From patchwork Wed Mar 29 10:24:50 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roberto Sassu X-Patchwork-Id: 744705 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.sourceforge.net (lists.sourceforge.net [216.34.181.88]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3vtP7g1qH2z9s1y for ; Wed, 29 Mar 2017 21:26:39 +1100 (AEDT) Received: from localhost ([127.0.0.1] helo=sfs-ml-1.v29.ch3.sourceforge.com) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1ctAoC-0005Qa-58; Wed, 29 Mar 2017 10:26:32 +0000 Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1ctAoA-0005QO-DQ; Wed, 29 Mar 2017 10:26:30 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of huawei.com designates 194.213.3.17 as permitted sender) client-ip=194.213.3.17; envelope-from=roberto.sassu@huawei.com; helo=lhrrgout.huawei.com; Received: from lhrrgout.huawei.com ([194.213.3.17]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1ctAo9-00054o-6n; Wed, 29 Mar 2017 10:26:30 +0000 Received: from 172.18.7.190 (EHLO lhreml705-cah.china.huawei.com) ([172.18.7.190]) by lhrrg02-dlp.huawei.com (MOS 4.3.7-GA FastPath queued) with ESMTP id DDT38436; Wed, 29 Mar 2017 10:26:19 +0000 (GMT) Received: from sgx1.huawei.com (10.204.66.17) by smtpsuk.huawei.com (10.201.108.46) with Microsoft SMTP Server (TLS) id 14.3.301.0; Wed, 29 Mar 2017 11:26:12 +0100 From: Roberto Sassu To: Date: Wed, 29 Mar 2017 12:24:50 +0200 Message-ID: <20170329102452.32212-3-roberto.sassu@huawei.com> X-Mailer: git-send-email 2.9.3 In-Reply-To: <20170329102452.32212-1-roberto.sassu@huawei.com> References: <20170329102452.32212-1-roberto.sassu@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.204.66.17] X-CFilter-Loop: Reflected X-Mirapoint-Virus-RAPID-Raw: score=unknown(0), refid=str=0001.0A020206.58DB8BCC.0033, ss=1, re=0.000, recu=0.000, reip=0.000, cl=1, cld=1, fgs=0, ip=0.0.0.0, so=2013-06-18 04:22:30, dmn=2013-03-21 17:37:32 X-Mirapoint-Loop-Id: 1f6262c91bb0f36811ad53ffeb81ca35 X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain X-Headers-End: 1ctAo9-00054o-6n Cc: linux-ima-devel@lists.sourceforge.net Subject: [tpmdd-devel] [PATCH 2/4] tpm: introduce tpm2_pcr_algo_to_crypto() and tpm2_pcr_algo_from_crypto() X-BeenThere: tpmdd-devel@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: Tpm Device Driver maintainance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tpmdd-devel-bounces@lists.sourceforge.net Introduce these functions to convert between TPM and crypto algorithm IDs. Signed-off-by: Roberto Sassu --- drivers/char/tpm/tpm-interface.c | 51 ++++++++++++++++++++++++++++++++++++++++ drivers/char/tpm/tpm.h | 11 --------- drivers/char/tpm/tpm2-cmd.c | 42 +++++++++------------------------ include/linux/tpm.h | 22 +++++++++++++++++ 4 files changed, 84 insertions(+), 42 deletions(-) diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index bd2128e..0b6cb87 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -328,6 +328,57 @@ unsigned long tpm_calc_ordinal_duration(struct tpm_chip *chip, } EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration); +struct tpm2_hash { + unsigned int crypto_id; + unsigned int tpm_id; +}; + +static struct tpm2_hash tpm2_hash_map[] = { + {HASH_ALGO_SHA1, TPM2_ALG_SHA1}, + {HASH_ALGO_SHA256, TPM2_ALG_SHA256}, + {HASH_ALGO_SHA384, TPM2_ALG_SHA384}, + {HASH_ALGO_SHA512, TPM2_ALG_SHA512}, + {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256}, +}; + +/** + * tpm2_pcr_algo_to_crypto() - convert from TPM ID to crypto ID + * @tpm_id: TPM ID + * + * Return: crypto ID + */ +enum hash_algo tpm2_pcr_algo_to_crypto(enum tpm2_algorithms tpm_id) +{ + int i; + + for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { + if (tpm_id == tpm2_hash_map[i].tpm_id) + return tpm2_hash_map[i].crypto_id; + } + + return HASH_ALGO__LAST; +} +EXPORT_SYMBOL_GPL(tpm2_pcr_algo_to_crypto); + +/** + * tpm2_pcr_algo_from_crypto() - convert from crypto ID to TPM ID + * @crypto_id: crypto ID + * + * Return: TPM ID + */ +enum tpm2_algorithms tpm2_pcr_algo_from_crypto(enum hash_algo crypto_id) +{ + int i; + + for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { + if (crypto_id == tpm2_hash_map[i].crypto_id) + return tpm2_hash_map[i].tpm_id; + } + + return TPM2_ALG_ERROR; +} +EXPORT_SYMBOL_GPL(tpm2_pcr_algo_from_crypto); + /** * tmp_transmit - Internal kernel interface to transmit TPM commands. * diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index 4937b56..e20f3ae 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -95,17 +95,6 @@ enum tpm2_return_codes { TPM2_RC_TESTING = 0x090A, /* RC_WARN */ }; -enum tpm2_algorithms { - TPM2_ALG_ERROR = 0x0000, - TPM2_ALG_SHA1 = 0x0004, - TPM2_ALG_KEYEDHASH = 0x0008, - TPM2_ALG_SHA256 = 0x000B, - TPM2_ALG_SHA384 = 0x000C, - TPM2_ALG_SHA512 = 0x000D, - TPM2_ALG_NULL = 0x0010, - TPM2_ALG_SM3_256 = 0x0012, -}; - enum tpm2_command_codes { TPM2_CC_FIRST = 0x011F, TPM2_CC_SELF_TEST = 0x0143, diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index f4d534c..e2ff95a 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -92,19 +92,6 @@ struct tpm2_cmd { union tpm2_cmd_params params; } __packed; -struct tpm2_hash { - unsigned int crypto_id; - unsigned int tpm_id; -}; - -static struct tpm2_hash tpm2_hash_map[] = { - {HASH_ALGO_SHA1, TPM2_ALG_SHA1}, - {HASH_ALGO_SHA256, TPM2_ALG_SHA256}, - {HASH_ALGO_SHA384, TPM2_ALG_SHA384}, - {HASH_ALGO_SHA512, TPM2_ALG_SHA512}, - {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256}, -}; - /* * Array with one entry per ordinal defining the maximum amount * of time the chip could take to return the result. The values @@ -321,7 +308,6 @@ int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, struct tpm2_null_auth_area auth_area; int rc; int i; - int j; if (count > ARRAY_SIZE(chip->active_banks)) return -EINVAL; @@ -346,14 +332,15 @@ int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, tpm_buf_append_u32(&buf, count); for (i = 0; i < count; i++) { - for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) { - if (digests[i].alg_id != tpm2_hash_map[j].tpm_id) - continue; - tpm_buf_append_u16(&buf, digests[i].alg_id); - tpm_buf_append(&buf, (const unsigned char - *)&digests[i].digest, - hash_digest_size[tpm2_hash_map[j].crypto_id]); - } + enum tpm2_algorithms tpm_id = digests[i].alg_id; + enum hash_algo crypto_id = tpm2_pcr_algo_to_crypto(tpm_id); + + if (crypto_id == HASH_ALGO__LAST) + continue; + + tpm_buf_append_u16(&buf, digests[i].alg_id); + tpm_buf_append(&buf, (const unsigned char *)&digests[i].digest, + hash_digest_size[crypto_id]); } rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, 0, 0, @@ -487,17 +474,10 @@ int tpm2_seal_trusted(struct tpm_chip *chip, unsigned int blob_len; struct tpm_buf buf; u32 hash, rlength; - int i; int rc; - for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { - if (options->hash == tpm2_hash_map[i].crypto_id) { - hash = tpm2_hash_map[i].tpm_id; - break; - } - } - - if (i == ARRAY_SIZE(tpm2_hash_map)) + hash = tpm2_pcr_algo_from_crypto(options->hash); + if (hash == TPM2_ALG_ERROR) return -EINVAL; rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CREATE); diff --git a/include/linux/tpm.h b/include/linux/tpm.h index da158f0..14b4a42 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -37,6 +37,17 @@ enum TPM_OPS_FLAGS { TPM_OPS_AUTO_STARTUP = BIT(0), }; +enum tpm2_algorithms { + TPM2_ALG_ERROR = 0x0000, + TPM2_ALG_SHA1 = 0x0004, + TPM2_ALG_KEYEDHASH = 0x0008, + TPM2_ALG_SHA256 = 0x000B, + TPM2_ALG_SHA384 = 0x000C, + TPM2_ALG_SHA512 = 0x000D, + TPM2_ALG_NULL = 0x0010, + TPM2_ALG_SM3_256 = 0x0012, +}; + struct tpm_class_ops { unsigned int flags; const u8 req_complete_mask; @@ -53,6 +64,8 @@ struct tpm_class_ops { #if defined(CONFIG_TCG_TPM) || defined(CONFIG_TCG_TPM_MODULE) +extern enum hash_algo tpm2_pcr_algo_to_crypto(enum tpm2_algorithms tpm_id); +extern enum tpm2_algorithms tpm2_pcr_algo_from_crypto(enum hash_algo crypto_id); extern int tpm_is_tpm2(u32 chip_num); extern int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf); extern int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash); @@ -65,6 +78,15 @@ extern int tpm_unseal_trusted(u32 chip_num, struct trusted_key_payload *payload, struct trusted_key_options *options); #else +static inline hash_algo tpm2_pcr_algo_to_crypto(enum tpm2_algorithms tpm_id) +{ + return -ENODEV; +} +static inline enum tpm2_algorithms tpm2_pcr_algo_from_crypto( + enum hash_algo crypto_id); +{ + return -ENODEV; +} static inline int tpm_is_tpm2(u32 chip_num) { return -ENODEV;