cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

trusted-type.h (2254B)

      1/* SPDX-License-Identifier: GPL-2.0-only */
      2/*
      3 * Copyright (C) 2010 IBM Corporation
      4 * Author: David Safford <safford@us.ibm.com>
      5 */
      6
      7#ifndef _KEYS_TRUSTED_TYPE_H
      8#define _KEYS_TRUSTED_TYPE_H
      9
     10#include <linux/key.h>
     11#include <linux/rcupdate.h>
     12#include <linux/tpm.h>
     13
     14#ifdef pr_fmt
     15#undef pr_fmt
     16#endif
     17
     18#define pr_fmt(fmt) "trusted_key: " fmt
     19
     20#define MIN_KEY_SIZE			32
     21#define MAX_KEY_SIZE			128
     22#define MAX_BLOB_SIZE			512
     23#define MAX_PCRINFO_SIZE		64
     24#define MAX_DIGEST_SIZE			64
     25
     26struct trusted_key_payload {
     27	struct rcu_head rcu;
     28	unsigned int key_len;
     29	unsigned int blob_len;
     30	unsigned char migratable;
     31	unsigned char old_format;
     32	unsigned char key[MAX_KEY_SIZE + 1];
     33	unsigned char blob[MAX_BLOB_SIZE];
     34};
     35
     36struct trusted_key_options {
     37	uint16_t keytype;
     38	uint32_t keyhandle;
     39	unsigned char keyauth[TPM_DIGEST_SIZE];
     40	uint32_t blobauth_len;
     41	unsigned char blobauth[TPM_DIGEST_SIZE];
     42	uint32_t pcrinfo_len;
     43	unsigned char pcrinfo[MAX_PCRINFO_SIZE];
     44	int pcrlock;
     45	uint32_t hash;
     46	uint32_t policydigest_len;
     47	unsigned char policydigest[MAX_DIGEST_SIZE];
     48	uint32_t policyhandle;
     49};
     50
     51struct trusted_key_ops {
     52	/*
     53	 * flag to indicate if trusted key implementation supports migration
     54	 * or not.
     55	 */
     56	unsigned char migratable;
     57
     58	/* Initialize key interface. */
     59	int (*init)(void);
     60
     61	/* Seal a key. */
     62	int (*seal)(struct trusted_key_payload *p, char *datablob);
     63
     64	/* Unseal a key. */
     65	int (*unseal)(struct trusted_key_payload *p, char *datablob);
     66
     67	/* Optional: Get a randomized key. */
     68	int (*get_random)(unsigned char *key, size_t key_len);
     69
     70	/* Exit key interface. */
     71	void (*exit)(void);
     72};
     73
     74struct trusted_key_source {
     75	char *name;
     76	struct trusted_key_ops *ops;
     77};
     78
     79extern struct key_type key_type_trusted;
     80
     81#define TRUSTED_DEBUG 0
     82
     83#if TRUSTED_DEBUG
     84static inline void dump_payload(struct trusted_key_payload *p)
     85{
     86	pr_info("key_len %d\n", p->key_len);
     87	print_hex_dump(KERN_INFO, "key ", DUMP_PREFIX_NONE,
     88		       16, 1, p->key, p->key_len, 0);
     89	pr_info("bloblen %d\n", p->blob_len);
     90	print_hex_dump(KERN_INFO, "blob ", DUMP_PREFIX_NONE,
     91		       16, 1, p->blob, p->blob_len, 0);
     92	pr_info("migratable %d\n", p->migratable);
     93}
     94#else
     95static inline void dump_payload(struct trusted_key_payload *p)
     96{
     97}
     98#endif
     99
    100#endif /* _KEYS_TRUSTED_TYPE_H */