[tpmdd-devel] [PATCH 2/2] tpm2: context save and restore space managed sessions

Now that sessions are isolated, we can introduce a session_buf in the tpm2 space to save and restore them. This allows us to have many more sessions active simultaneously (up to TPM_PT_MAX_SESSIONS). As part of this, we must intercept and manually remove contexts for flushed sessions.

[tpmdd-devel] [PATCH 1/2] tpm2: add session handle isolation to tpm spaces

sessions should be isolated during each instance of a tpm space. This means that spaces shouldn't be able to see each other's sessions and also when a space is closed, all the sessions belonging to it should be flushed. This is implemented by adding a session_tbl to the space to track the

[tpmdd-devel] [PATCH 0/2] Add session isolation and context saving to the space manager

As requested, the first patch adds isolation and the second does context switching. I've also removed the flush emulation which changed transient object accounting from lazy to strict. Note that session tracking has to be strict because the TPM needs to manage these closely to avoid running out

Re: [tpmdd-devel] [PATCH v6] tpm: Check size of response before accessing data

On 01/18/2017 08:36 AM, Jarkko Sakkinen wrote: > On Tue, Jan 17, 2017 at 05:27:47PM -0500, Stefan Berger wrote: >> On 01/17/2017 09:49 AM, Jarkko Sakkinen wrote: >>> On Mon, Jan 16, 2017 at 04:41:11PM -0500, Stefan Berger wrote: >>> + * @min_rx_length: minimum expected length of response >>>

Re: [tpmdd-devel] [PATCH v4 1/2] tpm: implement TPM 2.0 capability to get active PCR banks

On 01/18/2017 07:15 PM, Jarkko Sakkinen wrote: > On Wed, Jan 18, 2017 at 03:44:49AM -0500, Nayna Jain wrote: >> This patch implements the TPM 2.0 capability TPM_CAP_PCRS to >> retrieve the active PCR banks from the TPM. This is needed >> to enable extending all active banks as recommended by TPM

Re: [tpmdd-devel] [PATCH v4 1/2] tpm: implement TPM 2.0 capability to get active PCR banks

On Wed, Jan 18, 2017 at 03:44:49AM -0500, Nayna Jain wrote: > This patch implements the TPM 2.0 capability TPM_CAP_PCRS to > retrieve the active PCR banks from the TPM. This is needed > to enable extending all active banks as recommended by TPM 2.0 > TCG Specification. > > Signed-off-by: Nayna

[tpmdd-devel] [PATCH v4 1/2] tpm: implement TPM 2.0 capability to get active PCR banks

This patch implements the TPM 2.0 capability TPM_CAP_PCRS to retrieve the active PCR banks from the TPM. This is needed to enable extending all active banks as recommended by TPM 2.0 TCG Specification. Signed-off-by: Nayna Jain --- drivers/char/tpm/tpm.h | 4

[tpmdd-devel] [PATCH v4 0/2] enhance TPM 2.0 extend function to support multiple PCR banks

IMA extends its hash measurements in the TPM PCRs, based on policy. The existing in-kernel TPM extend function extends only the SHA1 PCR bank. TPM 2.0 defines multiple PCR banks, to support different hash algorithms. The TCG TPM 2.0 Specification[1] recommends extending all active PCR banks to