itrustee_tzdriver/auth/auth_base_impl.h-代码预览-itrustee_tzdriver:基于iTrustee OS的非安全侧驱动项目 - AtomGit

WoolenSkyignore sigusr1 for normal system
833de0b1创建于 2025年12月10日历史提交
/*
 * auth_base_impl.h
 *
 * function definition for base hash operation
 *
 * Copyright (c) 2012-2022 Huawei Technologies Co., Ltd.
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 */
#ifndef AUTH_BASE_IMPL_H
#define AUTH_BASE_IMPL_H

#ifndef SELINUX_CA_HIDL_LABEL
#define SELINUX_CA_HIDL_LABEL ""
#endif

#ifndef SELINUX_TEECD_LABEL
#define SELINUX_TEECD_LABEL ""
#endif

#ifndef SELINUX_TEE_TELEPORT_LABEL
#define SELINUX_TEE_TELEPORT_LABEL ""
#endif

#ifndef SELINUX_TEE_AGENTD_LABEL
#define SELINUX_TEE_AGENTD_LABEL ""
#endif

#ifndef CA_HIDL_PATH_UID_AUTH_CTX
#define CA_HIDL_PATH_UID_AUTH_CTX ""
#endif

#ifndef TEECD_PATH_UID_AUTH_CTX
#define TEECD_PATH_UID_AUTH_CTX ""
#endif

#ifndef CADAEMON_PATH_UID_AUTH_CTX
#define CADAEMON_PATH_UID_AUTH_CTX ""
#endif

#if ((defined CONFIG_CLIENT_AUTH) || (defined CONFIG_TEECD_AUTH))
#include <linux/version.h>
#if (KERNEL_VERSION(4, 14, 0) <= LINUX_VERSION_CODE)
#include <linux/sched/task.h>
#endif
#include <linux/err.h>
#include <crypto/hash.h>

#define CHECK_ACCESS_SUCC      0
#define CHECK_ACCESS_FAIL      0xffff
#define CHECK_PATH_HASH_FAIL   0xff01
#define CHECK_SECLABEL_FAIL    0xff02
#define CHECK_CODE_HASH_FAIL   0xff03
#define ENTER_BYPASS_CHANNEL   0xff04

#define BUF_MAX_SIZE           1024
#define MAX_PATH_SIZE          512
#define SHA256_DIGEST_LENTH    32
#define MAX_SCTX_LEN           128

struct sdesc {
	struct shash_desc shash;
	char ctx[];
};

int calc_path_hash(bool is_hidl_srvc, unsigned char *digest, unsigned int dig_len);
int calc_task_hash(unsigned char *digest, uint32_t dig_len,
	struct task_struct *cur_struct, uint32_t pub_key_len);

int tee_init_shash_handle(char *hash_type);
void free_shash_handle(void);
struct crypto_shash *get_shash_handle(void);

void init_crypto_hash_lock(void);
void mutex_crypto_hash_lock(void);
void mutex_crypto_hash_unlock(void);
int check_hidl_auth(void);
int check_teecd_auth(void);
#else

static inline void free_shash_handle(void)
{
	return;
}

static void init_crypto_hash_lock(void)
{
	return;
}

int check_teecd_auth(void)
{
	return 0;
}

#endif /* CLIENT_AUTH || TEECD_AUTH */

bool is_hidl_or_cadaemon(void);

#ifdef CONFIG_TEE_TELEPORT_AUTH
int check_tee_teleport_auth(void);
#endif

#ifdef CONFIG_TEE_AGENTD_AUTH
int check_tee_agentd_auth(void);
#endif

#endif