mirror of
https://github.com/torvalds/linux.git
synced 2024-11-24 05:02:12 +00:00
47f9c27968
Move existing code to trusted keys subsystem. Also, rename files with "tpm" as suffix which provides the underlying implementation. Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Sumit Garg <sumit.garg@linaro.org> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
105 lines
2.9 KiB
C
105 lines
2.9 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
#ifndef __TRUSTED_TPM_H
|
|
#define __TRUSTED_TPM_H
|
|
|
|
#include <keys/trusted-type.h>
|
|
#include <linux/tpm_command.h>
|
|
|
|
/* implementation specific TPM constants */
|
|
#define MAX_BUF_SIZE 1024
|
|
#define TPM_GETRANDOM_SIZE 14
|
|
#define TPM_SIZE_OFFSET 2
|
|
#define TPM_RETURN_OFFSET 6
|
|
#define TPM_DATA_OFFSET 10
|
|
|
|
#define LOAD32(buffer, offset) (ntohl(*(uint32_t *)&buffer[offset]))
|
|
#define LOAD32N(buffer, offset) (*(uint32_t *)&buffer[offset])
|
|
#define LOAD16(buffer, offset) (ntohs(*(uint16_t *)&buffer[offset]))
|
|
|
|
struct osapsess {
|
|
uint32_t handle;
|
|
unsigned char secret[SHA1_DIGEST_SIZE];
|
|
unsigned char enonce[TPM_NONCE_SIZE];
|
|
};
|
|
|
|
/* discrete values, but have to store in uint16_t for TPM use */
|
|
enum {
|
|
SEAL_keytype = 1,
|
|
SRK_keytype = 4
|
|
};
|
|
|
|
int TSS_authhmac(unsigned char *digest, const unsigned char *key,
|
|
unsigned int keylen, unsigned char *h1,
|
|
unsigned char *h2, unsigned int h3, ...);
|
|
int TSS_checkhmac1(unsigned char *buffer,
|
|
const uint32_t command,
|
|
const unsigned char *ononce,
|
|
const unsigned char *key,
|
|
unsigned int keylen, ...);
|
|
|
|
int trusted_tpm_send(unsigned char *cmd, size_t buflen);
|
|
int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce);
|
|
|
|
#define TPM_DEBUG 0
|
|
|
|
#if TPM_DEBUG
|
|
static inline void dump_options(struct trusted_key_options *o)
|
|
{
|
|
pr_info("trusted_key: sealing key type %d\n", o->keytype);
|
|
pr_info("trusted_key: sealing key handle %0X\n", o->keyhandle);
|
|
pr_info("trusted_key: pcrlock %d\n", o->pcrlock);
|
|
pr_info("trusted_key: pcrinfo %d\n", o->pcrinfo_len);
|
|
print_hex_dump(KERN_INFO, "pcrinfo ", DUMP_PREFIX_NONE,
|
|
16, 1, o->pcrinfo, o->pcrinfo_len, 0);
|
|
}
|
|
|
|
static inline void dump_payload(struct trusted_key_payload *p)
|
|
{
|
|
pr_info("trusted_key: key_len %d\n", p->key_len);
|
|
print_hex_dump(KERN_INFO, "key ", DUMP_PREFIX_NONE,
|
|
16, 1, p->key, p->key_len, 0);
|
|
pr_info("trusted_key: bloblen %d\n", p->blob_len);
|
|
print_hex_dump(KERN_INFO, "blob ", DUMP_PREFIX_NONE,
|
|
16, 1, p->blob, p->blob_len, 0);
|
|
pr_info("trusted_key: migratable %d\n", p->migratable);
|
|
}
|
|
|
|
static inline void dump_sess(struct osapsess *s)
|
|
{
|
|
print_hex_dump(KERN_INFO, "trusted-key: handle ", DUMP_PREFIX_NONE,
|
|
16, 1, &s->handle, 4, 0);
|
|
pr_info("trusted-key: secret:\n");
|
|
print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
|
|
16, 1, &s->secret, SHA1_DIGEST_SIZE, 0);
|
|
pr_info("trusted-key: enonce:\n");
|
|
print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
|
|
16, 1, &s->enonce, SHA1_DIGEST_SIZE, 0);
|
|
}
|
|
|
|
static inline void dump_tpm_buf(unsigned char *buf)
|
|
{
|
|
int len;
|
|
|
|
pr_info("\ntrusted-key: tpm buffer\n");
|
|
len = LOAD32(buf, TPM_SIZE_OFFSET);
|
|
print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, buf, len, 0);
|
|
}
|
|
#else
|
|
static inline void dump_options(struct trusted_key_options *o)
|
|
{
|
|
}
|
|
|
|
static inline void dump_payload(struct trusted_key_payload *p)
|
|
{
|
|
}
|
|
|
|
static inline void dump_sess(struct osapsess *s)
|
|
{
|
|
}
|
|
|
|
static inline void dump_tpm_buf(unsigned char *buf)
|
|
{
|
|
}
|
|
#endif
|
|
#endif
|