Now that sessions are isolated, we can introduce a session_buf in the
tpm2 space to save and restore them. This allows us to have many more
sessions active simultaneously (up to TPM_PT_MAX_SESSIONS). As part
of this, we must intercept and manually remove contexts for flushed
sessions.
sessions should be isolated during each instance of a tpm space. This
means that spaces shouldn't be able to see each other's sessions and
also when a space is closed, all the sessions belonging to it should
be flushed.
This is implemented by adding a session_tbl to the space to track the
As requested, the first patch adds isolation and the second does
context switching. I've also removed the flush emulation which changed
transient object accounting from lazy to strict. Note that session
tracking has to be strict because the TPM needs to manage these closely
to avoid running out
On 01/18/2017 08:36 AM, Jarkko Sakkinen wrote:
> On Tue, Jan 17, 2017 at 05:27:47PM -0500, Stefan Berger wrote:
>> On 01/17/2017 09:49 AM, Jarkko Sakkinen wrote:
>>> On Mon, Jan 16, 2017 at 04:41:11PM -0500, Stefan Berger wrote:
>>>
+ * @min_rx_length: minimum expected length of response
>>>
On 01/18/2017 07:15 PM, Jarkko Sakkinen wrote:
> On Wed, Jan 18, 2017 at 03:44:49AM -0500, Nayna Jain wrote:
>> This patch implements the TPM 2.0 capability TPM_CAP_PCRS to
>> retrieve the active PCR banks from the TPM. This is needed
>> to enable extending all active banks as recommended by TPM
On Wed, Jan 18, 2017 at 03:44:49AM -0500, Nayna Jain wrote:
> This patch implements the TPM 2.0 capability TPM_CAP_PCRS to
> retrieve the active PCR banks from the TPM. This is needed
> to enable extending all active banks as recommended by TPM 2.0
> TCG Specification.
>
> Signed-off-by: Nayna
This patch implements the TPM 2.0 capability TPM_CAP_PCRS to
retrieve the active PCR banks from the TPM. This is needed
to enable extending all active banks as recommended by TPM 2.0
TCG Specification.
Signed-off-by: Nayna Jain
---
drivers/char/tpm/tpm.h | 4
IMA extends its hash measurements in the TPM PCRs, based on policy.
The existing in-kernel TPM extend function extends only the SHA1
PCR bank. TPM 2.0 defines multiple PCR banks, to support different
hash algorithms. The TCG TPM 2.0 Specification[1] recommends
extending all active PCR banks to