mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2024-11-01 00:48:50 +00:00
0eaa8d153a
Use a statically generated key for signing the enclave, because generating keys on the fly can eat the kernel entropy pool. Another good reason for doing this is predictable builds. The RSA has been arbitrarily selected. It's contents do not matter. This also makes the selftest execute a lot quicker instead of the delay that it had before (because of slow key generation). [ bp: Disambiguate "static key" which means something else in the kernel, fix typos. ] Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Borislav Petkov <bp@suse.de> Cc: linux-kselftest@vger.kernel.org Link: https://lkml.kernel.org/r/20201118170640.39629-1-jarkko@kernel.org
41 lines
832 B
C
41 lines
832 B
C
/* SPDX-License-Identifier: GPL-2.0 */
|
|
/*
|
|
* Copyright(c) 2016-20 Intel Corporation.
|
|
*/
|
|
|
|
#ifndef MAIN_H
|
|
#define MAIN_H
|
|
|
|
struct encl_segment {
|
|
off_t offset;
|
|
size_t size;
|
|
unsigned int prot;
|
|
unsigned int flags;
|
|
};
|
|
|
|
struct encl {
|
|
int fd;
|
|
void *bin;
|
|
off_t bin_size;
|
|
void *src;
|
|
size_t src_size;
|
|
size_t encl_size;
|
|
off_t encl_base;
|
|
unsigned int nr_segments;
|
|
struct encl_segment *segment_tbl;
|
|
struct sgx_secs secs;
|
|
struct sgx_sigstruct sigstruct;
|
|
};
|
|
|
|
extern unsigned char sign_key[];
|
|
extern unsigned char sign_key_end[];
|
|
|
|
void encl_delete(struct encl *ctx);
|
|
bool encl_load(const char *path, struct encl *encl);
|
|
bool encl_measure(struct encl *encl);
|
|
bool encl_build(struct encl *encl);
|
|
|
|
int sgx_call_vdso(void *rdi, void *rsi, long rdx, u32 function, void *r8, void *r9,
|
|
struct sgx_enclave_run *run);
|
|
|
|
#endif /* MAIN_H */
|