *challenge, u8 *result, u8 *auth_response, 145 u32 *signature_size, u8 *signature) 146{ 147 struct gb_connection *connection = cap->connection; 148 struct gb_cap_authenticate_request *request; 149 struct gb_cap_authenticate_response *response; 150 size_t max_size = gb_operation_get_payload_size_max(connection); 151 struct gb_operation *op; 152 int ret; 153 154 op = gb_operation_create_flags(connection, GB_CAP_TYPE_AUTHENTICATE, 155 sizeof(*request), max_size, 156 GB_OPERATION_FLAG_SHORT_RESPONSE, 157 GFP_KERNEL); 158 if (!op) 159 return -ENOMEM; 160 161 request = op->request->payload; 162 request->auth_type = cpu_to_le32(auth_type); 163 memcpy(request->uid, uid, sizeof(request->uid)); 164 memcpy(request->challenge, challenge, sizeof(request->challenge)); 165 166 ret = gb_operation_request_send_sync(op); 167 if (ret) { 168 dev_err(cap->parent, "failed to authenticate (%d)\n", ret); 169 goto done; 170 } 171 172 response = op->response->payload; 173 *result = response->result_code; 174 *signature_size = op->response->payload_size - sizeof(*response); 175 memcpy(auth_response, response->response, sizeof(response->response)); 176 memcpy(signature, response->signature, *signature_size); 177 178done: 179 gb_operation_put(op); 180 return ret; 181} 182 183/* Char device fops */ 184 185static int cap_open(struct inode *inode, struct file *file) 186{ 187 struct gb_cap *cap = get_cap(inode->i_cdev); 188 189 /* cap structure can't get freed until file descriptor is closed */ 190 if (cap) { 191 file->private_data = cap; 192 return 0; 193 } 194 195 return -ENODEV; 196} 197 198static int cap_release(struct inode *inode, struct file *file) 199{ 200 struct gb_cap *cap = file->private_data; 201 202 put_cap(cap); 203 return 0; 204} 205 206static int cap_ioctl(struct gb_cap *cap, unsigned int cmd, 207 void __user *buf) 208{ 209 struct cap_ioc_get_endpoint_uid endpoint_uid; 210 struct cap_ioc_get_ims_certificate *ims_cert; 211 struct cap_ioc_authenticate *authenticate; 212 size_t size; 213 int ret; 214 215 switch (cmd) { 216 case CAP_IOC_GET_ENDPOINT_UID: 217 ret = cap_get_endpoint_uid(cap, endpoint_uid.uid); 218 if (ret) 219 return ret; 220 221 if (copy_to_user(buf, &endpoint_uid, sizeof(endpoint_uid))) 222 return -EFAULT; 223 224 return 0; 225 case CAP_IOC_GET_IMS_CERTIFICATE: 226 size = sizeof(*ims_cert); 227 ims_cert = memdup_user(buf, size); 228 if (IS_ERR(ims_cert)) 229 return PTR_ERR(ims_cert); 230 231 ret = cap_get_ims_certificate(cap, ims_cert->certificate_class, 232 ims_cert->certificate_id, 233 ims_cert->certificate, 234 &ims_cert->cert_size, 235 &ims_cert->result_code); 236 if (!ret && copy_to_user(buf, ims_cert, size)) 237 ret = -EFAULT; 238 kfree(ims_cert); 239 240 return ret; 241 case CAP_IOC_AUTHENTICATE: 242 size = sizeof(*authenticate); 243 authenticate = memdup_user(buf, size); 244 if (IS_ERR(authenticate)) 245 return PTR_ERR(authenticate); 246 247 ret = cap_authenticate(cap, authenticate->auth_type, 248 authenticate->uid, 249 authenticate->challenge, 250 &authenticate->result_code, 251 authenticate->response, 252 &authenticate->signature_size, 253 authenticate->signature); 254 if (!ret && copy_to_user(buf, authenticate, size)) 255 ret = -EFAULT; 256 kfree(authenticate); 257 258 return ret; 259 default: 260 return -ENOTTY; 261 } 262} 263 264static long cap_ioctl_unlocked(struct file *file, unsigned int cmd, 265 unsigned long arg) 266{ 267 struct gb_cap *cap = file->private_data; 268 struct gb_bundle *bundle = cap->connection->bundle; 269 int ret = -ENODEV; 270 271 /* 272 * Serialize ioctls. 273 * 274 * We don't want the user to do multiple authentication operations in 275 * parallel. 276 * 277 * This is also used to protect ->disabled, which is used to check if 278 * the connection is getting disconnected, so that we don't start any 279 * new operations. 280 */ 281 mutex_lock(&cap->mutex); 282 if (!cap->disabled) { 283 ret = gb_pm_runtime_get_sync(bundle); 284 if (!ret) { 285 ret = cap_ioctl(cap, cmd, (void __user *)arg); 286 gb_pm_runtime_put_autosuspend(bundle); 287 } 288 } 289 mutex_unlock(&cap->mutex); 290 291 return ret; 292} 293 294static const struct file_operations cap_fops = { 295 .owner = THIS_MODULE, 296 .open = cap_open, 297 .release = cap_release, 298 .unlocked_ioctl = cap_ioctl_unlocked, 299}; 300 301int gb_cap_connection_init(struct gb_connection *connection) 302{ 303 struct gb_cap *cap; 304 int ret, minor; 305 306 if (!connection) 307 return 0; 308 309 cap = kzalloc(sizeof(*cap), GFP_KERNEL); 310 if (!cap) 311 return -ENOMEM; 312 313 cap->parent = &connection->bundle->dev; 314 cap->connection = connection; 315 mutex_init(&cap->mutex); 316 gb_connection_set_data(connection, cap); 317 kref_init(&cap->kref); 318 319 mutex_lock(&list_mutex); 320 list_add(&cap->node, &cap_list); 321 mutex_unlock(&list_mutex); 322 323 ret = gb_connection_enable(connection); 324 if (ret) 325 goto err_list_del; 326 327 minor = ida_alloc_max(&cap_minors_map, NUM_MINORS - 1, GFP_KERNEL); 328 if (minor < 0) { 329 ret = minor; 330 goto err_connection_disable; 331 } 332 333 /* Add a char device to allow userspace to interact with cap */ 334 cap->dev_num = MKDEV(MAJOR(cap_dev_num), minor); 335 cdev_init(&cap->cdev, &cap_fops); 336 337 ret = cdev_add(&cap->cdev, cap->dev_num, 1); 338 if (ret) 339 goto err_remove_ida; 340 341 /* Add a soft link to the previously added char-dev within the bundle */ 342 cap->class_device = device_create(&cap_class, cap->parent, cap->dev_num, 343 NULL, "gb-authenticate-%d", minor); 344 if (IS_ERR(cap->class_device)) { 345 ret = PTR_ERR(cap->class_device); 346 goto err_del_cdev; 347 } 348 349 return 0; 350 351err_del_cdev: 352 cdev_del(&cap->cdev); 353err_remove_ida: 354 ida_free(&cap_minors_map, minor); 355err_connection_disable: 356 gb_connection_disable(connection); 357err_list_del: 358 mutex_lock(&list_mutex); 359 list_del(&cap->node); 360 mutex_unlock(&list_mutex); 361 362 put_cap(cap); 363 364 return ret; 365} 366 367void gb_cap_connection_exit(struct gb_connection *connection) 368{ 369 struct gb_cap *cap; 370 371 if (!connection) 372 return; 373 374 cap = gb_connection_get_data(connection); 375 376 device_destroy(&cap_class, cap->dev_num); 377 cdev_del(&cap->cdev); 378 ida_free(&cap_minors_map, MINOR(cap->dev_num)); 379 380 /* 381 * Disallow any new ioctl operations on the char device and wait for 382 * existing ones to finish. 383 */ 384 mutex_lock(&cap->mutex); 385 cap->disabled = true; 386 mutex_unlock(&cap->mutex); 387 388 /* All pending greybus operations should have finished by now */ 389 gb_connection_disable(cap->connection); 390 391 /* Disallow new users to get access to the cap structure */ 392 mutex_lock(&list_mutex); 393 list_del(&cap->node); 394 mutex_unlock(&list_mutex); 395 396 /* 397 * All current users of cap would have taken a reference to it by 398 * now, we can drop our reference and wait the last user will get 399 * cap freed. 400 */ 401 put_cap(cap); 402} 403 404int cap_init(void) 405{ 406 int ret; 407 408 ret = class_register(&cap_class); 409 if (ret) 410 return ret; 411 412 ret = alloc_chrdev_region(&cap_dev_num, 0, NUM_MINORS, 413 "gb_authenticate"); 414 if (ret) 415 goto err_remove_class; 416 417 return 0; 418 419err_remove_class: 420 class_unregister(&cap_class); 421 return ret; 422} 423 424void cap_exit(void) 425{ 426 unregister_chrdev_region(cap_dev_num, NUM_MINORS); 427 class_unregister(&cap_class); 428 ida_destroy(&cap_minors_map); 429} 430