On Thu, Jan 12, 2017 at 05:17:23PM -0800, James Bottomley wrote:
> On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote:
> > @@ -189,6 +190,12 @@ struct tpm_chip *tpm_chip_alloc(struct device
> > *pdev,
> > chip->cdev.owner = THIS_MODULE;
> > chip->cdev.kobj.parent = &chip->dev.kobj;
>
On Fri, Jan 13, 2017 at 04:42:30PM -0800, Andrey Pronin wrote:
> On Fri, Jan 13, 2017 at 05:28:57PM -0700, Jason Gunthorpe wrote:
> > On Fri, Jan 13, 2017 at 04:09:54PM -0800, Andrey Pronin wrote:
> > > Resetting TPM while processing a command may lead to issues
> > > on the next boot. Ensure that
On Fri, Jan 13, 2017 at 01:09:29PM -0500, Stefan Berger wrote:
> On 01/11/2017 02:54 AM, Nayna Jain wrote:
> > Unlike the device driver support for TPM 1.2, the TPM 2.0 does
> > not support the securityfs pseudo files for displaying the
> > firmware event log.
> >
> > This patch enables support fo
On Fri, Jan 13, 2017 at 03:19:59PM -0500, Ken Goldman wrote:
> On 1/13/2017 11:43 AM, Jarkko Sakkinen wrote:
>
> +struct tpml_digest_values {
> +u32 count;
> +struct tpmt_ha digests[TPM2_ACTIVE_PCR_BANKS];
> +} __packed;
> >>>
> >>> Please remove this structure.
On Fri, Jan 13, 2017 at 10:37:00PM +0100, Maciej S. Szmigiero wrote:
> Since commit 1107d065fdf1 ("tpm_tis: Introduce intermediate layer for TPM
> access") Atmel 3203 TPM on ThinkPad X61S (TPM firmware version 13.9) no
> longer works.
> The initialization proceeds fine until we get and start using
On Fri, Jan 13, 2017 at 09:40:08AM -0800, James Bottomley wrote:
> On Fri, 2017-01-13 at 10:25 -0700, Jason Gunthorpe wrote:
> > On Thu, Jan 12, 2017 at 10:56:28PM +0200, Jarkko Sakkinen wrote:
> >
> > > > dev_t tpm_devt;
> > >
> > > But they should have different major device numbers.
> >
> >
On Sat, Jan 14, 2017 at 12:53:15PM -0500, Ken Goldman wrote:
> On 1/13/2017 11:28 AM, Jarkko Sakkinen wrote:
>
> > > > +
> > > > + if (!tpm2_find_cc_attrs(chip, cc, &attrs)) {
> > > > + /* should never happen */
> > > > + dev_err(&chip->dev, "TPM returned a differ
On Fri, Jan 13, 2017 at 11:24:13AM -0800, James Bottomley wrote:
> Session handles are slightly more difficult to manage because any TPM
> only has a finite number of allowed handles, even if the session has
> been saved; so when you context save a session, you must not flush it
> because that woul
On Mon, Jan 16, 2017 at 12:04:15PM +0200, Jarkko Sakkinen wrote:
> On Fri, Jan 13, 2017 at 11:24:13AM -0800, James Bottomley wrote:
> > Session handles are slightly more difficult to manage because any TPM
> > only has a finite number of allowed handles, even if the session has
> > been saved; so w
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm.h | 2 ++
drivers/char/tpm/tpm2-cmd.c | 67 ++---
2 files changed, 35 insertions(+), 34 deletions(-)
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 52d805f..2661c26 100644
--
Check for every TPM 2.0 command that the command code is supported and
the command buffer has at least the length that can contain the header
and the handle area.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-interface.c | 32 -
drivers/char/tpm/tpm.h
Added ability to tpm_transmit() to supply a TPM space that contains
mapping from virtual handles to physical handles and backing storage for
swapping transient objects. TPM space is isolated from other users of
the TPM.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/Makefile| 2 +-
From: James Bottomley
Currently the Resource Manager (RM) is not exposed to userspace. Make
this exposure via a separate device, which can now be opened multiple
times because each read/write transaction goes separately via the RM.
Concurrency is protected by the chip->tpm_mutex for each read/w
This patch set adds support for TPM spaces that provide a context
for isolating and swapping transient objects. This patch set does
not yet include support for isolating policy and HMAC sessions but
it is trivial to add once the basic approach is settled (and that's
why I created an RFC patch set).
From: James Bottomley
Signed-off-by: James Bottomley
---
drivers/char/tpm/Makefile | 2 +-
drivers/char/tpm/tpm-dev-common.c | 145 ++
drivers/char/tpm/tpm-dev.c| 140
drivers/char/tpm/tpm-dev.h|
On Fri, Jan 13, 2017 at 09:36:34PM -0500, Stefan Berger wrote:
> Make sure that we have not received less bytes than what is indicated
> in the header of the TPM response. Also, check the number of bytes in
> the response before accessing its data.
>
> Signed-off-by: Stefan Berger
There are some
On Mon, Jan 16, 2017 at 03:24:09PM +0200, Jarkko Sakkinen wrote:
> On Fri, Jan 13, 2017 at 09:36:34PM -0500, Stefan Berger wrote:
> > Make sure that we have not received less bytes than what is indicated
> > in the header of the TPM response. Also, check the number of bytes in
> > the response befo
On Mon, Jan 16, 2017 at 11:42:02AM +0200, Jarkko Sakkinen wrote:
> On Fri, Jan 13, 2017 at 10:37:00PM +0100, Maciej S. Szmigiero wrote:
> > Since commit 1107d065fdf1 ("tpm_tis: Introduce intermediate layer for TPM
> > access") Atmel 3203 TPM on ThinkPad X61S (TPM firmware version 13.9) no
> > longe
On Mon, Jan 16, 2017 at 03:46:12PM +0200, Jarkko Sakkinen wrote:
> On Mon, Jan 16, 2017 at 11:42:02AM +0200, Jarkko Sakkinen wrote:
> > On Fri, Jan 13, 2017 at 10:37:00PM +0100, Maciej S. Szmigiero wrote:
> > > Since commit 1107d065fdf1 ("tpm_tis: Introduce intermediate layer for TPM
> > > access")
On Mon, 2017-01-16 at 11:09 +0200, Jarkko Sakkinen wrote:
> On Thu, Jan 12, 2017 at 05:17:23PM -0800, James Bottomley wrote:
> > On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote:
> > > @@ -189,6 +190,12 @@ struct tpm_chip *tpm_chip_alloc(struct
> > > device
> > > *pdev,
> > > chip->cdev.o
On 01/16/2017 08:24 AM, Jarkko Sakkinen wrote:
> On Fri, Jan 13, 2017 at 09:36:34PM -0500, Stefan Berger wrote:
>> Make sure that we have not received less bytes than what is indicated
>> in the header of the TPM response. Also, check the number of bytes in
>> the response before accessing its data
On Mon, Jan 16, 2017 at 06:24:48AM -0800, James Bottomley wrote:
> On Mon, 2017-01-16 at 11:09 +0200, Jarkko Sakkinen wrote:
> > On Thu, Jan 12, 2017 at 05:17:23PM -0800, James Bottomley wrote:
> > > On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote:
> > > > @@ -189,6 +190,12 @@ struct tpm_c
On Mon, 2017-01-16 at 16:48 +0200, Jarkko Sakkinen wrote:
> On Mon, Jan 16, 2017 at 06:24:48AM -0800, James Bottomley wrote:
> > On Mon, 2017-01-16 at 11:09 +0200, Jarkko Sakkinen wrote:
> > > On Thu, Jan 12, 2017 at 05:17:23PM -0800, James Bottomley wrote:
> > > > On Thu, 2017-01-12 at 19:46 +0200
On 16.01.2017 14:55, Jarkko Sakkinen wrote:
> On Mon, Jan 16, 2017 at 03:46:12PM +0200, Jarkko Sakkinen wrote:
>> On Mon, Jan 16, 2017 at 11:42:02AM +0200, Jarkko Sakkinen wrote:
>>> On Fri, Jan 13, 2017 at 10:37:00PM +0100, Maciej S. Szmigiero wrote:
Since commit 1107d065fdf1 ("tpm_tis: Intro
On 01/16/2017 08:25 AM, Jarkko Sakkinen wrote:
> On Mon, Jan 16, 2017 at 03:24:09PM +0200, Jarkko Sakkinen wrote:
>> On Fri, Jan 13, 2017 at 09:36:34PM -0500, Stefan Berger wrote:
>>> Make sure that we have not received less bytes than what is indicated
>>> in the header of the TPM response. Also,
On Fri, Jan 13, 2017 at 09:36:34PM -0500, Stefan Berger wrote:
> header = cmd;
> + if (len < be32_to_cpu(header->length) ||
> + be32_to_cpu(header->length) < min_rx_length)
> + return -EFAULT;
> err = be32_to_cpu(header->return_code);
> if (err != 0 && de
On Mon, Jan 16, 2017 at 03:12:11PM +0200, Jarkko Sakkinen wrote:
> @@ -199,7 +227,9 @@ struct tpm_chip *tpm_chip_alloc(struct device *pdev,
> return chip;
>
> out:
> + put_device(&chip->devrm);
> put_device(&chip->dev);
> + put_device(&chip->devrm);
> return ERR_PTR(rc
On Fri, Jan 13, 2017 at 04:42:30PM -0800, Andrey Pronin wrote:
> On Fri, Jan 13, 2017 at 05:28:57PM -0700, Jason Gunthorpe wrote:
> > On Fri, Jan 13, 2017 at 04:09:54PM -0800, Andrey Pronin wrote:
> > > Resetting TPM while processing a command may lead to issues
> > > on the next boot. Ensure that
On Mon, Jan 16, 2017 at 03:58:26PM +0100, Maciej S. Szmigiero wrote:
> On 16.01.2017 14:55, Jarkko Sakkinen wrote:
> > On Mon, Jan 16, 2017 at 03:46:12PM +0200, Jarkko Sakkinen wrote:
> >> On Mon, Jan 16, 2017 at 11:42:02AM +0200, Jarkko Sakkinen wrote:
> >>> On Fri, Jan 13, 2017 at 10:37:00PM +010
On Mon, Jan 16, 2017 at 06:58:44AM -0800, James Bottomley wrote:
> On Mon, 2017-01-16 at 16:48 +0200, Jarkko Sakkinen wrote:
> > On Mon, Jan 16, 2017 at 06:24:48AM -0800, James Bottomley wrote:
> > > On Mon, 2017-01-16 at 11:09 +0200, Jarkko Sakkinen wrote:
> > > > On Thu, Jan 12, 2017 at 05:17:23P
On Fri, Jan 13, 2017 at 05:10:30PM -0800, James Bottomley wrote:
> > No, it is correct as is. The cdev fops rely only on the tpm module.
> > When tpm_chip_unregister returns to the driver the chips->ops is set
> > to NULL with proper locking - the driver code becomes uncallable at
> > that point.
On Mon, Jan 16, 2017 at 09:14:13AM -0700, Jason Gunthorpe wrote:
> On Mon, Jan 16, 2017 at 03:12:11PM +0200, Jarkko Sakkinen wrote:
>
> > @@ -199,7 +227,9 @@ struct tpm_chip *tpm_chip_alloc(struct device *pdev,
> > return chip;
> >
> > out:
> > + put_device(&chip->devrm);
> > put_devi
On Mon, 2017-01-16 at 19:24 +0200, Jarkko Sakkinen wrote:
> On Mon, Jan 16, 2017 at 09:14:13AM -0700, Jason Gunthorpe wrote:
> > On Mon, Jan 16, 2017 at 03:12:11PM +0200, Jarkko Sakkinen wrote:
> >
> > > @@ -199,7 +227,9 @@ struct tpm_chip *tpm_chip_alloc(struct device
> > > *pdev,
> > > return
Make sure that we have not received less bytes than what is indicated
in the header of the TPM response. Also, check the number of bytes in
the response before accessing its data.
Signed-off-by: Stefan Berger
---
v6:
- Fixed comparsion of size_t with negative number in transmit_cmd
- Added ne
On Mon, 2017-01-16 at 12:04 +0200, Jarkko Sakkinen wrote:
> On Fri, Jan 13, 2017 at 11:24:13AM -0800, James Bottomley wrote:
> > Session handles are slightly more difficult to manage because any
> > TPM
> > only has a finite number of allowed handles, even if the session
> > has
> > been saved; so
On Mon, Jan 16, 2017 at 09:28:17AM -0800, James Bottomley wrote:
> On Mon, 2017-01-16 at 19:24 +0200, Jarkko Sakkinen wrote:
> > On Mon, Jan 16, 2017 at 09:14:13AM -0700, Jason Gunthorpe wrote:
> > > On Mon, Jan 16, 2017 at 03:12:11PM +0200, Jarkko Sakkinen wrote:
> > >
> > > > @@ -199,7 +227,9 @@
On Mon, Jan 16, 2017 at 03:18:45PM -0800, James Bottomley wrote:
> On Mon, 2017-01-16 at 12:04 +0200, Jarkko Sakkinen wrote:
> > On Fri, Jan 13, 2017 at 11:24:13AM -0800, James Bottomley wrote:
> > > Session handles are slightly more difficult to manage because any
> > > TPM
> > > only has a finite
On 01/12/2017 11:50 PM, Jarkko Sakkinen wrote:
> On Thu, Jan 12, 2017 at 11:58:10AM -0500, Nayna Jain wrote:
>> The current TPM 2.0 device driver extends only the SHA1 PCR bank
>> but the TCG Specification[1] recommends extending all active PCR
>> banks, to prevent malicious users from setting un
38 matches
Mail list logo
