On 07/13/2017 08:38 PM, Eric W. Biederman wrote:
Stefan Berger writes:
On 07/13/2017 01:49 PM, Eric W. Biederman wrote:
My big question right now is can you implement Ted's suggested
restriction. Only one security.foo or secuirty.foo@... attribute ?
We need to raw-list the xattrs a
On 07/13/2017 01:14 PM, Eric W. Biederman wrote:
Theodore Ts'o writes:
On Thu, Jul 13, 2017 at 07:11:36AM -0500, Eric W. Biederman wrote:
The concise summary:
Today we have the xattr security.capable that holds a set of
capabilities that an application gains when executed. AKA setuid root e
On 07/13/2017 12:40 PM, Theodore Ts'o wrote:
On Thu, Jul 13, 2017 at 07:11:36AM -0500, Eric W. Biederman wrote:
The concise summary:
Today we have the xattr security.capable that holds a set of
capabilities that an application gains when executed. AKA setuid root exec
without actually being se
On 07/12/2017 07:13 PM, Eric W. Biederman wrote:
"Serge E. Hallyn" writes:
Quoting Eric W. Biederman (ebied...@xmission.com):
Stefan Berger <"Stefan Bergerstefanb"@linux.vnet.ibm.com> writes:
Signed-off-by: Stefan Berger
Signed-off-by: Serge Hallyn
Reviewed-by:
On 07/12/2017 01:53 PM, Vivek Goyal wrote:
On Tue, Jul 11, 2017 at 11:05:11AM -0400, Stefan Berger wrote:
[..]
@@ -301,14 +721,39 @@ ssize_t
__vfs_getxattr(struct dentry *dentry, struct inode *inode, const char *name,
void *value, size_t size)
{
- const struct
On 07/11/2017 11:45 PM, Serge E. Hallyn wrote:
Quoting Stefan Berger (Stefan bergerstef...@linux.vnet.ibm.com):
+/*
+ * xattr_list_userns_rewrite - Rewrite list of xattr names for user namespaces
+ * or determine needed size for attribute list
On 07/11/2017 01:12 PM, Serge E. Hallyn wrote:
Quoting Stefan Berger (Stefan bergerstef...@linux.vnet.ibm.com):
er.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 19839
Lines: 700
X-UID: 24770
Status: RO
From: Stefan Berger
This patch enables security.capability
From: Stefan Berger
This patch enables security.capability in user namespaces but also
takes a more general approach to enabling extended attributes in user
namespaces.
The following rules describe the approach using security.foo as a
'user namespace enabled' extended attribute:
From: Stefan Berger
The primary goal of the following patch is to enable file capabilities
in user namespaces without affecting the file capabilities that are
effective on the host. This is to prevent that any unprivileged user
on the host maps his own uid to root in a private namespace, writes
On 06/28/2017 03:18 AM, Amir Goldstein wrote:
On Wed, Jun 28, 2017 at 8:41 AM, Serge E. Hallyn wrote:
On Fri, Jun 23, 2017 at 10:01:46AM +0300, Amir Goldstein wrote:
On Thu, Jun 22, 2017 at 9:59 PM, Stefan Berger
wrote:
This series of patches primary goal is to enable file capabilities
in
On 06/23/2017 04:30 PM, Stephen Smalley wrote:
On Thu, 2017-06-22 at 14:59 -0400, Stefan Berger wrote:
Before the current modifications, SELinux extended attributes were
visible inside the user namespace but changes in patch 1 hid them.
This patch enables security.selinux in user namespaces and
On 06/23/2017 02:35 PM, Serge E. Hallyn wrote:
Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
On 06/23/2017 12:16 PM, Casey Schaufler wrote:
On 6/23/2017 9:00 AM, Serge E. Hallyn wrote:
Quoting Amir Goldstein (amir7...@gmail.com):
On Thu, Jun 22, 2017 at 9:59 PM, Stefan Berger
wrote
On 06/23/2017 12:16 PM, Casey Schaufler wrote:
On 6/23/2017 9:00 AM, Serge E. Hallyn wrote:
Quoting Amir Goldstein (amir7...@gmail.com):
On Thu, Jun 22, 2017 at 9:59 PM, Stefan Berger
wrote:
This series of patches primary goal is to enable file capabilities
in user namespaces without
On 06/23/2017 01:07 PM, James Bottomley wrote:
On Fri, 2017-06-23 at 11:30 -0500, Serge E. Hallyn wrote:
Quoting Casey Schaufler (ca...@schaufler-ca.com):
Or maybe just security.ns.capability, taking James' comment into
account.
That last one may be suitable as an option, useful for his partic
On 06/22/2017 04:33 PM, Casey Schaufler wrote:
On 6/22/2017 1:12 PM, Stefan Berger wrote:
On 06/22/2017 03:59 PM, Casey Schaufler wrote:
On 6/22/2017 11:59 AM, Stefan Berger wrote:
This series of patches primary goal is to enable file capabilities
in user namespaces without affecting the file
On 06/22/2017 03:59 PM, Casey Schaufler wrote:
On 6/22/2017 11:59 AM, Stefan Berger wrote:
This series of patches primary goal is to enable file capabilities
in user namespaces without affecting the file capabilities that are
effective on the host. This is to prevent that any unprivileged user
attribute to the list twice.
Signed-off-by: Stefan Berger
Signed-off-by: Serge Hallyn
Reviewed-by: Serge Hallyn
---
fs/xattr.c | 90 --
1 file changed, 64 insertions(+), 26 deletions(-)
diff --git a/fs/xattr.c b/fs/xattr.c
index
of the extended attributes are adjusted to represent the mapping.
This means that if root is mapped to uid 1000 on the host, the
security.foo@uid=1000 will be listed as security.foo in the user
namespace, security.foo@uid=1001 becomes security.foo@uid=1 and so on.
Signed-off-by: Stefan Berger
Signed-off-
Before the current modifications, SELinux extended attributes were
visible inside the user namespace but changes in patch 1 hid them.
This patch enables security.selinux in user namespaces and allows
them to be written to in the same way as security.capability.
Signed-off-by: Stefan Berger
o
be enabled here is 'security.selinux,' since otherwise this extended
attribute would not be shown anymore inside a user namespace.
Regards,
Stefan & Serge
Stefan Berger (3):
xattr: Enable security.capability in user namespaces
Enable capabilities of files from shared filesystem
Enable s
On 06/21/2017 03:31 AM, Jarkko Sakkinen wrote:
Consolidated all the "manual" TPM startup code to a single function
in order to make code flows a bit cleaner and migrate to tpm_buf.
Signed-off-by: Jarkko Sakkinen
Tested-by: Stefan Berger
FYI:
swtpm chardev --vtpm-proxy --tpmstat
On 06/20/2017 05:38 PM, Jarkko Sakkinen wrote:
On Tue, Jun 20, 2017 at 11:32:41PM +0200, Jarkko Sakkinen wrote:
On Tue, Jun 20, 2017 at 05:25:57PM -0400, Stefan Berger wrote:
On 06/20/2017 04:55 PM, Jarkko Sakkinen wrote:
On Tue, Jun 20, 2017 at 01:31:52PM -0600, Jason Gunthorpe wrote:
On
On 06/20/2017 04:55 PM, Jarkko Sakkinen wrote:
On Tue, Jun 20, 2017 at 01:31:52PM -0600, Jason Gunthorpe wrote:
On Tue, Jun 20, 2017 at 08:13:34PM +0200, Jarkko Sakkinen wrote:
Consolidated all the "manual" TPM startup code to a single function
in order to make code flows a bit cleaner and migr
On 06/20/2017 08:19 AM, Stefan Berger wrote:
On 06/20/2017 01:42 AM, Amir Goldstein wrote:
On Tue, Jun 20, 2017 at 12:34 AM, Eric W. Biederman
wrote:
"Serge E. Hallyn" writes:
Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
On 06/14/2017 11:05 PM, Serge E. Hallyn wrote:
O
On 06/20/2017 01:42 AM, Amir Goldstein wrote:
On Tue, Jun 20, 2017 at 12:34 AM, Eric W. Biederman
wrote:
"Serge E. Hallyn" writes:
Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
On 06/14/2017 11:05 PM, Serge E. Hallyn wrote:
On Wed, Jun 14, 2017 at 08:27:40AM -0400, Ste
On 06/18/2017 09:13 PM, Stefan Berger wrote:
On 06/18/2017 06:14 PM, Serge E. Hallyn wrote:
Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
On 06/14/2017 11:05 PM, Serge E. Hallyn wrote:
On Wed, Jun 14, 2017 at 08:27:40AM -0400, Stefan Berger wrote:
On 06/13/2017 07:55 PM, Serge E
On 06/18/2017 06:14 PM, Serge E. Hallyn wrote:
Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
On 06/14/2017 11:05 PM, Serge E. Hallyn wrote:
On Wed, Jun 14, 2017 at 08:27:40AM -0400, Stefan Berger wrote:
On 06/13/2017 07:55 PM, Serge E. Hallyn wrote:
Quoting Stefan Berger (stef
On 06/14/2017 11:05 PM, Serge E. Hallyn wrote:
On Wed, Jun 14, 2017 at 08:27:40AM -0400, Stefan Berger wrote:
On 06/13/2017 07:55 PM, Serge E. Hallyn wrote:
Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
If all extended
attributes were to support this model, maybe the 'uid'
On 06/14/2017 11:05 PM, Serge E. Hallyn wrote:
On Wed, Jun 14, 2017 at 08:27:40AM -0400, Stefan Berger wrote:
On 06/13/2017 07:55 PM, Serge E. Hallyn wrote:
Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
If all extended
attributes were to support this model, maybe the 'uid'
On 06/13/2017 07:55 PM, Serge E. Hallyn wrote:
Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
On 06/13/2017 01:18 PM, Serge E. Hallyn wrote:
Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
On 05/08/2017 02:11 PM, Serge E. Hallyn wrote:
Root in a non-initial user ns cannot be trusted
On 06/13/2017 04:53 PM, Tycho Andersen wrote:
On Tue, Jun 13, 2017 at 04:49:03PM -0400, Stefan Berger wrote:
On 06/13/2017 04:46 PM, Tycho Andersen wrote:
On Tue, Jun 13, 2017 at 10:45:02AM -0700, James Bottomley wrote:
On Tue, 2017-06-13 at 11:14 -0600, Tycho Andersen via Containers wrote
On 06/13/2017 04:46 PM, Tycho Andersen wrote:
On Tue, Jun 13, 2017 at 10:45:02AM -0700, James Bottomley wrote:
On Tue, 2017-06-13 at 11:14 -0600, Tycho Andersen via Containers wrote:
Hi Stefan,
On Tue, Jun 13, 2017 at 11:47:26AM -0400, Stefan Berger wrote:
On 05/08/2017 02:11 PM, Serge E
On 06/13/2017 01:18 PM, Serge E. Hallyn wrote:
Quoting Stefan Berger (stef...@linux.vnet.ibm.com):
On 05/08/2017 02:11 PM, Serge E. Hallyn wrote:
Root in a non-initial user ns cannot be trusted to write a traditional
security.capability xattr. If it were allowed to do so, then any
On 06/13/2017 01:14 PM, Tycho Andersen wrote:
Hi Stefan,
On Tue, Jun 13, 2017 at 11:47:26AM -0400, Stefan Berger wrote:
On 05/08/2017 02:11 PM, Serge E. Hallyn wrote:
Root in a non-initial user ns cannot be trusted to write a traditional
security.capability xattr. If it were allowed to do so
On 05/08/2017 02:11 PM, Serge E. Hallyn wrote:
Root in a non-initial user ns cannot be trusted to write a traditional
security.capability xattr. If it were allowed to do so, then any
unprivileged user on the host could map his own uid to root in a private
namespace, write the xattr, and execute
On 06/04/2017 12:27 PM, Jarkko Sakkinen wrote:
On Sun, Jun 04, 2017 at 06:43:32PM +0300, Jarkko Sakkinen wrote:
On Thu, Jun 01, 2017 at 08:34:31PM -0400, Stefan Berger wrote:
On 05/24/2017 08:09 PM, Jarkko Sakkinen wrote:
On Wed, May 24, 2017 at 07:03:27PM -0400, Stefan Berger wrote:
On 05
On 05/24/2017 08:09 PM, Jarkko Sakkinen wrote:
On Wed, May 24, 2017 at 07:03:27PM -0400, Stefan Berger wrote:
On 05/24/2017 06:21 PM, Jarkko Sakkinen wrote:
On Wed, May 24, 2017 at 05:39:40PM -0400, Stefan Berger wrote:
Implement the request_locality function. To set the locality on the
On 05/25/2017 06:33 PM, Jarkko Sakkinen wrote:
On Thu, May 25, 2017 at 04:32:50PM -0400, Stefan Berger wrote:
On 05/25/2017 04:09 PM, Jason Gunthorpe wrote:
On Thu, May 25, 2017 at 04:04:24PM -0400, Stefan Berger wrote:
On 05/25/2017 11:50 AM, Jason Gunthorpe wrote:
On Thu, May 25, 2017 at
driver is being used.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm-interface.c | 5 +++--
drivers/char/tpm/tpm2-cmd.c | 2 +-
2 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index d711186..d2b4df6 10
driver is being used.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm-interface.c | 4 ++--
drivers/char/tpm/tpm2-cmd.c | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index d711186..4826fcf 10
On 05/25/2017 04:44 PM, Jason Gunthorpe wrote:
On Thu, May 25, 2017 at 04:32:50PM -0400, Stefan Berger wrote:
It doesn't hang. Everything is torn down immediately. What is primarily
annoying are these two log messages:
tpm tpm0: tpm_transmit: tpm_send: error -32
tpm tpm0: transmit returne
On 05/25/2017 04:09 PM, Jason Gunthorpe wrote:
On Thu, May 25, 2017 at 04:04:24PM -0400, Stefan Berger wrote:
On 05/25/2017 11:50 AM, Jason Gunthorpe wrote:
On Thu, May 25, 2017 at 09:12:36AM -0400, Stefan Berger wrote:
The tpm2_shutdown does not work with the VTPM proxy driver since the
On 05/25/2017 11:50 AM, Jason Gunthorpe wrote:
On Thu, May 25, 2017 at 09:12:36AM -0400, Stefan Berger wrote:
The tpm2_shutdown does not work with the VTPM proxy driver since the
function only gets called when the backend file descriptor is already
closed and at this point no data can be sent
stack, that sends the command via the character device before
terminating the TPM emulator.
To avoid the tpm2_shutdown we introduce a TPM_CHIP_FLAG_NO_SHUTDOWN flag
that only the VTPM proxy driver sets. This also avoids misleading kernel
log messages.
Signed-off-by: Stefan Berger
---
drivers/char
On 05/24/2017 06:21 PM, Jarkko Sakkinen wrote:
On Wed, May 24, 2017 at 05:39:40PM -0400, Stefan Berger wrote:
Implement the request_locality function. To set the locality on the
backend we define vendor-specific TPM 1.2 and TPM 2 ordinals and send
a command to the backend to set the locality
On 05/24/2017 06:18 PM, Jarkko Sakkinen wrote:
On Wed, May 24, 2017 at 05:39:39PM -0400, Stefan Berger wrote:
Introduce the flag TPM_TRANSMIT_RAW that allows us to transmit
a command without recursing into the requesting of locality.
Signed-off-by: Stefan Berger
Reviewed-by: Jarkko Sakkinen
calling tpm_transmit_cmd. To avoid recursing
into TPM 2 space related commands, we set the space parameter to NULL.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm-interface.c | 1 +
drivers/char/tpm/tpm_vtpm_proxy.c | 36
include/uapi/linux/vtpm_proxy.h
Introduce the flag TPM_TRANSMIT_RAW that allows us to transmit
a command without recursing into the requesting of locality.
Signed-off-by: Stefan Berger
Reviewed-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-interface.c | 3 ++-
drivers/char/tpm/tpm.h | 1 +
2 files changed, 3
rom function in patch 3/3
Stefan Berger (3):
tpm: Introduce flag TPM_TRANSMIT_RAW
tpm: vtpm_proxy: Implement request_locality function.
tpm: vtpm_proxy: Prevent userspace from sending driver command
drivers/char/tpm/tpm-interface.c | 4 ++-
drivers/char/tpm/tpm.h| 1 +
drivers/
this
command. Similar to the TPM 2 space commands we return an error
code when this command is detected.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm_vtpm_proxy.c | 33 +
1 file changed, 33 insertions(+)
diff --git a/drivers/char/tpm/tpm_vtpm_proxy.c
b
On 05/20/2017 08:40 AM, Jarkko Sakkinen wrote:
On Mon, May 15, 2017 at 12:51:45PM -0400, Stefan Berger wrote:
Implement the request_locality function. To set the locality on the
backend we define vendor-specific TPM 1.2 and TPM 2 ordinals and send
a command to the backend to set the locality
On 05/20/2017 08:47 AM, Jarkko Sakkinen wrote:
On Mon, May 15, 2017 at 11:56:51AM -0400, Stefan Berger wrote:
On 05/15/2017 08:41 AM, Jarkko Sakkinen wrote:
On Wed, May 10, 2017 at 07:54:22PM -0400, Stefan Berger wrote:
Implement the request_locality function. To set the locality on the
On 05/16/2017 03:03 PM, Ken Goldman wrote:
On 5/10/2017 7:54 PM, Stefan Berger wrote:
Implement the request_locality function. To set the locality on the
backend we define vendor-specific TPM 1.2 and TPM 2 ordinals and send
a command to the backend to set the locality for the next commands
Introduce the flag TPM_TRASNMIT_RAW that allows us to transmit
a command without recursing into the requesting of locality.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm-interface.c | 3 ++-
drivers/char/tpm/tpm.h | 1 +
2 files changed, 3 insertions(+), 1 deletion(-)
diff
uce TPM_TRANSMIT_RAW to be able to call tpm_transmit without
recursing into requesting the locality.
v3->v4:
- addressed Jarkko's comments: largely a rewrite of the patches
v2->v3:
- addressed Jarkko's comments
v1->v2:
- fixed return value from function in patch 3/3
Stefan Berger
calling tpm_trasnmit_cmd. To avoid recursing
into TPM 2 space related commands, we set the space parameter to NULL.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm-interface.c | 1 +
drivers/char/tpm/tpm_vtpm_proxy.c | 36
include/uapi/linux/vtpm_proxy.h
On 05/15/2017 12:04 PM, Stefan Berger wrote:
On 05/15/2017 08:40 AM, Jarkko Sakkinen wrote:
On Wed, May 10, 2017 at 07:54:21PM -0400, Stefan Berger wrote:
Refactor tpm_transmit and pull out code sending the command
and receiving the response and put this into tpm_transfer.
Signed-off-by
On 05/15/2017 08:40 AM, Jarkko Sakkinen wrote:
On Wed, May 10, 2017 at 07:54:21PM -0400, Stefan Berger wrote:
Refactor tpm_transmit and pull out code sending the command
and receiving the response and put this into tpm_transfer.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm
On 05/15/2017 08:41 AM, Jarkko Sakkinen wrote:
On Wed, May 10, 2017 at 07:54:22PM -0400, Stefan Berger wrote:
Implement the request_locality function. To set the locality on the
backend we define vendor-specific TPM 1.2 and TPM 2 ordinals and send
a command to the backend to set the locality
On 05/10/2017 07:54 PM, Stefan Berger wrote:
Refactor tpm_transmit and pull out code sending the command
and receiving the response and put this into tpm_transfer.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm-interface.c | 121 +++
1 file changed
Implement the request_locality function. To set the locality on the
backend we define vendor-specific TPM 1.2 and TPM 2 ordinals and send
a command to the backend to set the locality for the next commands.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm.h| 1 +
drivers/char
o's comments: largely a rewrite of the patches
v2->v3:
- addressed Jarkko's comments
v1->v2:
- fixed return value from function in patch 3/3
Stefan Berger (2):
tpm: Refactor tpm_transmit pulling out tpm_transfer function
tpm: vtpm_proxy: Implement request_locality function.
Refactor tpm_transmit and pull out code sending the command
and receiving the response and put this into tpm_transfer.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm-interface.c | 121 +++
1 file changed, 73 insertions(+), 48 deletions(-)
diff --git a
On 05/10/2017 08:47 AM, Jarkko Sakkinen wrote:
On Tue, May 09, 2017 at 11:49:05AM -0400, Stefan Berger wrote:
On 05/08/2017 07:43 PM, Jarkko Sakkinen wrote:
On Thu, May 04, 2017 at 04:03:18PM -0400, Stefan Berger wrote:
On 05/04/2017 02:40 PM, Jarkko Sakkinen wrote:
On Thu, May 04, 2017 at
On 05/08/2017 07:43 PM, Jarkko Sakkinen wrote:
On Thu, May 04, 2017 at 04:03:18PM -0400, Stefan Berger wrote:
On 05/04/2017 02:40 PM, Jarkko Sakkinen wrote:
On Thu, May 04, 2017 at 07:14:27AM -0400, Stefan Berger wrote:
On 05/04/2017 05:17 AM, Jarkko Sakkinen wrote:
On Wed, May 03, 2017 at
On 05/04/2017 02:40 PM, Jarkko Sakkinen wrote:
On Thu, May 04, 2017 at 07:14:27AM -0400, Stefan Berger wrote:
On 05/04/2017 05:17 AM, Jarkko Sakkinen wrote:
On Wed, May 03, 2017 at 07:40:48PM -0400, Stefan Berger wrote:
On 05/03/2017 06:37 PM, Jarkko Sakkinen wrote:
On Fri, Apr 28, 2017 at
On 05/04/2017 01:31 PM, Jason Gunthorpe wrote:
On Thu, May 04, 2017 at 01:28:17PM -0400, Stefan Berger wrote:
So allowing request_locality to fail from userspace seems reasonable.
What's the best interface to use for this ?
If locality support is enabled then send a request locality p
On 05/04/2017 01:20 PM, Jason Gunthorpe wrote:
On Thu, May 04, 2017 at 01:13:18PM -0400, Stefan Berger wrote:
On 05/04/2017 11:34 AM, Jason Gunthorpe wrote:
On Thu, May 04, 2017 at 10:56:25AM -0400, Stefan Berger wrote:
Implement VTPM_PROXY_IOC_GET_SUPT_FLAGS ioctl to get the bitmask
of flags
On 05/04/2017 11:34 AM, Jason Gunthorpe wrote:
On Thu, May 04, 2017 at 10:56:25AM -0400, Stefan Berger wrote:
Implement VTPM_PROXY_IOC_GET_SUPT_FLAGS ioctl to get the bitmask
of flags that the vtpm_proxy driver supports in the
VTPM_PROXY_IOC_NEW_DEV ioctl. This helps user space in deciding
Implement VTPM_PROXY_IOC_GET_SUPT_FLAGS ioctl to get the bitmask
of flags that the vtpm_proxy driver supports in the
VTPM_PROXY_IOC_NEW_DEV ioctl. This helps user space in deciding
which flags to set in that ioctl.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm_vtpm_proxy.c | 29
t the locality be prepended
to every TPM command. This flag is also set in the
VTPM_PROXY_IOC_GET_SUPT_FLAGS ioctl's flags field to indicate that this
feature is supported in this version of the driver.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm_vtpm_proxy.c | 18 ++
in
Implement the request_locality function. Accept all localities assuming
that the recipient (TPM emulator) handling TPM commands with prepended
locality modifier will check for a valid locality and return a TPM error
in case the locality is invalid.
Signed-off-by: Stefan Berger
---
drivers/char
which flags
the driver supports, we add a new ioctl that returns a bitmask of supported
flags.
v2->v3:
- addressed Jarkko's comments
v1->v2:
- fixed return value from function in patch 3/3
Stefan Berger (3):
tpm: vtpm_proxy: Implement new ioctl to get supported flags
tpm:
On 05/04/2017 05:17 AM, Jarkko Sakkinen wrote:
On Wed, May 03, 2017 at 07:40:48PM -0400, Stefan Berger wrote:
On 05/03/2017 06:37 PM, Jarkko Sakkinen wrote:
On Fri, Apr 28, 2017 at 09:02:18AM -0400, Stefan Berger wrote:
Add an ioctl to request that the locality be prepended to every TPM
On 05/03/2017 06:38 PM, Jarkko Sakkinen wrote:
On Fri, Apr 28, 2017 at 09:02:15AM -0400, Stefan Berger wrote:
The purpose of this series of patches is to enable the passing of the locality
a command is executing in to a TPM emulator. To enable this we introduce a new
flag for the device
On 05/03/2017 06:37 PM, Jarkko Sakkinen wrote:
On Fri, Apr 28, 2017 at 09:02:18AM -0400, Stefan Berger wrote:
Add an ioctl to request that the locality be prepended to every TPM
command.
Don't really understand this change. Why locality is prenpended?
Commands can be executed under loc
Add an ioctl to get the supported flags.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm_vtpm_proxy.c | 29 +
include/uapi/linux/vtpm_proxy.h | 11 +++
2 files changed, 40 insertions(+)
diff --git a/drivers/char/tpm/tpm_vtpm_proxy.c
b/drivers/char
Implement the request_locality function. Accept all localities assuming
that the emulator handling the localities will check for a valid locality.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm_vtpm_proxy.c | 6 ++
1 file changed, 6 insertions(+)
diff --git a/drivers/char/tpm
driver supports, we
add a new ioctl that returns a bitmask of supported flags.
v1->v2:
- fixed return value from function in patch 3/3
Stefan Berger (3):
tpm: vtpm_proxy: Add ioctl to get supported flags
tpm: vtpm_proxy: Implement request_locality
tpm: vtpm_proxy: Add ioctl to requ
Add an ioctl to request that the locality be prepended to every TPM
command.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm_vtpm_proxy.c | 18 +-
include/uapi/linux/vtpm_proxy.h | 4 +++-
2 files changed, 16 insertions(+), 6 deletions(-)
diff --git a/drivers/char/tpm
quot;)
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm-chip.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
index a321bd5..9dec9f5 100644
--- a/drivers/char/tpm/tpm-chip.c
+++ b/drivers/char/tpm/tpm-chip
The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
which is the size of the PCR state.
This fixes a problem where IMA gets errors with every PCR Extend.
Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
Signed-off-by: Stefan Berger
Acked-by:
drivers/char/tpm/tpm-sysfs.c:161:25: warning: expression using sizeof bool
Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/char
On 01/20/2017 12:05 PM, Nayna Jain wrote:
This patch implements the TPM 2.0 capability TPM_CAP_PCRS to
retrieve the active PCR banks from the TPM. This is needed
to enable extending all active banks as recommended by TPM 2.0
TCG Specification.
Signed-off-by: Nayna Jain
Reviewed-by: Jarkko Sakki
On 01/25/2017 03:45 PM, Jarkko Sakkinen wrote:
On Fri, Jan 20, 2017 at 12:05:11PM -0500, Nayna Jain wrote:
IMA extends its hash measurements in the TPM PCRs, based on policy.
The existing in-kernel TPM extend function extends only the SHA1
PCR bank. TPM 2.0 defines multiple PCR banks, to support
On 01/22/2017 06:44 PM, Jarkko Sakkinen wrote:
@@ -1025,8 +1029,60 @@ int tpm2_auto_startup(struct tpm_chip *chip)
}
}
+ rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, NULL);
+ if (rc)
+ goto out;
+
+ /* sanity check */
+
Berger wrote:
Make sure that we have not received less bytes than what is indicated
in the header of the TPM response. Also, check the number of bytes in
the response before accessing its data.
Signed-off-by: Stefan Berger
Reviewed-by: Jarkko Sakkinen
Oops. I found some odd stuff after all so
Make sure that we have not received less bytes than what is indicated
in the header of the TPM response. Also, check the number of bytes in
the response before accessing its data.
Signed-off-by: Stefan Berger
--
v7:
- Followed Jarkko's suggestions on v6
v6:
- Fixed comparsion of size_t
On 01/18/2017 08:36 AM, Jarkko Sakkinen wrote:
On Tue, Jan 17, 2017 at 05:27:47PM -0500, Stefan Berger wrote:
On 01/17/2017 09:49 AM, Jarkko Sakkinen wrote:
On Mon, Jan 16, 2017 at 04:41:11PM -0500, Stefan Berger wrote:
+ * @min_rx_length: minimum expected length of response
Please, rename
On 01/17/2017 09:49 AM, Jarkko Sakkinen wrote:
On Mon, Jan 16, 2017 at 04:41:11PM -0500, Stefan Berger wrote:
+ * @min_rx_length: minimum expected length of response
Please, rename as min_rsp_body_len and change the description
accordingly.
* @flags: tpm transmit flags - bitmap
Make sure that we have not received less bytes than what is indicated
in the header of the TPM response. Also, check the number of bytes in
the response before accessing its data.
Signed-off-by: Stefan Berger
---
v6:
- Fixed comparsion of size_t with negative number in transmit_cmd
- Added
On 01/16/2017 08:25 AM, Jarkko Sakkinen wrote:
On Mon, Jan 16, 2017 at 03:24:09PM +0200, Jarkko Sakkinen wrote:
On Fri, Jan 13, 2017 at 09:36:34PM -0500, Stefan Berger wrote:
Make sure that we have not received less bytes than what is indicated
in the header of the TPM response. Also, check
On 01/16/2017 08:24 AM, Jarkko Sakkinen wrote:
On Fri, Jan 13, 2017 at 09:36:34PM -0500, Stefan Berger wrote:
Make sure that we have not received less bytes than what is indicated
in the header of the TPM response. Also, check the number of bytes in
the response before accessing its data
On 01/13/2017 01:09 PM, Stefan Berger wrote:
On 01/11/2017 02:54 AM, Nayna Jain wrote:
Unlike the device driver support for TPM 1.2, the TPM 2.0 does
not support the securityfs pseudo files for displaying the
firmware event log.
This patch enables support for providing the TPM 2.0 event log in
On 01/11/2017 02:54 AM, Nayna Jain wrote:
Unlike the device driver support for TPM 1.2, the TPM 2.0 does
not support the securityfs pseudo files for displaying the
firmware event log.
This patch enables support for providing the TPM 2.0 event log in
binary form. TPM 2.0 event log supports a cryp
On 01/11/2017 01:03 PM, Jason Gunthorpe wrote:
On Wed, Jan 11, 2017 at 11:00:43AM +0100, Andreas Fuchs wrote:
could we please get an ioctl, that switches the "mode" of the fd entirely.
I'd like to see the write()/read() support still intact.
All my current code uses main-loop based poll on the
2
support (basing the log on ACPI). I had to fix an endianess issue on the
SeaBIOS side, which made it work. So for this version of the patches I
can give it my tested-by:
Tested-by: Stefan Berger
and tpm_vtpm_proxy.c
to be compatible with this approach and wrote associated documentation
comments.
Signed-off-by: Jarkko Sakkinen
Stefan?
Reviewed-by: Stefan Berger
/Jarkko
---
Documentation/index.rst| 1 +
Documentation/tpm/index.rst
Sakkinen
Stefan, is this OK? Are you willing to give Reviewed-by?
Reviewed-by: Stefan Berger
Stefan
/Jarkko
---
drivers/char/tpm/tpm_vtpm_proxy.c | 72 +--
include/uapi/linux/vtpm_proxy.h | 23 ++---
2 files changed, 65 insertions(+), 30
On 06/27/2016 02:32 PM, Jarkko Sakkinen wrote:
On Fri, Jun 24, 2016 at 02:43:00PM -0400, Stefan Berger wrote:
On 06/24/2016 01:48 PM, Jason Gunthorpe wrote:
On Fri, Jun 24, 2016 at 10:36:55AM -0400, Stefan Berger wrote:
Introduce TPM_VTPM_PROXY_NO_SYSFS flag that prevents a vtpm_proxy driver
401 - 500 of 598 matches
Mail list logo
