[tpmdd-devel] [PATCH 0/4] Extend TPM 2.0 PCR banks each with corresponding digest

Wed, 29 Mar 2017 03:26:23 -0700 

tpm_pcr_extend() was originally designed to extend a TPM 1.2 PCR with
a SHA1 digest. With TPM 2.0, multiple hash algorithms can be supported,
but, at the moment, only one digest can be passed to the function.

Since TCG mandates that all PCR banks must be extended, commit c1f92b4
(tpm: enhance TPM 2.0 PCR extend to support multiple banks) filled
the gap by padding the SHA1 digest passed to tpm_pcr_extend(), to extend
remaining PCR banks.

This patch set adds support for providing a digest for each PCR bank.

The first patch adds an additional check to tpm2_pcr_extend() to ensure
that all digests have been provided (to meet TCG specs).

The second patch provides a mechanism for TPM users to convert a TPM
algorithm ID to a crypto ID and vice-versa, so that they can calculate
the digest of an event data by using the crypto subsystem.

The third patch allows TPM users to know which hash algorithms the TPM
supports. Since the limit of active banks is fixed (the size of the
active_banks array in the tpm_chip structure), the new function
tpm_pcr_algorithms() accepts as input a sized array.

The fourth patch introduces tpm_pcr_extend_digests(), which accepts
as input a sized array of tpm2_digest structures. Each array element
contains the algorithm and the digest for a PCR bank.

Roberto Sassu (4):
  tpm: check whether all digests have been provided for TPM 2.0 extend
  tpm: introduce tpm2_pcr_algo_to_crypto() and
    tpm2_pcr_algo_from_crypto()
  tpm: introduce tpm_pcr_algorithms()
  tpm: introduce tpm_extend_pcr_digests()

 drivers/char/tpm/tpm-interface.c | 121 +++++++++++++++++++++++++++++++++++++++
 drivers/char/tpm/tpm.h           |  19 +-----
 drivers/char/tpm/tpm2-cmd.c      |  65 +++++++++++----------
 include/linux/tpm.h              |  44 ++++++++++++++
 4 files changed, 200 insertions(+), 49 deletions(-)

-- 
2.9.3


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
tpmdd-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Reply via email to