tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
1/*
2 * Copyright (C) 2010 IBM Corporation
3 * Copyright (C) 2010 Politecnico di Torino, Italy
4 * TORSEC group -- http://security.polito.it
5 *
6 * Authors:
7 * Mimi Zohar <zohar@us.ibm.com>
8 * Roberto Sassu <roberto.sassu@polito.it>
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation, version 2 of the License.
13 *
14 * See Documentation/security/keys-trusted-encrypted.txt
15 */
16
17#include <linux/uaccess.h>
18#include <linux/module.h>
19#include <linux/err.h>
20#include <keys/trusted-type.h>
21
22/*
23 * request_trusted_key - request the trusted key
24 *
25 * Trusted keys are sealed to PCRs and other metadata. Although userspace
26 * manages both trusted/encrypted key-types, like the encrypted key type
27 * data, trusted key type data is not visible decrypted from userspace.
28 */
29struct key *request_trusted_key(const char *trusted_desc,
30 u8 **master_key, size_t *master_keylen)
31{
32 struct trusted_key_payload *tpayload;
33 struct key *tkey;
34
35 tkey = request_key(&key_type_trusted, trusted_desc, NULL);
36 if (IS_ERR(tkey))
37 goto error;
38
39 down_read(&tkey->sem);
40 tpayload = rcu_dereference(tkey->payload.data);
41 *master_key = tpayload->key;
42 *master_keylen = tpayload->key_len;
43error:
44 return tkey;
45}