1982e617aSMimi Zohar /*
2982e617aSMimi Zohar  * Copyright (C) 2010 IBM Corporation
3982e617aSMimi Zohar  * Copyright (C) 2010 Politecnico di Torino, Italy
4982e617aSMimi Zohar  *                    TORSEC group -- http://security.polito.it
5982e617aSMimi Zohar  *
6982e617aSMimi Zohar  * Authors:
7982e617aSMimi Zohar  * Mimi Zohar <zohar@us.ibm.com>
8982e617aSMimi Zohar  * Roberto Sassu <roberto.sassu@polito.it>
9982e617aSMimi Zohar  *
10982e617aSMimi Zohar  * This program is free software; you can redistribute it and/or modify
11982e617aSMimi Zohar  * it under the terms of the GNU General Public License as published by
12982e617aSMimi Zohar  * the Free Software Foundation, version 2 of the License.
13982e617aSMimi Zohar  *
14982e617aSMimi Zohar  * See Documentation/security/keys-trusted-encrypted.txt
15982e617aSMimi Zohar  */
16982e617aSMimi Zohar 
17982e617aSMimi Zohar #include <linux/uaccess.h>
18982e617aSMimi Zohar #include <linux/module.h>
19cc100551SStephen Rothwell #include <linux/err.h>
20982e617aSMimi Zohar #include <keys/trusted-type.h>
21ee0b31a2SMimi Zohar #include <keys/encrypted-type.h>
22ee0b31a2SMimi Zohar #include "encrypted.h"
23982e617aSMimi Zohar 
24982e617aSMimi Zohar /*
25982e617aSMimi Zohar  * request_trusted_key - request the trusted key
26982e617aSMimi Zohar  *
27982e617aSMimi Zohar  * Trusted keys are sealed to PCRs and other metadata. Although userspace
28982e617aSMimi Zohar  * manages both trusted/encrypted key-types, like the encrypted key type
29982e617aSMimi Zohar  * data, trusted key type data is not visible decrypted from userspace.
30982e617aSMimi Zohar  */
31982e617aSMimi Zohar struct key *request_trusted_key(const char *trusted_desc,
32982e617aSMimi Zohar 				u8 **master_key, size_t *master_keylen)
33982e617aSMimi Zohar {
34982e617aSMimi Zohar 	struct trusted_key_payload *tpayload;
35982e617aSMimi Zohar 	struct key *tkey;
36982e617aSMimi Zohar 
37982e617aSMimi Zohar 	tkey = request_key(&key_type_trusted, trusted_desc, NULL);
38982e617aSMimi Zohar 	if (IS_ERR(tkey))
39982e617aSMimi Zohar 		goto error;
40982e617aSMimi Zohar 
41982e617aSMimi Zohar 	down_read(&tkey->sem);
42982e617aSMimi Zohar 	tpayload = rcu_dereference(tkey->payload.data);
43982e617aSMimi Zohar 	*master_key = tpayload->key;
44982e617aSMimi Zohar 	*master_keylen = tpayload->key_len;
45982e617aSMimi Zohar error:
46982e617aSMimi Zohar 	return tkey;
47982e617aSMimi Zohar }
48