Re: [tpmdd-devel] [PATCH RFC 2/2] tpm: refactor tpm2_get_tpm_pt to tpm2_getcap_cmd
On Thu, Nov 24, 2016 at 07:12:57PM +0530, Nayna wrote: > > > On 11/15/2016 05:18 AM, Jarkko Sakkinen wrote: > > On Fri, Nov 11, 2016 at 04:02:43PM -0800, Jarkko Sakkinen wrote: > > > On Fri, Nov 11, 2016 at 09:51:45AM +0530, Nayna wrote: > > > > > > > > > > > > On 10/09/2016 03:44 PM, Jarkko Sakkinen wrote: > > > > > Refactored tpm2_get_tpm_pt to tpm2_getcap_cmd, which means that it > > > > > also > > > > > takes capability ID as input. This is required to access > > > > > TPM_CAP_HANDLES, which contains metadata needed for swapping transient > > > > > data. > > > > > > > > > > Signed-off-by: Jarkko Sakkinen> > > > > --- > > > > >drivers/char/tpm/tpm.h | 6 +++- > > > > >drivers/char/tpm/tpm2-cmd.c | 64 > > > > > - > > > > >drivers/char/tpm/tpm_tis_core.c | 3 +- > > > > >3 files changed, 38 insertions(+), 35 deletions(-) > > > > > > > > > > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h > > > > > index 0fab6d5..8176f42 100644 > > > > > --- a/drivers/char/tpm/tpm.h > > > > > +++ b/drivers/char/tpm/tpm.h > > > > > @@ -85,6 +85,10 @@ enum tpm2_capabilities { > > > > > TPM2_CAP_TPM_PROPERTIES = 6, > > > > >}; > > > > > > > > > > +enum tpm2_properties { > > > > > + TPM2_PT_FAMILY_INDICATOR= 0x100, > > > > > +}; > > > > > + > > > > >enum tpm2_startup_types { > > > > > TPM2_SU_CLEAR = 0x, > > > > > TPM2_SU_STATE = 0x0001, > > > > > @@ -485,7 +489,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip, > > > > >int tpm2_unseal_trusted(struct tpm_chip *chip, > > > > > struct trusted_key_payload *payload, > > > > > struct trusted_key_options *options); > > > > > -ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, > > > > > +ssize_t tpm2_getcap_cmd(struct tpm_chip *chip, u32 cap_id, u32 > > > > > property_id, > > > > > u32 *value, const char *desc); > > > > > > > > > >int tpm2_auto_startup(struct tpm_chip *chip); > > > > > diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c > > > > > index 2900e18..fcf3d86 100644 > > > > > --- a/drivers/char/tpm/tpm2-cmd.c > > > > > +++ b/drivers/char/tpm/tpm2-cmd.c > > > > > @@ -111,13 +111,13 @@ struct tpm2_pcr_extend_in { > > > > > u8 digest[TPM_DIGEST_SIZE]; > > > > >} __packed; > > > > > > > > > > -struct tpm2_get_tpm_pt_in { > > > > > +struct tpm2_getcap_in { > > > > > __be32 cap_id; > > > > > __be32 property_id; > > > > > __be32 property_cnt; > > > > >} __packed; > > > > > > > > > > -struct tpm2_get_tpm_pt_out { > > > > > +struct tpm2_getcap_out { > > > > > u8 more_data; > > > > > __be32 subcap_id; > > > > > __be32 property_cnt; > > > > > @@ -140,8 +140,8 @@ union tpm2_cmd_params { > > > > > struct tpm2_pcr_read_inpcrread_in; > > > > > struct tpm2_pcr_read_out pcrread_out; > > > > > struct tpm2_pcr_extend_in pcrextend_in; > > > > > - struct tpm2_get_tpm_pt_in get_tpm_pt_in; > > > > > - struct tpm2_get_tpm_pt_out get_tpm_pt_out; > > > > > + struct tpm2_getcap_in getcap_in; > > > > > + struct tpm2_getcap_out getcap_out; > > > > > struct tpm2_get_random_in getrandom_in; > > > > > struct tpm2_get_random_out getrandom_out; > > > > >}; > > > > > @@ -435,16 +435,6 @@ int tpm2_get_random(struct tpm_chip *chip, u8 > > > > > *out, size_t max) > > > > > return total ? total : -EIO; > > > > >} > > > > > > > > > > -#define TPM2_GET_TPM_PT_IN_SIZE \ > > > > > - (sizeof(struct tpm_input_header) + \ > > > > > - sizeof(struct tpm2_get_tpm_pt_in)) > > > > > - > > > > > -static const struct tpm_input_header tpm2_get_tpm_pt_header = { > > > > > - .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), > > > > > - .length = cpu_to_be32(TPM2_GET_TPM_PT_IN_SIZE), > > > > > - .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY) > > > > > -}; > > > > > - > > > > >/** > > > > > * Append TPMS_AUTH_COMMAND to the buffer. The buffer must be > > > > > allocated with > > > > > * tpm_buf_alloc(). > > > > > @@ -750,35 +740,43 @@ out: > > > > > return rc; > > > > >} > > > > > > > > > > +#define TPM2_GETCAP_IN_SIZE \ > > > > > + (sizeof(struct tpm_input_header) + sizeof(struct > > > > > tpm2_getcap_in)) > > > > > + > > > > > +static const struct tpm_input_header tpm2_getcap_header = { > > > > > + .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), > > > > > + .length = cpu_to_be32(TPM2_GETCAP_IN_SIZE), > > > > > + .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY) > > > > > +}; > > > > > + > > > > >/** > > > > > - * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type > > > > > property > > > > > - * @chip:TPM chip to use. > > > > > - * @property_id: property ID. > > > >
Re: [tpmdd-devel] [PATCH RFC 2/2] tpm: refactor tpm2_get_tpm_pt to tpm2_getcap_cmd
On Tue, Nov 22, 2016 at 02:38:21PM +0530, Nayna wrote: > > > On 11/18/2016 09:43 PM, Jarkko Sakkinen wrote: > > On Fri, Nov 18, 2016 at 05:42:01PM +0530, Nayna wrote: > > > > > > > > > On 11/17/2016 11:12 PM, Jarkko Sakkinen wrote: > > > > On Thu, Nov 17, 2016 at 05:20:36PM +0530, Nayna wrote: > > > > > > > > > I tested this for capability TPM2_CAP_PCRS. It seems TPM2_CAP_PCRS > > > > > capability always returns full PCR allocation, and more_data as 0, > > > > > So, I > > > > > think the idea of looping over based on more_data may not work for > > > > > this > > > > > capability. > > > > > > > > You can always request one value at a time until there's no more. > > > > > > > > If you request N values, depending on the hardware, the hardware returns > > > > to you anything from 1 to N values. If you implement a function that > > > > requests N values in the command, you *must* handle the case where > > > > moreData is 1 even if the hardware you are testing that never happens. > > > > > > > > That's the reason why I would start with a function that you request one > > > > property of one capability and optimize it in future if it doesn't scale > > > > for some workload. > > > > > > > > Do you have a workload where it doesn't scale? > > > > > > Thanks Jarkko for explaining in detail. > > > > > > If I understood correctly, the idea is to request for one property at a > > > time, and if we need multiple properties, then to request for each of them > > > in a loop. In case of TPM2_CAP_PCRS, property is always zero. This is how > > > I > > > am calling getcap_cmd for TPM2_CAP_PCRS. > > > > > > tpm2_getcap_cmd(chip, TPM2_CAP_PCRS, 0, _data, "get active pcr > > > banks"); > > > > > > Output : > > > > > > [ 17.081665] tpm: cap id to receive value is 2 > > > [ 17.081666] tpm: TPM2_CAP_COMMANDS: more data 1 > > > [ 17.081667] tpm: 2 > > > [ 17.081668] tpm: tpm2_get_active_banks ---> cap is TPM2_CAP_PCRS > > > [ 17.171665] tpm: cap id to receive value is 5 > > > [ 17.171666] tpm: TPM2_CAP_PCRS: more data 0 ---> more data is zero. > > > [ 17.171666] tpm: TPM2_CAP_PCRS: more data 0 > > > [ 17.171667] tpm: count pcr banks is 2 --> count of active pcr banks > > > information returned > > > > > > more_data is always zero here, so am not sure how to handle more_data in > > > this case ? > > > Since property_id is always zero, I am not able to request for one > > > property > > > at a time. > > > and response_buffer returns the details for both active banks. > > > > > > This is the expected behavior defined in TCG 2.0 Part 3 Commands > > > Specification (Section 30.2.1): > > > > > > "TPM_CAP_PCRS – Returns the current allocation of PCR in a > > > TPML_PCR_SELECTION. The property parameter shall be zero. The TPM will > > > always respond to this command with the full PCR allocation and moreData > > > will be NO." > > > > > > Please let me know, if I am missing something. > > > > Thanks for pointing that. I think you got it right and I had some wrong > > assumptions about 'moreData'. > > > > Here's what I propose. Do a non-generic function just for getting CAP_PCRS. > > You could call it tpm2_get_pcr_allocation() as you don't want or rather > > need to handle all the bells and whistles in that TPM command. > > > > It makes a lot more sense now than having one-size-for-all function. > > Thanks Jarkko, Yeah, Sure, I will write it as different non-generic call. > Otherwise, the function works good. > Also, I am thinking now I can write "multi-bank support for extend" on top > of master branch itself. Any issues with that ? I'm not sure what exactly I should or should not have an issue with. I can check the patch but won't apply or test it before it is used for something if that is what you are asking. /Jarkko -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH RFC 2/2] tpm: refactor tpm2_get_tpm_pt to tpm2_getcap_cmd
On 11/17/2016 11:12 PM, Jarkko Sakkinen wrote: > On Thu, Nov 17, 2016 at 05:20:36PM +0530, Nayna wrote: > >> I tested this for capability TPM2_CAP_PCRS. It seems TPM2_CAP_PCRS >> capability always returns full PCR allocation, and more_data as 0, So, I >> think the idea of looping over based on more_data may not work for this >> capability. > > You can always request one value at a time until there's no more. > > If you request N values, depending on the hardware, the hardware returns > to you anything from 1 to N values. If you implement a function that > requests N values in the command, you *must* handle the case where > moreData is 1 even if the hardware you are testing that never happens. > > That's the reason why I would start with a function that you request one > property of one capability and optimize it in future if it doesn't scale > for some workload. > > Do you have a workload where it doesn't scale? Thanks Jarkko for explaining in detail. If I understood correctly, the idea is to request for one property at a time, and if we need multiple properties, then to request for each of them in a loop. In case of TPM2_CAP_PCRS, property is always zero. This is how I am calling getcap_cmd for TPM2_CAP_PCRS. tpm2_getcap_cmd(chip, TPM2_CAP_PCRS, 0, _data, "get active pcr banks"); Output : [ 17.081665] tpm: cap id to receive value is 2 [ 17.081666] tpm: TPM2_CAP_COMMANDS: more data 1 [ 17.081667] tpm: 2 [ 17.081668] tpm: tpm2_get_active_banks ---> cap is TPM2_CAP_PCRS [ 17.171665] tpm: cap id to receive value is 5 [ 17.171666] tpm: TPM2_CAP_PCRS: more data 0 ---> more data is zero. [ 17.171666] tpm: TPM2_CAP_PCRS: more data 0 [ 17.171667] tpm: count pcr banks is 2 --> count of active pcr banks information returned more_data is always zero here, so am not sure how to handle more_data in this case ? Since property_id is always zero, I am not able to request for one property at a time. and response_buffer returns the details for both active banks. This is the expected behavior defined in TCG 2.0 Part 3 Commands Specification (Section 30.2.1): "TPM_CAP_PCRS – Returns the current allocation of PCR in a TPML_PCR_SELECTION. The property parameter shall be zero. The TPM will always respond to this command with the full PCR allocation and moreData will be NO." Please let me know, if I am missing something. Thanks & Regards, - Nayna > > /Jarkko > -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH RFC 2/2] tpm: refactor tpm2_get_tpm_pt to tpm2_getcap_cmd
On 11/12/2016 05:32 AM, Jarkko Sakkinen wrote: > On Fri, Nov 11, 2016 at 09:51:45AM +0530, Nayna wrote: >> >> >> On 10/09/2016 03:44 PM, Jarkko Sakkinen wrote: >>> Refactored tpm2_get_tpm_pt to tpm2_getcap_cmd, which means that it also >>> takes capability ID as input. This is required to access >>> TPM_CAP_HANDLES, which contains metadata needed for swapping transient >>> data. >>> >>> Signed-off-by: Jarkko Sakkinen>>> --- >>>drivers/char/tpm/tpm.h | 6 +++- >>>drivers/char/tpm/tpm2-cmd.c | 64 >>> - >>>drivers/char/tpm/tpm_tis_core.c | 3 +- >>>3 files changed, 38 insertions(+), 35 deletions(-) >>> >>> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h >>> index 0fab6d5..8176f42 100644 >>> --- a/drivers/char/tpm/tpm.h >>> +++ b/drivers/char/tpm/tpm.h >>> @@ -85,6 +85,10 @@ enum tpm2_capabilities { >>> TPM2_CAP_TPM_PROPERTIES = 6, >>>}; >>> >>> +enum tpm2_properties { >>> + TPM2_PT_FAMILY_INDICATOR= 0x100, >>> +}; >>> + >>>enum tpm2_startup_types { >>> TPM2_SU_CLEAR = 0x, >>> TPM2_SU_STATE = 0x0001, >>> @@ -485,7 +489,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip, >>>int tpm2_unseal_trusted(struct tpm_chip *chip, >>> struct trusted_key_payload *payload, >>> struct trusted_key_options *options); >>> -ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, >>> +ssize_t tpm2_getcap_cmd(struct tpm_chip *chip, u32 cap_id, u32 property_id, >>> u32 *value, const char *desc); >>> >>>int tpm2_auto_startup(struct tpm_chip *chip); >>> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c >>> index 2900e18..fcf3d86 100644 >>> --- a/drivers/char/tpm/tpm2-cmd.c >>> +++ b/drivers/char/tpm/tpm2-cmd.c >>> @@ -111,13 +111,13 @@ struct tpm2_pcr_extend_in { >>> u8 digest[TPM_DIGEST_SIZE]; >>>} __packed; >>> >>> -struct tpm2_get_tpm_pt_in { >>> +struct tpm2_getcap_in { >>> __be32 cap_id; >>> __be32 property_id; >>> __be32 property_cnt; >>>} __packed; >>> >>> -struct tpm2_get_tpm_pt_out { >>> +struct tpm2_getcap_out { >>> u8 more_data; >>> __be32 subcap_id; >>> __be32 property_cnt; >>> @@ -140,8 +140,8 @@ union tpm2_cmd_params { >>> struct tpm2_pcr_read_inpcrread_in; >>> struct tpm2_pcr_read_out pcrread_out; >>> struct tpm2_pcr_extend_in pcrextend_in; >>> - struct tpm2_get_tpm_pt_in get_tpm_pt_in; >>> - struct tpm2_get_tpm_pt_out get_tpm_pt_out; >>> + struct tpm2_getcap_in getcap_in; >>> + struct tpm2_getcap_out getcap_out; >>> struct tpm2_get_random_in getrandom_in; >>> struct tpm2_get_random_out getrandom_out; >>>}; >>> @@ -435,16 +435,6 @@ int tpm2_get_random(struct tpm_chip *chip, u8 *out, >>> size_t max) >>> return total ? total : -EIO; >>>} >>> >>> -#define TPM2_GET_TPM_PT_IN_SIZE \ >>> - (sizeof(struct tpm_input_header) + \ >>> -sizeof(struct tpm2_get_tpm_pt_in)) >>> - >>> -static const struct tpm_input_header tpm2_get_tpm_pt_header = { >>> - .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), >>> - .length = cpu_to_be32(TPM2_GET_TPM_PT_IN_SIZE), >>> - .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY) >>> -}; >>> - >>>/** >>> * Append TPMS_AUTH_COMMAND to the buffer. The buffer must be allocated >>> with >>> * tpm_buf_alloc(). >>> @@ -750,35 +740,43 @@ out: >>> return rc; >>>} >>> >>> +#define TPM2_GETCAP_IN_SIZE \ >>> + (sizeof(struct tpm_input_header) + sizeof(struct tpm2_getcap_in)) >>> + >>> +static const struct tpm_input_header tpm2_getcap_header = { >>> + .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), >>> + .length = cpu_to_be32(TPM2_GETCAP_IN_SIZE), >>> + .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY) >>> +}; >>> + >>>/** >>> - * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property >>> - * @chip: TPM chip to use. >>> - * @property_id: property ID. >>> - * @value: output variable. >>> + * tpm2_getcap_cmd() - execute a TPM2_GetCapability command >>> + * @chip: TPM chip to use >>> + * @cap_id:capability ID >>> + * @property_id: property ID >>> + * @value: value of the property >>> * @desc:passed to tpm_transmit_cmd() >>> * >>> - * 0 is returned when the operation is successful. If a negative number is >>> - * returned it remarks a POSIX error code. If a positive number is returned >>> - * it remarks a TPM error. >>> + * Return: same as with tpm_transmit_cmd >>> */ >>> -ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 >>> *value, >>> - const char *desc) >>> +ssize_t tpm2_getcap_cmd(struct tpm_chip *chip, u32 cap_id, u32 property_id, >>> + u32 *value, const char *desc) >> >> This function currently returns single
Re: [tpmdd-devel] [PATCH RFC 2/2] tpm: refactor tpm2_get_tpm_pt to tpm2_getcap_cmd
On Fri, Nov 11, 2016 at 09:51:45AM +0530, Nayna wrote: > > > On 10/09/2016 03:44 PM, Jarkko Sakkinen wrote: > > Refactored tpm2_get_tpm_pt to tpm2_getcap_cmd, which means that it also > > takes capability ID as input. This is required to access > > TPM_CAP_HANDLES, which contains metadata needed for swapping transient > > data. > > > > Signed-off-by: Jarkko Sakkinen> > --- > > drivers/char/tpm/tpm.h | 6 +++- > > drivers/char/tpm/tpm2-cmd.c | 64 > > - > > drivers/char/tpm/tpm_tis_core.c | 3 +- > > 3 files changed, 38 insertions(+), 35 deletions(-) > > > > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h > > index 0fab6d5..8176f42 100644 > > --- a/drivers/char/tpm/tpm.h > > +++ b/drivers/char/tpm/tpm.h > > @@ -85,6 +85,10 @@ enum tpm2_capabilities { > > TPM2_CAP_TPM_PROPERTIES = 6, > > }; > > > > +enum tpm2_properties { > > + TPM2_PT_FAMILY_INDICATOR= 0x100, > > +}; > > + > > enum tpm2_startup_types { > > TPM2_SU_CLEAR = 0x, > > TPM2_SU_STATE = 0x0001, > > @@ -485,7 +489,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip, > > int tpm2_unseal_trusted(struct tpm_chip *chip, > > struct trusted_key_payload *payload, > > struct trusted_key_options *options); > > -ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, > > +ssize_t tpm2_getcap_cmd(struct tpm_chip *chip, u32 cap_id, u32 property_id, > > u32 *value, const char *desc); > > > > int tpm2_auto_startup(struct tpm_chip *chip); > > diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c > > index 2900e18..fcf3d86 100644 > > --- a/drivers/char/tpm/tpm2-cmd.c > > +++ b/drivers/char/tpm/tpm2-cmd.c > > @@ -111,13 +111,13 @@ struct tpm2_pcr_extend_in { > > u8 digest[TPM_DIGEST_SIZE]; > > } __packed; > > > > -struct tpm2_get_tpm_pt_in { > > +struct tpm2_getcap_in { > > __be32 cap_id; > > __be32 property_id; > > __be32 property_cnt; > > } __packed; > > > > -struct tpm2_get_tpm_pt_out { > > +struct tpm2_getcap_out { > > u8 more_data; > > __be32 subcap_id; > > __be32 property_cnt; > > @@ -140,8 +140,8 @@ union tpm2_cmd_params { > > struct tpm2_pcr_read_inpcrread_in; > > struct tpm2_pcr_read_out pcrread_out; > > struct tpm2_pcr_extend_in pcrextend_in; > > - struct tpm2_get_tpm_pt_in get_tpm_pt_in; > > - struct tpm2_get_tpm_pt_out get_tpm_pt_out; > > + struct tpm2_getcap_in getcap_in; > > + struct tpm2_getcap_out getcap_out; > > struct tpm2_get_random_in getrandom_in; > > struct tpm2_get_random_out getrandom_out; > > }; > > @@ -435,16 +435,6 @@ int tpm2_get_random(struct tpm_chip *chip, u8 *out, > > size_t max) > > return total ? total : -EIO; > > } > > > > -#define TPM2_GET_TPM_PT_IN_SIZE \ > > - (sizeof(struct tpm_input_header) + \ > > -sizeof(struct tpm2_get_tpm_pt_in)) > > - > > -static const struct tpm_input_header tpm2_get_tpm_pt_header = { > > - .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), > > - .length = cpu_to_be32(TPM2_GET_TPM_PT_IN_SIZE), > > - .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY) > > -}; > > - > > /** > >* Append TPMS_AUTH_COMMAND to the buffer. The buffer must be allocated > > with > >* tpm_buf_alloc(). > > @@ -750,35 +740,43 @@ out: > > return rc; > > } > > > > +#define TPM2_GETCAP_IN_SIZE \ > > + (sizeof(struct tpm_input_header) + sizeof(struct tpm2_getcap_in)) > > + > > +static const struct tpm_input_header tpm2_getcap_header = { > > + .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), > > + .length = cpu_to_be32(TPM2_GETCAP_IN_SIZE), > > + .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY) > > +}; > > + > > /** > > - * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property > > - * @chip: TPM chip to use. > > - * @property_id: property ID. > > - * @value: output variable. > > + * tpm2_getcap_cmd() - execute a TPM2_GetCapability command > > + * @chip: TPM chip to use > > + * @cap_id:capability ID > > + * @property_id: property ID > > + * @value: value of the property > >* @desc: passed to tpm_transmit_cmd() > >* > > - * 0 is returned when the operation is successful. If a negative number is > > - * returned it remarks a POSIX error code. If a positive number is returned > > - * it remarks a TPM error. > > + * Return: same as with tpm_transmit_cmd > >*/ > > -ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 > > *value, > > - const char *desc) > > +ssize_t tpm2_getcap_cmd(struct tpm_chip *chip, u32 cap_id, u32 property_id, > > + u32 *value, const char *desc) > > This function currently returns single value "u32 *value" as output data. > > Some calling function expect list
Re: [tpmdd-devel] [PATCH RFC 2/2] tpm: refactor tpm2_get_tpm_pt to tpm2_getcap_cmd
On 10/09/2016 03:44 PM, Jarkko Sakkinen wrote: > Refactored tpm2_get_tpm_pt to tpm2_getcap_cmd, which means that it also > takes capability ID as input. This is required to access > TPM_CAP_HANDLES, which contains metadata needed for swapping transient > data. > > Signed-off-by: Jarkko Sakkinen> --- > drivers/char/tpm/tpm.h | 6 +++- > drivers/char/tpm/tpm2-cmd.c | 64 > - > drivers/char/tpm/tpm_tis_core.c | 3 +- > 3 files changed, 38 insertions(+), 35 deletions(-) > > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h > index 0fab6d5..8176f42 100644 > --- a/drivers/char/tpm/tpm.h > +++ b/drivers/char/tpm/tpm.h > @@ -85,6 +85,10 @@ enum tpm2_capabilities { > TPM2_CAP_TPM_PROPERTIES = 6, > }; > > +enum tpm2_properties { > + TPM2_PT_FAMILY_INDICATOR= 0x100, > +}; > + > enum tpm2_startup_types { > TPM2_SU_CLEAR = 0x, > TPM2_SU_STATE = 0x0001, > @@ -485,7 +489,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip, > int tpm2_unseal_trusted(struct tpm_chip *chip, > struct trusted_key_payload *payload, > struct trusted_key_options *options); > -ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, > +ssize_t tpm2_getcap_cmd(struct tpm_chip *chip, u32 cap_id, u32 property_id, > u32 *value, const char *desc); > > int tpm2_auto_startup(struct tpm_chip *chip); > diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c > index 2900e18..fcf3d86 100644 > --- a/drivers/char/tpm/tpm2-cmd.c > +++ b/drivers/char/tpm/tpm2-cmd.c > @@ -111,13 +111,13 @@ struct tpm2_pcr_extend_in { > u8 digest[TPM_DIGEST_SIZE]; > } __packed; > > -struct tpm2_get_tpm_pt_in { > +struct tpm2_getcap_in { > __be32 cap_id; > __be32 property_id; > __be32 property_cnt; > } __packed; > > -struct tpm2_get_tpm_pt_out { > +struct tpm2_getcap_out { > u8 more_data; > __be32 subcap_id; > __be32 property_cnt; > @@ -140,8 +140,8 @@ union tpm2_cmd_params { > struct tpm2_pcr_read_inpcrread_in; > struct tpm2_pcr_read_out pcrread_out; > struct tpm2_pcr_extend_in pcrextend_in; > - struct tpm2_get_tpm_pt_in get_tpm_pt_in; > - struct tpm2_get_tpm_pt_out get_tpm_pt_out; > + struct tpm2_getcap_in getcap_in; > + struct tpm2_getcap_out getcap_out; > struct tpm2_get_random_in getrandom_in; > struct tpm2_get_random_out getrandom_out; > }; > @@ -435,16 +435,6 @@ int tpm2_get_random(struct tpm_chip *chip, u8 *out, > size_t max) > return total ? total : -EIO; > } > > -#define TPM2_GET_TPM_PT_IN_SIZE \ > - (sizeof(struct tpm_input_header) + \ > - sizeof(struct tpm2_get_tpm_pt_in)) > - > -static const struct tpm_input_header tpm2_get_tpm_pt_header = { > - .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), > - .length = cpu_to_be32(TPM2_GET_TPM_PT_IN_SIZE), > - .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY) > -}; > - > /** >* Append TPMS_AUTH_COMMAND to the buffer. The buffer must be allocated with >* tpm_buf_alloc(). > @@ -750,35 +740,43 @@ out: > return rc; > } > > +#define TPM2_GETCAP_IN_SIZE \ > + (sizeof(struct tpm_input_header) + sizeof(struct tpm2_getcap_in)) > + > +static const struct tpm_input_header tpm2_getcap_header = { > + .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS), > + .length = cpu_to_be32(TPM2_GETCAP_IN_SIZE), > + .ordinal = cpu_to_be32(TPM2_CC_GET_CAPABILITY) > +}; > + > /** > - * tpm2_get_tpm_pt() - get value of a TPM_CAP_TPM_PROPERTIES type property > - * @chip:TPM chip to use. > - * @property_id: property ID. > - * @value: output variable. > + * tpm2_getcap_cmd() - execute a TPM2_GetCapability command > + * @chip:TPM chip to use > + * @cap_id: capability ID > + * @property_id: property ID > + * @value: value of the property >* @desc: passed to tpm_transmit_cmd() >* > - * 0 is returned when the operation is successful. If a negative number is > - * returned it remarks a POSIX error code. If a positive number is returned > - * it remarks a TPM error. > + * Return: same as with tpm_transmit_cmd >*/ > -ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id, u32 *value, > - const char *desc) > +ssize_t tpm2_getcap_cmd(struct tpm_chip *chip, u32 cap_id, u32 property_id, > + u32 *value, const char *desc) This function currently returns single value "u32 *value" as output data. Some calling function expect list of values from capabilities output. For eg., get_active_banks() use TPM_CAP_PCRS capability to retrieve list of active banks. And this capability returns array of pcr selections(which is a struct representing each active PCR bank) I was