mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-11 23:50:25 +00:00
d00a1c72f7
Define a new kernel key-type called 'trusted'. Trusted keys are random number symmetric keys, generated and RSA-sealed by the TPM. The TPM only unseals the keys, if the boot PCRs and other criteria match. Userspace can only ever see encrypted blobs. Based on suggestions by Jason Gunthorpe, several new options have been added to support additional usages. The new options are: migratable= designates that the key may/may not ever be updated (resealed under a new key, new pcrinfo or new auth.) pcrlock=n extends the designated PCR 'n' with a random value, so that a key sealed to that PCR may not be unsealed again until after a reboot. keyhandle= specifies the sealing/unsealing key handle. keyauth= specifies the sealing/unsealing key auth. blobauth= specifies the sealed data auth. Implementation of a kernel reserved locality for trusted keys will be investigated for a possible future extension. Changelog: - Updated and added examples to Documentation/keys-trusted-encrypted.txt - Moved generic TPM constants to include/linux/tpm_command.h (David Howell's suggestion.) - trusted_defined.c: replaced kzalloc with kmalloc, added pcrlock failure error handling, added const qualifiers where appropriate. - moved to late_initcall - updated from hash to shash (suggestion by David Howells) - reduced worst stack usage (tpm_seal) from 530 to 312 bytes - moved documentation to Documentation directory (suggestion by David Howells) - all the other code cleanups suggested by David Howells - Add pcrlock CAP_SYS_ADMIN dependency (based on comment by Jason Gunthorpe) - New options: migratable, pcrlock, keyhandle, keyauth, blobauth (based on discussions with Jason Gunthorpe) - Free payload on failure to create key(reported/fixed by Roberto Sassu) - Updated Kconfig and other descriptions (based on Serge Hallyn's suggestion) - Replaced kzalloc() with kmalloc() (reported by Serge Hallyn) Signed-off-by: David Safford <safford@watson.ibm.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <jmorris@namei.org>
29 lines
808 B
C
29 lines
808 B
C
#ifndef __LINUX_TPM_COMMAND_H__
|
|
#define __LINUX_TPM_COMMAND_H__
|
|
|
|
/*
|
|
* TPM Command constants from specifications at
|
|
* http://www.trustedcomputinggroup.org
|
|
*/
|
|
|
|
/* Command TAGS */
|
|
#define TPM_TAG_RQU_COMMAND 193
|
|
#define TPM_TAG_RQU_AUTH1_COMMAND 194
|
|
#define TPM_TAG_RQU_AUTH2_COMMAND 195
|
|
#define TPM_TAG_RSP_COMMAND 196
|
|
#define TPM_TAG_RSP_AUTH1_COMMAND 197
|
|
#define TPM_TAG_RSP_AUTH2_COMMAND 198
|
|
|
|
/* Command Ordinals */
|
|
#define TPM_ORD_GETRANDOM 70
|
|
#define TPM_ORD_OSAP 11
|
|
#define TPM_ORD_OIAP 10
|
|
#define TPM_ORD_SEAL 23
|
|
#define TPM_ORD_UNSEAL 24
|
|
|
|
/* Other constants */
|
|
#define SRKHANDLE 0x40000000
|
|
#define TPM_NONCE_SIZE 20
|
|
|
|
#endif
|