On Tue, Jan 10, 2017 at 03:15:41PM -0500, Stefan Berger wrote:
> Make sure that we have not received less bytes than what is indicated
> in the header of the TPM response. Also, check the number of bytes in
> the response before accessing its data.
>
> Signed-off-by: Stefan Berger
I'm not going
On Tue, Jan 10, 2017 at 09:18:11AM -0500, Stefan Berger wrote:
> Make sure that we have not received less bytes than what is indicated
> in the header of the TPM response.
>
> Signed-off-by: Stefan Berger
NAK for the whole patch set as it is missing the cover letter.
Also you should pick my val
Question 1 of 2:
The RM is virtualizing transient handles. When getcapability returns
TPM handles, they have to be mapped to the virtual handles.
Where should the mapping occur? RM vs. user space TSS?
- The RM sees the TPM physical handles, and knows the mapping to virtual
handles for that p
The result of getcapability for transient objects should normally be
virtual handles that the application sees, not the TPM handles.
However, there is a corner case - auditing the getcapability command.
Audit is a TPM function that maintains a hash of commands
and responses, and
This patch implements the TPM 2.0 capability TPM_CAP_PCRS to
retrieve the active PCR banks from the TPM. This is needed
to enable extending all active banks as recommended by TPM 2.0
TCG Specification.
Signed-off-by: Nayna Jain
---
drivers/char/tpm/tpm.h | 4 +++
drivers/char/tpm/tpm2-cmd.
IMA extends its hash measurements in the TPM PCRs, based on policy.
The existing in-kernel TPM extend function extends only the SHA1
PCR bank. TPM 2.0 defines multiple PCR banks, to support different
hash algorithms. The TCG TPM 2.0 Specification[1] recommends
extending all active PCR banks to prev
The current TPM 2.0 device driver extends only the SHA1 PCR bank
but the TCG Specification[1] recommends extending all active PCR
banks, to prevent malicious users from setting unused PCR banks with
fake measurements and quoting them.
The existing in-kernel interface(tpm_pcr_extend()) expects only
On Thu, Jan 12, 2017 at 04:43:21PM +0200, Jarkko Sakkinen wrote:
> On Tue, Jan 10, 2017 at 03:15:41PM -0500, Stefan Berger wrote:
> > Make sure that we have not received less bytes than what is indicated
> > in the header of the TPM response. Also, check the number of bytes in
> > the response befo
On Thu, Jan 12, 2017 at 10:18:39AM -0700, Jason Gunthorpe wrote:
> On Thu, Jan 12, 2017 at 04:43:21PM +0200, Jarkko Sakkinen wrote:
> > On Tue, Jan 10, 2017 at 03:15:41PM -0500, Stefan Berger wrote:
> > > Make sure that we have not received less bytes than what is indicated
> > > in the header of t
On Tue, Jan 10, 2017 at 05:04:04PM -0500, Stefan Berger wrote:
> Make sure that we have not received less bytes than what is indicated
> in the header of the TPM response. Also, check the number of bytes in
> the response before accessing its data.
>
> Signed-off-by: Stefan Berger
This patch has
On Wed, Jan 11, 2017 at 02:54:22AM -0500, Nayna Jain wrote:
> Unlike the device driver support for TPM 1.2, the TPM 2.0 does
> not support the securityfs pseudo files for displaying the
> firmware event log.
>
> This patch enables support for providing the TPM 2.0 event log in
> binary form. TPM 2
Added ability to tpm_transmit() to supply a TPM space that contains
mapping from virtual handles to physical handles and backing storage for
swapping transient objects. TPM space is isolated from other users of
the TPM.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/Makefile| 2 +-
From: James Bottomley
Signed-off-by: James Bottomley
---
drivers/char/tpm/Makefile | 2 +-
drivers/char/tpm/tpm-dev-common.c | 145 ++
drivers/char/tpm/tpm-dev.c| 141
drivers/char/tpm/tpm-dev.h|
From: James Bottomley
Currently the Resource Manager (RM) is not exposed to userspace. Make
this exposure via a separate device, which can now be opened multiple
times because each read/write transaction goes separately via the RM.
Concurrency is protected by the chip->tpm_mutex for each read/w
Check for every TPM 2.0 command that the command code is supported and
the command buffer has at least the length that can contain the header
and the handle area.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-interface.c | 32 -
drivers/char/tpm/tpm.h
This patch set adds support for TPM spaces that provide a context
for isolating and swapping transient objects. This patch set does
not yet include support for isolating policy and HMAC sessions but
it is trivial to add once the basic approach is settled (and that's
why I created an RFC patch set).
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm.h | 2 ++
drivers/char/tpm/tpm2-cmd.c | 65 ++---
2 files changed, 34 insertions(+), 33 deletions(-)
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 80fa606..c87c221 100644
--
Since commit 1107d065fdf1 ("tpm_tis: Introduce intermediate layer for TPM
access") Atmel 3203 TPM on ThinkPad X61S (TPM firmware version 13.9) no
longer works.
It turns out the initialization proceeds fine until we get and start using
chip-reported timeouts - and the chip reports C and D timeouts o
probe_itpm() function is supposed to send command without an itpm flag set
and if this fails to repeat it, this time with the itpm flag set.
However, commit 41a5e1cf1fe15 ("tpm/tpm_tis: Split tpm_tis driver into a
core and TCG TIS compliant phy") moved the itpm flag from an "itpm"
variable to a TP
On Thu, Jan 12, 2017 at 11:58:10AM -0500, Nayna Jain wrote:
> The current TPM 2.0 device driver extends only the SHA1 PCR bank
> but the TCG Specification[1] recommends extending all active PCR
> banks, to prevent malicious users from setting unused PCR banks with
> fake measurements and quoting th
On Thu, Jan 12, 2017 at 11:58:09AM -0500, Nayna Jain wrote:
> This patch implements the TPM 2.0 capability TPM_CAP_PCRS to
> retrieve the active PCR banks from the TPM. This is needed
> to enable extending all active banks as recommended by TPM 2.0
> TCG Specification.
>
> Signed-off-by: Nayna Jai
On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote:
> @@ -435,17 +440,23 @@ ssize_t tpm_transmit(struct tpm_chip *chip,
> const u8 *buf, size_t bufsiz,
> goto out;
>
> out_recv:
> - rc = chip->ops->recv(chip, (u8 *) buf, bufsiz);
> - if (rc < 0)
> + len = chip->ops
On Thu, Jan 12, 2017 at 07:46:08PM +0200, Jarkko Sakkinen wrote:
> struct tpm_chip {
> - struct device dev;
> - struct cdev cdev;
> + struct device dev, devrm;
Hum.. devrm adds a new kref but doesn't do anything with the release
function, so that is going to use after free, ie here:
On Thu, Jan 12, 2017 at 07:08:53PM +0100, Maciej S. Szmigiero wrote:
> Since commit 1107d065fdf1 ("tpm_tis: Introduce intermediate layer for TPM
> access") Atmel 3203 TPM on ThinkPad X61S (TPM firmware version 13.9) no
> longer works.
> It turns out the initialization proceeds fine until we get and
On Thu, Jan 12, 2017 at 07:12:06PM +0100, Maciej S. Szmigiero wrote:
> probe_itpm() function is supposed to send command without an itpm flag set
> and if this fails to repeat it, this time with the itpm flag set.
>
> However, commit 41a5e1cf1fe15 ("tpm/tpm_tis: Split tpm_tis driver into a
> core
On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote:
> From: James Bottomley
>
> Currently the Resource Manager (RM) is not exposed to userspace.
> Make
> this exposure via a separate device, which can now be opened multiple
> times because each read/write transaction goes separately via t
Hi Jason,
On 12.01.2017 19:42, Jason Gunthorpe wrote:
> On Thu, Jan 12, 2017 at 07:08:53PM +0100, Maciej S. Szmigiero wrote:
>> Since commit 1107d065fdf1 ("tpm_tis: Introduce intermediate layer for TPM
>> access") Atmel 3203 TPM on ThinkPad X61S (TPM firmware version 13.9) no
>> longer works.
>> I
On 12.01.2017 19:50, Jason Gunthorpe wrote:
> On Thu, Jan 12, 2017 at 07:12:06PM +0100, Maciej S. Szmigiero wrote:
>> probe_itpm() function is supposed to send command without an itpm flag set
>> and if this fails to repeat it, this time with the itpm flag set.
>>
>> However, commit 41a5e1cf1fe15 (
On Thu, Jan 12, 2017 at 09:09:33PM +0100, Maciej S. Szmigiero wrote:
> Hmm, I dug in history of tpm-interface.c and the code had actually rejected
> zero timeouts until commit 8e54caf407b98e (this is the commit that
> introduced the Atmel 3204 workaround) and let default timeout values remain
> in
On Thu, Jan 12, 2017 at 09:09:33PM +0100, Maciej S. Szmigiero wrote:
> Hi Jason,
>
> On 12.01.2017 19:42, Jason Gunthorpe wrote:
> > On Thu, Jan 12, 2017 at 07:08:53PM +0100, Maciej S. Szmigiero wrote:
> >> Since commit 1107d065fdf1 ("tpm_tis: Introduce intermediate layer for TPM
> >> access") Atm
On Thu, Jan 12, 2017 at 10:38:30AM -0800, James Bottomley wrote:
> On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote:
> > @@ -435,17 +440,23 @@ ssize_t tpm_transmit(struct tpm_chip *chip,
> > const u8 *buf, size_t bufsiz,
> > goto out;
> >
> > out_recv:
> > - rc = chip->ops->
On Thu, Jan 12, 2017 at 07:46:04PM +0200, Jarkko Sakkinen wrote:
> Check for every TPM 2.0 command that the command code is supported and
> the command buffer has at least the length that can contain the header
> and the handle area.
>
> Signed-off-by: Jarkko Sakkinen
I think this could be bundl
On Thu, Jan 12, 2017 at 07:12:06PM +0100, Maciej S. Szmigiero wrote:
> probe_itpm() function is supposed to send command without an itpm flag set
> and if this fails to repeat it, this time with the itpm flag set.
>
> However, commit 41a5e1cf1fe15 ("tpm/tpm_tis: Split tpm_tis driver into a
> core
On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote:
> +static int tpm2_map_response(struct tpm_chip *chip, u32 cc, u8 *rsp,
> size_t len)
> +{
> + struct tpm_space *space = &chip->work_space;
> + u32 phandle;
> + u32 vhandle;
> + u32 attrs;
> + int i;
> + i
On Thu, Jan 12, 2017 at 07:40:43PM +0200, Jarkko Sakkinen wrote:
> On Tue, Jan 10, 2017 at 05:04:04PM -0500, Stefan Berger wrote:
> > Make sure that we have not received less bytes than what is indicated
> > in the header of the TPM response. Also, check the number of bytes in
> > the response befo
On Thu, Jan 12, 2017 at 07:46:06PM +0200, Jarkko Sakkinen wrote:
> Added ability to tpm_transmit() to supply a TPM space that contains
> mapping from virtual handles to physical handles and backing storage for
> swapping transient objects. TPM space is isolated from other users of
> the TPM.
>
> S
On Thu, Jan 12, 2017 at 07:46:08PM +0200, Jarkko Sakkinen wrote:
> From: James Bottomley
>
> Currently the Resource Manager (RM) is not exposed to userspace. Make
> this exposure via a separate device, which can now be opened multiple
> times because each read/write transaction goes separately v
On 12.01.2017 21:20, Jarkko Sakkinen wrote:
> On Thu, Jan 12, 2017 at 09:09:33PM +0100, Maciej S. Szmigiero wrote:
>> Hi Jason,
>>
>> On 12.01.2017 19:42, Jason Gunthorpe wrote:
(..)
>>> Can you also add a check for 0 timeouts in the core code and print a
>>> FW_BUG :\
>>
>> Hmm, I dug in history o
Rename TPM_TIS_ITPM_POSSIBLE to TPM_TIS_ITPM_WORKAROUND since it gives a
better idea what this flag actually does.
Suggested-by: Jason Gunthorpe
Signed-off-by: Maciej S. Szmigiero
---
This needs "tpm_tis: fix iTPM probe via probe_itpm() function"
applied first.
drivers/char/tpm/tpm_tis.c
On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote:
> @@ -189,6 +190,12 @@ struct tpm_chip *tpm_chip_alloc(struct device
> *pdev,
> chip->cdev.owner = THIS_MODULE;
> chip->cdev.kobj.parent = &chip->dev.kobj;
>
> + chip->work_space.context_buf = kzalloc(PAGE_SIZE,
> GFP_KERNEL
Make sure that we have not received less bytes than what is indicated
in the header of the TPM response. Also, check the number of bytes in
the response before accessing its data.
Signed-off-by: Stefan Berger
---
drivers/char/tpm/tpm-interface.c | 59 +--
drivers/char
On 01/12/2017 03:39 PM, Jarkko Sakkinen wrote:
> On Thu, Jan 12, 2017 at 07:40:43PM +0200, Jarkko Sakkinen wrote:
>> On Tue, Jan 10, 2017 at 05:04:04PM -0500, Stefan Berger wrote:
>>> Make sure that we have not received less bytes than what is indicated
>>> in the header of the TPM response. Also,
On 01/12/2017 11:50 PM, Jarkko Sakkinen wrote:
> On Thu, Jan 12, 2017 at 11:58:10AM -0500, Nayna Jain wrote:
>> The current TPM 2.0 device driver extends only the SHA1 PCR bank
>> but the TCG Specification[1] recommends extending all active PCR
>> banks, to prevent malicious users from setting un
On 01/12/2017 11:55 PM, Jarkko Sakkinen wrote:
> On Thu, Jan 12, 2017 at 11:58:09AM -0500, Nayna Jain wrote:
>> This patch implements the TPM 2.0 capability TPM_CAP_PCRS to
>> retrieve the active PCR banks from the TPM. This is needed
>> to enable extending all active banks as recommended by TPM
44 matches
Mail list logo
