Re: [tpmdd-devel] [PATCH v3 1/2] tpm: implement TPM 2.0 capability to get active PCR banks

On 01/12/2017 11:55 PM, Jarkko Sakkinen wrote: > On Thu, Jan 12, 2017 at 11:58:09AM -0500, Nayna Jain wrote: >> This patch implements the TPM 2.0 capability TPM_CAP_PCRS to >> retrieve the active PCR banks from the TPM. This is needed >> to enable extending all active banks as recommended by TPM

Re: [tpmdd-devel] [PATCH v3 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks

On 01/12/2017 11:50 PM, Jarkko Sakkinen wrote: > On Thu, Jan 12, 2017 at 11:58:10AM -0500, Nayna Jain wrote: >> The current TPM 2.0 device driver extends only the SHA1 PCR bank >> but the TCG Specification[1] recommends extending all active PCR >> banks, to prevent malicious users from setting

Re: [tpmdd-devel] [PATCH v3] tpm: Check size of response before accessing data

On 01/12/2017 03:39 PM, Jarkko Sakkinen wrote: > On Thu, Jan 12, 2017 at 07:40:43PM +0200, Jarkko Sakkinen wrote: >> On Tue, Jan 10, 2017 at 05:04:04PM -0500, Stefan Berger wrote: >>> Make sure that we have not received less bytes than what is indicated >>> in the header of the TPM response. Also,

Re: [tpmdd-devel] [PATCH RFC v2 3/5] tpm: infrastructure for TPM spaces

On Thu, Jan 12, 2017 at 07:46:06PM +0200, Jarkko Sakkinen wrote: > Added ability to tpm_transmit() to supply a TPM space that contains > mapping from virtual handles to physical handles and backing storage for > swapping transient objects. TPM space is isolated from other users of > the TPM. > >

Re: [tpmdd-devel] [PATCH v3] tpm: Check size of response before accessing data

On Thu, Jan 12, 2017 at 07:40:43PM +0200, Jarkko Sakkinen wrote: > On Tue, Jan 10, 2017 at 05:04:04PM -0500, Stefan Berger wrote: > > Make sure that we have not received less bytes than what is indicated > > in the header of the TPM response. Also, check the number of bytes in > > the response

Re: [tpmdd-devel] [PATCH RFC v2 3/5] tpm: infrastructure for TPM spaces

On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote: > +static int tpm2_map_response(struct tpm_chip *chip, u32 cc, u8 *rsp, > size_t len) > +{ > + struct tpm_space *space = >work_space; > + u32 phandle; > + u32 vhandle; > + u32 attrs; > + int i; > + int

Re: [tpmdd-devel] [PATCH] tpm_tis: fix iTPM probe via probe_itpm() function

On Thu, Jan 12, 2017 at 07:12:06PM +0100, Maciej S. Szmigiero wrote: > probe_itpm() function is supposed to send command without an itpm flag set > and if this fails to repeat it, this time with the itpm flag set. > > However, commit 41a5e1cf1fe15 ("tpm/tpm_tis: Split tpm_tis driver into a > core

Re: [tpmdd-devel] [PATCH RFC v2 3/5] tpm: infrastructure for TPM spaces

On Thu, Jan 12, 2017 at 10:38:30AM -0800, James Bottomley wrote: > On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote: > > @@ -435,17 +440,23 @@ ssize_t tpm_transmit(struct tpm_chip *chip, > > const u8 *buf, size_t bufsiz, > > goto out; > > > > out_recv: > > - rc =

Re: [tpmdd-devel] [PATCH] tpm_tis: override reported C and D timeouts for Atmel 3203

On Thu, Jan 12, 2017 at 09:09:33PM +0100, Maciej S. Szmigiero wrote: > Hi Jason, > > On 12.01.2017 19:42, Jason Gunthorpe wrote: > > On Thu, Jan 12, 2017 at 07:08:53PM +0100, Maciej S. Szmigiero wrote: > >> Since commit 1107d065fdf1 ("tpm_tis: Introduce intermediate layer for TPM > >> access")

Re: [tpmdd-devel] [PATCH RFC v2 5/5] tpm2: expose resource manager via a device link /dev/tpms

On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote: > From: James Bottomley > > Currently the Resource Manager (RM) is not exposed to userspace. > Make > this exposure via a separate device, which can now be opened multiple > times because each

Re: [tpmdd-devel] [PATCH] tpm_tis: fix iTPM probe via probe_itpm() function

On Thu, Jan 12, 2017 at 07:12:06PM +0100, Maciej S. Szmigiero wrote: > probe_itpm() function is supposed to send command without an itpm flag set > and if this fails to repeat it, this time with the itpm flag set. > > However, commit 41a5e1cf1fe15 ("tpm/tpm_tis: Split tpm_tis driver into a > core

Re: [tpmdd-devel] [PATCH] tpm_tis: override reported C and D timeouts for Atmel 3203

On Thu, Jan 12, 2017 at 07:08:53PM +0100, Maciej S. Szmigiero wrote: > Since commit 1107d065fdf1 ("tpm_tis: Introduce intermediate layer for TPM > access") Atmel 3203 TPM on ThinkPad X61S (TPM firmware version 13.9) no > longer works. > It turns out the initialization proceeds fine until we get

Re: [tpmdd-devel] [PATCH RFC v2 5/5] tpm2: expose resource manager via a device link /dev/tpms

On Thu, Jan 12, 2017 at 07:46:08PM +0200, Jarkko Sakkinen wrote: > struct tpm_chip { > - struct device dev; > - struct cdev cdev; > + struct device dev, devrm; Hum.. devrm adds a new kref but doesn't do anything with the release function, so that is going to use after free, ie here:

Re: [tpmdd-devel] [PATCH RFC v2 3/5] tpm: infrastructure for TPM spaces

On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote: > @@ -435,17 +440,23 @@ ssize_t tpm_transmit(struct tpm_chip *chip, > const u8 *buf, size_t bufsiz, > goto out; > > out_recv: > - rc = chip->ops->recv(chip, (u8 *) buf, bufsiz); > - if (rc < 0) > + len =

Re: [tpmdd-devel] [PATCH v3 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks

On Thu, Jan 12, 2017 at 11:58:10AM -0500, Nayna Jain wrote: > The current TPM 2.0 device driver extends only the SHA1 PCR bank > but the TCG Specification[1] recommends extending all active PCR > banks, to prevent malicious users from setting unused PCR banks with > fake measurements and quoting

[tpmdd-devel] [PATCH] tpm_tis: override reported C and D timeouts for Atmel 3203

Since commit 1107d065fdf1 ("tpm_tis: Introduce intermediate layer for TPM access") Atmel 3203 TPM on ThinkPad X61S (TPM firmware version 13.9) no longer works. It turns out the initialization proceeds fine until we get and start using chip-reported timeouts - and the chip reports C and D timeouts

[tpmdd-devel] [PATCH RFC v2 2/5] tpm: export tpm2_flush_context_cmd

Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm.h | 2 ++ drivers/char/tpm/tpm2-cmd.c | 65 ++--- 2 files changed, 34 insertions(+), 33 deletions(-) diff --git a/drivers/char/tpm/tpm.h

[tpmdd-devel] [PATCH RFC v2 0/5] RFC: in-kernel resource manager

This patch set adds support for TPM spaces that provide a context for isolating and swapping transient objects. This patch set does not yet include support for isolating policy and HMAC sessions but it is trivial to add once the basic approach is settled (and that's why I created an RFC patch

[tpmdd-devel] [PATCH RFC v2 5/5] tpm2: expose resource manager via a device link /dev/tpms

From: James Bottomley Currently the Resource Manager (RM) is not exposed to userspace. Make this exposure via a separate device, which can now be opened multiple times because each read/write transaction goes separately via the RM. Concurrency is

[tpmdd-devel] [PATCH RFC v2 1/5] tpm: validate TPM 2.0 commands

Check for every TPM 2.0 command that the command code is supported and the command buffer has at least the length that can contain the header and the handle area. Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm-interface.c | 32 -

[tpmdd-devel] [PATCH RFC v2 4/5] tpm: split out tpm-dev.c into tpm-dev.c and tpm-common-dev.c

From: James Bottomley Signed-off-by: James Bottomley --- drivers/char/tpm/Makefile | 2 +- drivers/char/tpm/tpm-dev-common.c | 145 ++ drivers/char/tpm/tpm-dev.c|

[tpmdd-devel] [PATCH RFC v2 3/5] tpm: infrastructure for TPM spaces

Added ability to tpm_transmit() to supply a TPM space that contains mapping from virtual handles to physical handles and backing storage for swapping transient objects. TPM space is isolated from other users of the TPM. Signed-off-by: Jarkko Sakkinen ---

Re: [tpmdd-devel] [PATCH v3] tpm: Check size of response before accessing data

On Tue, Jan 10, 2017 at 05:04:04PM -0500, Stefan Berger wrote: > Make sure that we have not received less bytes than what is indicated > in the header of the TPM response. Also, check the number of bytes in > the response before accessing its data. > > Signed-off-by: Stefan Berger

Re: [tpmdd-devel] [PATCH v2] tpm: Check size of response before accessing data

On Thu, Jan 12, 2017 at 10:18:39AM -0700, Jason Gunthorpe wrote: > On Thu, Jan 12, 2017 at 04:43:21PM +0200, Jarkko Sakkinen wrote: > > On Tue, Jan 10, 2017 at 03:15:41PM -0500, Stefan Berger wrote: > > > Make sure that we have not received less bytes than what is indicated > > > in the header of

Re: [tpmdd-devel] [PATCH v2] tpm: Check size of response before accessing data

On Thu, Jan 12, 2017 at 04:43:21PM +0200, Jarkko Sakkinen wrote: > On Tue, Jan 10, 2017 at 03:15:41PM -0500, Stefan Berger wrote: > > Make sure that we have not received less bytes than what is indicated > > in the header of the TPM response. Also, check the number of bytes in > > the response

[tpmdd-devel] [PATCH v3 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks

The current TPM 2.0 device driver extends only the SHA1 PCR bank but the TCG Specification[1] recommends extending all active PCR banks, to prevent malicious users from setting unused PCR banks with fake measurements and quoting them. The existing in-kernel interface(tpm_pcr_extend()) expects

[tpmdd-devel] [PATCH v3 0/2] tpm: enhance TPM 2.0 extend function to support multiple PCR banks

IMA extends its hash measurements in the TPM PCRs, based on policy. The existing in-kernel TPM extend function extends only the SHA1 PCR bank. TPM 2.0 defines multiple PCR banks, to support different hash algorithms. The TCG TPM 2.0 Specification[1] recommends extending all active PCR banks to

[tpmdd-devel] [PATCH v3 1/2] tpm: implement TPM 2.0 capability to get active PCR banks

This patch implements the TPM 2.0 capability TPM_CAP_PCRS to retrieve the active PCR banks from the TPM. This is needed to enable extending all active banks as recommended by TPM 2.0 TCG Specification. Signed-off-by: Nayna Jain --- drivers/char/tpm/tpm.h | 4 +++

[tpmdd-devel] TPM 2.0 RM getcapability #2

The result of getcapability for transient objects should normally be virtual handles that the application sees, not the TPM handles. However, there is a corner case - auditing the getcapability command. Audit is a TPM function that maintains a hash of commands and responses, and

[tpmdd-devel] TPM 2.0 RM getcapability #1

Question 1 of 2: The RM is virtualizing transient handles. When getcapability returns TPM handles, they have to be mapped to the virtual handles. Where should the mapping occur? RM vs. user space TSS? - The RM sees the TPM physical handles, and knows the mapping to virtual handles for that

Re: [tpmdd-devel] [PATCH 01/10] tpm: Check received number of bytes against length indicator in header

On Tue, Jan 10, 2017 at 09:18:11AM -0500, Stefan Berger wrote: > Make sure that we have not received less bytes than what is indicated > in the header of the TPM response. > > Signed-off-by: Stefan Berger NAK for the whole patch set as it is missing the cover letter.

Re: [tpmdd-devel] [PATCH v2] tpm: Check size of response before accessing data

On Tue, Jan 10, 2017 at 03:15:41PM -0500, Stefan Berger wrote: > Make sure that we have not received less bytes than what is indicated > in the header of the TPM response. Also, check the number of bytes in > the response before accessing its data. > > Signed-off-by: Stefan Berger