LXR linux/include/keys/trusted

   1/* SPDX-License-Identifier: GPL-2.0 */
   2#ifndef __TRUSTED_TPM_H
   3#define __TRUSTED_TPM_H
   4
   5#include <keys/trusted-type.h>
   6#include <linux/tpm_command.h>
   7
   8/* implementation specific TPM constants */
   9#define MAX_BUF_SIZE                    1024
  10#define TPM_GETRANDOM_SIZE              14
  11#define TPM_SIZE_OFFSET                 2
  12#define TPM_RETURN_OFFSET               6
  13#define TPM_DATA_OFFSET                 10
  14
  15#define LOAD32(buffer, offset)  (ntohl(*(uint32_t *)&buffer[offset]))
  16#define LOAD32N(buffer, offset) (*(uint32_t *)&buffer[offset])
  17#define LOAD16(buffer, offset)  (ntohs(*(uint16_t *)&buffer[offset]))
  18
  19extern struct trusted_key_ops trusted_key_tpm_ops;
  20
  21struct osapsess {
  22        uint32_t handle;
  23        unsigned char secret[SHA1_DIGEST_SIZE];
  24        unsigned char enonce[TPM_NONCE_SIZE];
  25};
  26
  27/* discrete values, but have to store in uint16_t for TPM use */
  28enum {
  29        SEAL_keytype = 1,
  30        SRK_keytype = 4
  31};
  32
  33int TSS_authhmac(unsigned char *digest, const unsigned char *key,
  34                        unsigned int keylen, unsigned char *h1,
  35                        unsigned char *h2, unsigned int h3, ...);
  36int TSS_checkhmac1(unsigned char *buffer,
  37                          const uint32_t command,
  38                          const unsigned char *ononce,
  39                          const unsigned char *key,
  40                          unsigned int keylen, ...);
  41
  42int trusted_tpm_send(unsigned char *cmd, size_t buflen);
  43int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce);
  44
  45int tpm2_seal_trusted(struct tpm_chip *chip,
  46                      struct trusted_key_payload *payload,
  47                      struct trusted_key_options *options);
  48int tpm2_unseal_trusted(struct tpm_chip *chip,
  49                        struct trusted_key_payload *payload,
  50                        struct trusted_key_options *options);
  51
  52#define TPM_DEBUG 0
  53
  54#if TPM_DEBUG
  55static inline void dump_options(struct trusted_key_options *o)
  56{
  57        pr_info("sealing key type %d\n", o->keytype);
  58        pr_info("sealing key handle %0X\n", o->keyhandle);
  59        pr_info("pcrlock %d\n", o->pcrlock);
  60        pr_info("pcrinfo %d\n", o->pcrinfo_len);
  61        print_hex_dump(KERN_INFO, "pcrinfo ", DUMP_PREFIX_NONE,
  62                       16, 1, o->pcrinfo, o->pcrinfo_len, 0);
  63}
  64
  65static inline void dump_sess(struct osapsess *s)
  66{
  67        print_hex_dump(KERN_INFO, "trusted-key: handle ", DUMP_PREFIX_NONE,
  68                       16, 1, &s->handle, 4, 0);
  69        pr_info("secret:\n");
  70        print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
  71                       16, 1, &s->secret, SHA1_DIGEST_SIZE, 0);
  72        pr_info("trusted-key: enonce:\n");
  73        print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
  74                       16, 1, &s->enonce, SHA1_DIGEST_SIZE, 0);
  75}
  76
  77static inline void dump_tpm_buf(unsigned char *buf)
  78{
  79        int len;
  80
  81        pr_info("\ntpm buffer\n");
  82        len = LOAD32(buf, TPM_SIZE_OFFSET);
  83        print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, buf, len, 0);
  84}
  85#else
  86static inline void dump_options(struct trusted_key_options *o)
  87{
  88}
  89
  90static inline void dump_sess(struct osapsess *s)
  91{
  92}
  93
  94static inline void dump_tpm_buf(unsigned char *buf)
  95{
  96}
  97#endif
  98#endif
  99