be24b37e22
Fixes the warning reported by Clang: security/keys/trusted.c:146:17: warning: passing an object that undergoes default argument promotion to 'va_start' has undefined behavior [-Wvarargs] va_start(argp, h3); ^ security/keys/trusted.c:126:37: note: parameter of type 'unsigned char' is declared here unsigned char *h2, unsigned char h3, ...) ^ Specifically, it seems that both the C90 (4.8.1.1) and C11 (7.16.1.4) standards explicitly call this out as undefined behavior: The parameter parmN is the identifier of the rightmost parameter in the variable parameter list in the function definition (the one just before the ...). If the parameter parmN is declared with ... or with a type that is not compatible with the type that results after application of the default argument promotions, the behavior is undefined. Link: https://github.com/ClangBuiltLinux/linux/issues/41 Link: https://www.eskimo.com/~scs/cclass/int/sx11c.html Suggested-by: David Laight <David.Laight@aculab.com> Suggested-by: Denis Kenzior <denkenz@gmail.com> Suggested-by: James Bottomley <jejb@linux.vnet.ibm.com> Suggested-by: Nathan Chancellor <natechancellor@gmail.com> Signed-off-by: Nick Desaulniers <ndesaulniers@google.com> Reviewed-by: Nathan Chancellor <natechancellor@gmail.com> Tested-by: Nathan Chancellor <natechancellor@gmail.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: James Morris <james.morris@microsoft.com>
137 lines
3.6 KiB
C
137 lines
3.6 KiB
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
#ifndef __TRUSTED_KEY_H
|
|
#define __TRUSTED_KEY_H
|
|
|
|
/* implementation specific TPM constants */
|
|
#define MAX_BUF_SIZE 1024
|
|
#define TPM_GETRANDOM_SIZE 14
|
|
#define TPM_OSAP_SIZE 36
|
|
#define TPM_OIAP_SIZE 10
|
|
#define TPM_SEAL_SIZE 87
|
|
#define TPM_UNSEAL_SIZE 104
|
|
#define TPM_SIZE_OFFSET 2
|
|
#define TPM_RETURN_OFFSET 6
|
|
#define TPM_DATA_OFFSET 10
|
|
|
|
#define LOAD32(buffer, offset) (ntohl(*(uint32_t *)&buffer[offset]))
|
|
#define LOAD32N(buffer, offset) (*(uint32_t *)&buffer[offset])
|
|
#define LOAD16(buffer, offset) (ntohs(*(uint16_t *)&buffer[offset]))
|
|
|
|
struct tpm_buf {
|
|
int len;
|
|
unsigned char data[MAX_BUF_SIZE];
|
|
};
|
|
|
|
#define INIT_BUF(tb) (tb->len = 0)
|
|
|
|
struct osapsess {
|
|
uint32_t handle;
|
|
unsigned char secret[SHA1_DIGEST_SIZE];
|
|
unsigned char enonce[TPM_NONCE_SIZE];
|
|
};
|
|
|
|
/* discrete values, but have to store in uint16_t for TPM use */
|
|
enum {
|
|
SEAL_keytype = 1,
|
|
SRK_keytype = 4
|
|
};
|
|
|
|
int TSS_authhmac(unsigned char *digest, const unsigned char *key,
|
|
unsigned int keylen, unsigned char *h1,
|
|
unsigned char *h2, unsigned int h3, ...);
|
|
int TSS_checkhmac1(unsigned char *buffer,
|
|
const uint32_t command,
|
|
const unsigned char *ononce,
|
|
const unsigned char *key,
|
|
unsigned int keylen, ...);
|
|
|
|
int trusted_tpm_send(unsigned char *cmd, size_t buflen);
|
|
int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce);
|
|
|
|
#define TPM_DEBUG 0
|
|
|
|
#if TPM_DEBUG
|
|
static inline void dump_options(struct trusted_key_options *o)
|
|
{
|
|
pr_info("trusted_key: sealing key type %d\n", o->keytype);
|
|
pr_info("trusted_key: sealing key handle %0X\n", o->keyhandle);
|
|
pr_info("trusted_key: pcrlock %d\n", o->pcrlock);
|
|
pr_info("trusted_key: pcrinfo %d\n", o->pcrinfo_len);
|
|
print_hex_dump(KERN_INFO, "pcrinfo ", DUMP_PREFIX_NONE,
|
|
16, 1, o->pcrinfo, o->pcrinfo_len, 0);
|
|
}
|
|
|
|
static inline void dump_payload(struct trusted_key_payload *p)
|
|
{
|
|
pr_info("trusted_key: key_len %d\n", p->key_len);
|
|
print_hex_dump(KERN_INFO, "key ", DUMP_PREFIX_NONE,
|
|
16, 1, p->key, p->key_len, 0);
|
|
pr_info("trusted_key: bloblen %d\n", p->blob_len);
|
|
print_hex_dump(KERN_INFO, "blob ", DUMP_PREFIX_NONE,
|
|
16, 1, p->blob, p->blob_len, 0);
|
|
pr_info("trusted_key: migratable %d\n", p->migratable);
|
|
}
|
|
|
|
static inline void dump_sess(struct osapsess *s)
|
|
{
|
|
print_hex_dump(KERN_INFO, "trusted-key: handle ", DUMP_PREFIX_NONE,
|
|
16, 1, &s->handle, 4, 0);
|
|
pr_info("trusted-key: secret:\n");
|
|
print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
|
|
16, 1, &s->secret, SHA1_DIGEST_SIZE, 0);
|
|
pr_info("trusted-key: enonce:\n");
|
|
print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE,
|
|
16, 1, &s->enonce, SHA1_DIGEST_SIZE, 0);
|
|
}
|
|
|
|
static inline void dump_tpm_buf(unsigned char *buf)
|
|
{
|
|
int len;
|
|
|
|
pr_info("\ntrusted-key: tpm buffer\n");
|
|
len = LOAD32(buf, TPM_SIZE_OFFSET);
|
|
print_hex_dump(KERN_INFO, "", DUMP_PREFIX_NONE, 16, 1, buf, len, 0);
|
|
}
|
|
#else
|
|
static inline void dump_options(struct trusted_key_options *o)
|
|
{
|
|
}
|
|
|
|
static inline void dump_payload(struct trusted_key_payload *p)
|
|
{
|
|
}
|
|
|
|
static inline void dump_sess(struct osapsess *s)
|
|
{
|
|
}
|
|
|
|
static inline void dump_tpm_buf(unsigned char *buf)
|
|
{
|
|
}
|
|
#endif
|
|
|
|
static inline void store8(struct tpm_buf *buf, const unsigned char value)
|
|
{
|
|
buf->data[buf->len++] = value;
|
|
}
|
|
|
|
static inline void store16(struct tpm_buf *buf, const uint16_t value)
|
|
{
|
|
*(uint16_t *) & buf->data[buf->len] = htons(value);
|
|
buf->len += sizeof value;
|
|
}
|
|
|
|
static inline void store32(struct tpm_buf *buf, const uint32_t value)
|
|
{
|
|
*(uint32_t *) & buf->data[buf->len] = htonl(value);
|
|
buf->len += sizeof value;
|
|
}
|
|
|
|
static inline void storebytes(struct tpm_buf *buf, const unsigned char *in,
|
|
const int len)
|
|
{
|
|
memcpy(buf->data + buf->len, in, len);
|
|
buf->len += len;
|
|
}
|
|
#endif
|