projects / linux-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
[linux-block.git] / security / keys / trusted.h
CommitLineData
b2441318 1/* SPDX-License-Identifier: GPL-2.0 */
d00a1c72
MZ		 2#ifndef __TRUSTED_KEY_H
3#define __TRUSTED_KEY_H
4
5/* implementation specific TPM constants */
d00a1c72
MZ		 6#define MAX_BUF_SIZE 512
7#define TPM_GETRANDOM_SIZE 14
8#define TPM_OSAP_SIZE 36
9#define TPM_OIAP_SIZE 10
10#define TPM_SEAL_SIZE 87
11#define TPM_UNSEAL_SIZE 104
12#define TPM_SIZE_OFFSET 2
13#define TPM_RETURN_OFFSET 6
14#define TPM_DATA_OFFSET 10
15
16#define LOAD32(buffer, offset) (ntohl(*(uint32_t *)&buffer[offset]))
17#define LOAD32N(buffer, offset) (*(uint32_t *)&buffer[offset])
18#define LOAD16(buffer, offset) (ntohs(*(uint16_t *)&buffer[offset]))
19
20struct tpm_buf {
21 int len;
22 unsigned char data[MAX_BUF_SIZE];
23};
24
25#define INIT_BUF(tb) (tb->len = 0)
26
27struct osapsess {
28 uint32_t handle;
29 unsigned char secret[SHA1_DIGEST_SIZE];
30 unsigned char enonce[TPM_NONCE_SIZE];
31};
32
33/* discrete values, but have to store in uint16_t for TPM use */
34enum {
35 SEAL_keytype = 1,
36 SRK_keytype = 4
37};
38
d00a1c72
MZ		 39#define TPM_DEBUG 0
40
41#if TPM_DEBUG
42static inline void dump_options(struct trusted_key_options *o)
43{
44 pr_info("trusted_key: sealing key type %d\n", o->keytype);
45 pr_info("trusted_key: sealing key handle %0X\n", o->keyhandle);
46 pr_info("trusted_key: pcrlock %d\n", o->pcrlock);
47 pr_info("trusted_key: pcrinfo %d\n", o->pcrinfo_len);
48 print_hex_dump(KERN_INFO, "pcrinfo ", DUMP_PREFIX_NONE,
49 16, 1, o->pcrinfo, o->pcrinfo_len, 0);
50}
51
52static inline void dump_payload(struct trusted_key_payload *p)
53{
54 pr_info("trusted_key: key_len %d\n", p->key_len);
55 print_hex_dump(KERN_INFO, "key ", DUMP_PREFIX_NONE,
56 16, 1, p->key, p->key_len, 0);
57 pr_info("trusted_key: bloblen %d\n", p->blob_len);
58 print_hex_dump(KERN_INFO, "blob ", DUMP_PREFIX_NONE,
59 16, 1, p->blob, p->blob_len, 0);
60 pr_info("trusted_key: migratable %d\n", p->migratable);
61}
62
63static inline void dump_sess(struct osapsess *s)
64{
65 print_hex_dump(KERN_INFO, "trusted-key: handle ", DUMP_PREFIX_NONE,
66 16, 1, &s->handle, 4, 0);
67 pr_info("trusted-key: secret:\n");
68 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
69 16, 1, &s->secret, SHA1_DIGEST_SIZE, 0);
70 pr_info("trusted-key: enonce:\n");
71 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
72 16, 1, &s->enonce, SHA1_DIGEST_SIZE, 0);
73}
74
75static inline void dump_tpm_buf(unsigned char *buf)
76{
77 int len;
78
79 pr_info("\ntrusted-key: tpm buffer\n");
80 len = LOAD32(buf, TPM_SIZE_OFFSET);
81 print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, buf, len, 0);
82}
83#else
84static inline void dump_options(struct trusted_key_options *o)
85{
86}
87
88static inline void dump_payload(struct trusted_key_payload *p)
89{
90}
91
92static inline void dump_sess(struct osapsess *s)
93{
94}
95
96static inline void dump_tpm_buf(unsigned char *buf)
97{
98}
99#endif
100
101static inline void store8(struct tpm_buf *buf, const unsigned char value)
102{
103 buf->data[buf->len++] = value;
104}
105
106static inline void store16(struct tpm_buf *buf, const uint16_t value)
107{
108 *(uint16_t *) & buf->data[buf->len] = htons(value);
109 buf->len += sizeof value;
110}
111
112static inline void store32(struct tpm_buf *buf, const uint32_t value)
113{
114 *(uint32_t *) & buf->data[buf->len] = htonl(value);
115 buf->len += sizeof value;
116}
117
118static inline void storebytes(struct tpm_buf *buf, const unsigned char *in,
119 const int len)
120{
121 memcpy(buf->data + buf->len, in, len);
122 buf->len += len;
123}
124#endif
Linux 6.x block layer and io_uring tree(s)