/*
 * Copyright (C) 2005,2006,2007,2008 IBM Corporation
 *
 * Authors:
 * Mimi Zohar <zohar@us.ibm.com>
 * Kylene Hall <kjhall@us.ibm.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, version 2 of the License.
 *
 * File: ima_crypto.c
 *      Calculates md5/sha1 file hash, template hash, boot-aggreate hash
 */

#include <linux/kernel.h>
#include <linux/file.h>
#include <linux/crypto.h>
#include <linux/scatterlist.h>
#include <linux/err.h>
#include <linux/slab.h>
#include "ima.h"

static int init_desc(struct hash_desc *desc)
{
        int rc;

        desc->tfm = crypto_alloc_hash(ima_hash, 0, CRYPTO_ALG_ASYNC);
        if (IS_ERR(desc->tfm)) {
                pr_info("IMA: failed to load %s transform: %ld\n",
                        ima_hash, PTR_ERR(desc->tfm));
                rc = PTR_ERR(desc->tfm);
                return rc;
        }
        desc->flags = 0;
        rc = crypto_hash_init(desc);
        if (rc)
                crypto_free_hash(desc->tfm);
        return rc;
}

/*
 * Calculate the MD5/SHA1 file digest
 */
int ima_calc_hash(struct file *file, char *digest)
{
        struct hash_desc desc;
        struct scatterlist sg[1];
        loff_t i_size, offset = 0;
        char *rbuf;
        int rc;

        rc = init_desc(&desc);
        if (rc != 0)
                return rc;

        rbuf = kzalloc(PAGE_SIZE, GFP_KERNEL);
        if (!rbuf) {
                rc = -ENOMEM;
                goto out;
        }
        i_size = i_size_read(file->f_dentry->d_inode);
        while (offset < i_size) {
                int rbuf_len;

                rbuf_len = kernel_read(file, offset, rbuf, PAGE_SIZE);
                if (rbuf_len < 0) {
                        rc = rbuf_len;
                        break;
                }
                if (rbuf_len == 0)
                        break;
                offset += rbuf_len;
                sg_init_one(sg, rbuf, rbuf_len);

                rc = crypto_hash_update(&desc, sg, rbuf_len);
                if (rc)
                        break;
        }
        kfree(rbuf);
        if (!rc)
                rc = crypto_hash_final(&desc, digest);
out:
        crypto_free_hash(desc.tfm);
        return rc;
}

/*
 * Calculate the hash of a given template
 */
int ima_calc_template_hash(int template_len, void *template, char *digest)
{
        struct hash_desc desc;
        struct scatterlist sg[1];
        int rc;

        rc = init_desc(&desc);
        if (rc != 0)
                return rc;

        sg_init_one(sg, template, template_len);
        rc = crypto_hash_update(&desc, sg, template_len);
        if (!rc)
                rc = crypto_hash_final(&desc, digest);
        crypto_free_hash(desc.tfm);
        return rc;
}

static void __init ima_pcrread(int idx, u8 *pcr)
{
        if (!ima_used_chip)
                return;

        if (tpm_pcr_read(TPM_ANY_NUM, idx, pcr) != 0)
                pr_err("IMA: Error Communicating to TPM chip\n");
}

/*
 * Calculate the boot aggregate hash
 */
int __init ima_calc_boot_aggregate(char *digest)
{
        struct hash_desc desc;
        struct scatterlist sg;
        u8 pcr_i[IMA_DIGEST_SIZE];
        int rc, i;

        rc = init_desc(&desc);
        if (rc != 0)
                return rc;

        /* cumulative sha1 over tpm registers 0-7 */
        for (i = TPM_PCR0; i < TPM_PCR8; i++) {
                ima_pcrread(i, pcr_i);
                /* now accumulate with current aggregate */
                sg_init_one(&sg, pcr_i, IMA_DIGEST_SIZE);
                rc = crypto_hash_update(&desc, &sg, IMA_DIGEST_SIZE);
        }
        if (!rc)
                crypto_hash_final(&desc, digest);
        crypto_free_hash(desc.tfm);
        return rc;
}