cachepc-linux

Fork of AMDESE/linux with modifications for CachePC side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-linux
Log | Files | Refs | README | LICENSE | sfeed.txt

trusted_tpm.h (2745B)

      1/* SPDX-License-Identifier: GPL-2.0 */
      2#ifndef __TRUSTED_TPM_H
      3#define __TRUSTED_TPM_H
      4
      5#include <keys/trusted-type.h>
      6#include <linux/tpm_command.h>
      7
      8/* implementation specific TPM constants */
      9#define MAX_BUF_SIZE			1024
     10#define TPM_GETRANDOM_SIZE		14
     11#define TPM_SIZE_OFFSET			2
     12#define TPM_RETURN_OFFSET		6
     13#define TPM_DATA_OFFSET			10
     14
     15#define LOAD32(buffer, offset)	(ntohl(*(uint32_t *)&buffer[offset]))
     16#define LOAD32N(buffer, offset)	(*(uint32_t *)&buffer[offset])
     17#define LOAD16(buffer, offset)	(ntohs(*(uint16_t *)&buffer[offset]))
     18
     19extern struct trusted_key_ops trusted_key_tpm_ops;
     20
     21struct osapsess {
     22	uint32_t handle;
     23	unsigned char secret[SHA1_DIGEST_SIZE];
     24	unsigned char enonce[TPM_NONCE_SIZE];
     25};
     26
     27/* discrete values, but have to store in uint16_t for TPM use */
     28enum {
     29	SEAL_keytype = 1,
     30	SRK_keytype = 4
     31};
     32
     33int TSS_authhmac(unsigned char *digest, const unsigned char *key,
     34			unsigned int keylen, unsigned char *h1,
     35			unsigned char *h2, unsigned int h3, ...);
     36int TSS_checkhmac1(unsigned char *buffer,
     37			  const uint32_t command,
     38			  const unsigned char *ononce,
     39			  const unsigned char *key,
     40			  unsigned int keylen, ...);
     41
     42int trusted_tpm_send(unsigned char *cmd, size_t buflen);
     43int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce);
     44
     45int tpm2_seal_trusted(struct tpm_chip *chip,
     46		      struct trusted_key_payload *payload,
     47		      struct trusted_key_options *options);
     48int tpm2_unseal_trusted(struct tpm_chip *chip,
     49			struct trusted_key_payload *payload,
     50			struct trusted_key_options *options);
     51
     52#define TPM_DEBUG 0
     53
     54#if TPM_DEBUG
     55static inline void dump_options(struct trusted_key_options *o)
     56{
     57	pr_info("sealing key type %d\n", o->keytype);
     58	pr_info("sealing key handle %0X\n", o->keyhandle);
     59	pr_info("pcrlock %d\n", o->pcrlock);
     60	pr_info("pcrinfo %d\n", o->pcrinfo_len);
     61	print_hex_dump(KERN_INFO, "pcrinfo ", DUMP_PREFIX_NONE,
     62		       16, 1, o->pcrinfo, o->pcrinfo_len, 0);
     63}
     64
     65static inline void dump_sess(struct osapsess *s)
     66{
     67	print_hex_dump(KERN_INFO, "trusted-key: handle ", DUMP_PREFIX_NONE,
     68		       16, 1, &s->handle, 4, 0);
     69	pr_info("secret:\n");
     70	print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
     71		       16, 1, &s->secret, SHA1_DIGEST_SIZE, 0);
     72	pr_info("trusted-key: enonce:\n");
     73	print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
     74		       16, 1, &s->enonce, SHA1_DIGEST_SIZE, 0);
     75}
     76
     77static inline void dump_tpm_buf(unsigned char *buf)
     78{
     79	int len;
     80
     81	pr_info("\ntpm buffer\n");
     82	len = LOAD32(buf, TPM_SIZE_OFFSET);
     83	print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, buf, len, 0);
     84}
     85#else
     86static inline void dump_options(struct trusted_key_options *o)
     87{
     88}
     89
     90static inline void dump_sess(struct osapsess *s)
     91{
     92}
     93
     94static inline void dump_tpm_buf(unsigned char *buf)
     95{
     96}
     97#endif
     98#endif