almalinux/kernel
14
0
Fork 0
Code Issues Pull Requests Releases Activity
25c106a7ce
kernel/include/keys/trusted-type.h

101 lines
2.2 KiB
C
Raw Blame History

/* SPDX-License-Identifier: GPL-2.0-only */
/*
* Copyright (C) 2010 IBM Corporation
* Author: David Safford <safford@us.ibm.com>
*/
#ifndef _KEYS_TRUSTED_TYPE_H
#define _KEYS_TRUSTED_TYPE_H
#include <linux/key.h>
#include <linux/rcupdate.h>
#include <linux/tpm.h>
#ifdef pr_fmt
#undef pr_fmt
#endif
#define pr_fmt(fmt) "trusted_key: " fmt
#define MIN_KEY_SIZE 32
#define MAX_KEY_SIZE 128
#define MAX_BLOB_SIZE 512
#define MAX_PCRINFO_SIZE 64
#define MAX_DIGEST_SIZE 64
struct trusted_key_payload {
struct rcu_head rcu;
unsigned int key_len;
unsigned int blob_len;
unsigned char migratable;
unsigned char old_format;
unsigned char key[MAX_KEY_SIZE + 1];
unsigned char blob[MAX_BLOB_SIZE];
};
struct trusted_key_options {
uint16_t keytype;
uint32_t keyhandle;
unsigned char keyauth[TPM_DIGEST_SIZE];
uint32_t blobauth_len;
unsigned char blobauth[TPM_DIGEST_SIZE];
uint32_t pcrinfo_len;
unsigned char pcrinfo[MAX_PCRINFO_SIZE];
int pcrlock;
uint32_t hash;
uint32_t policydigest_len;
unsigned char policydigest[MAX_DIGEST_SIZE];
uint32_t policyhandle;
};
struct trusted_key_ops {
/*
* flag to indicate if trusted key implementation supports migration
* or not.
*/
unsigned char migratable;
/* Initialize key interface. */
int (*init)(void);
/* Seal a key. */
int (*seal)(struct trusted_key_payload *p, char *datablob);
/* Unseal a key. */
int (*unseal)(struct trusted_key_payload *p, char *datablob);
/* Optional: Get a randomized key. */
int (*get_random)(unsigned char *key, size_t key_len);
/* Exit key interface. */
void (*exit)(void);
};
struct trusted_key_source {
char *name;
struct trusted_key_ops *ops;
};
extern struct key_type key_type_trusted;
#define TRUSTED_DEBUG 0
#if TRUSTED_DEBUG
static inline void dump_payload(struct trusted_key_payload *p)
{
pr_info("key_len %d\n", p->key_len);
print_hex_dump(KERN_INFO, "key ", DUMP_PREFIX_NONE,
16, 1, p->key, p->key_len, 0);
pr_info("bloblen %d\n", p->blob_len);
print_hex_dump(KERN_INFO, "blob ", DUMP_PREFIX_NONE,
16, 1, p->blob, p->blob_len, 0);
pr_info("migratable %d\n", p->migratable);
}
#else
static inline void dump_payload(struct trusted_key_payload *p)
{
}
#endif
#endif /* _KEYS_TRUSTED_TYPE_H */
Reference in New Issue View Git Blame Copy Permalink