1 /*
2 * auth_base_impl.h
3 *
4 * function definition for base hash operation
5 *
6 * Copyright (C) 2022 Huawei Technologies Co., Ltd.
7 *
8 * This software is licensed under the terms of the GNU General Public
9 * License version 2, as published by the Free Software Foundation, and
10 * may be copied, distributed, and modified under those terms.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 */
17 #ifndef AUTH_BASE_IMPL_H
18 #define AUTH_BASE_IMPL_H
19
20 #ifndef SELINUX_CA_HIDL_LABEL
21 #define SELINUX_CA_HIDL_LABEL ""
22 #endif
23
24 #ifndef SELINUX_TEECD_LABEL
25 #define SELINUX_TEECD_LABEL ""
26 #endif
27
28 #ifndef CA_HIDL_PATH_UID_AUTH_CTX
29 #define CA_HIDL_PATH_UID_AUTH_CTX ""
30 #endif
31
32 #ifndef TEECD_PATH_UID_AUTH_CTX
33 #define TEECD_PATH_UID_AUTH_CTX ""
34 #endif
35
36 #ifndef CADAEMON_PATH_UID_AUTH_CTX
37 #define CADAEMON_PATH_UID_AUTH_CTX ""
38 #endif
39
40 #if ((defined CONFIG_CLIENT_AUTH) || (defined CONFIG_TEECD_AUTH))
41 #include <linux/version.h>
42 #if (KERNEL_VERSION(4, 14, 0) <= LINUX_VERSION_CODE)
43 #include <linux/sched/task.h>
44 #endif
45 #include <linux/err.h>
46 #include <crypto/hash.h>
47
48 #define CHECK_ACCESS_SUCC 0
49 #define CHECK_ACCESS_FAIL 0xffff
50 #define CHECK_PATH_HASH_FAIL 0xff01
51 #define CHECK_SECLABEL_FAIL 0xff02
52 #define CHECK_CODE_HASH_FAIL 0xff03
53 #define ENTER_BYPASS_CHANNEL 0xff04
54
55 #define BUF_MAX_SIZE 1024
56 #define MAX_PATH_SIZE 512
57 #define SHA256_DIGEST_LENTH 32
58 #define MAX_SCTX_LEN 128
59
60 struct sdesc {
61 struct shash_desc shash;
62 char ctx[];
63 };
64
65 int calc_path_hash(bool is_hidl_srvc, unsigned char *digest, unsigned int dig_len);
66 int calc_task_hash(unsigned char *digest, uint32_t dig_len,
67 struct task_struct *cur_struct, uint32_t pub_key_len);
68
69 int tee_init_shash_handle(char *hash_type);
70 void free_shash_handle(void);
71 struct crypto_shash *get_shash_handle(void);
72
73 void init_crypto_hash_lock(void);
74 void mutex_crypto_hash_lock(void);
75 void mutex_crypto_hash_unlock(void);
76 int check_hidl_auth(void);
77 int check_teecd_auth(void);
78 #else
79
free_shash_handle(void)80 static inline void free_shash_handle(void)
81 {
82 return;
83 }
84
init_crypto_hash_lock(void)85 static void init_crypto_hash_lock(void)
86 {
87 return;
88 }
89
check_teecd_auth(void)90 static inline int check_teecd_auth(void)
91 {
92 return 0;
93 }
94
95 #endif /* CLIENT_AUTH || TEECD_AUTH */
96
97 #ifdef CONFIG_CADAEMON_AUTH
98 int check_cadaemon_auth(void);
99 #endif
100
101 #endif
102
103