Revision tags: v6.6.25, v6.6.24, v6.6.23, v6.6.16, v6.6.15, v6.6.14, v6.6.13, v6.6.12, v6.6.11, v6.6.10, v6.6.9, v6.6.8, v6.6.7, v6.6.6, v6.6.5, v6.6.4, v6.6.3, v6.6.2, v6.5.11, v6.6.1, v6.5.10, v6.6, v6.5.9, v6.5.8, v6.5.7, v6.5.6, v6.5.5, v6.5.4, v6.5.3, v6.5.2, v6.1.51, v6.5.1, v6.1.50, v6.5, v6.1.49, v6.1.48, v6.1.46, v6.1.45, v6.1.44, v6.1.43, v6.1.42, v6.1.41, v6.1.40, v6.1.39, v6.1.38, v6.1.37, v6.1.36, v6.4, v6.1.35, v6.1.34, v6.1.33, v6.1.32, v6.1.31, v6.1.30, v6.1.29, v6.1.28, v6.1.27, v6.1.26, v6.3, v6.1.25, v6.1.24, v6.1.23, v6.1.22, v6.1.21, v6.1.20, v6.1.19, v6.1.18, v6.1.17, v6.1.16, v6.1.15, v6.1.14, v6.1.13, v6.2, v6.1.12, v6.1.11, v6.1.10, v6.1.9, v6.1.8, v6.1.7, v6.1.6, v6.1.5, v6.0.19, v6.0.18, v6.1.4, v6.1.3, v6.0.17, v6.1.2, v6.0.16, v6.1.1, v6.0.15, v6.0.14, v6.0.13, v6.1, v6.0.12, v6.0.11, v6.0.10, v5.15.80, v6.0.9, v5.15.79, v6.0.8, v5.15.78, v6.0.7, v5.15.77, v5.15.76, v6.0.6, v6.0.5, v5.15.75, v6.0.4, v6.0.3, v6.0.2, v5.15.74, v5.15.73, v6.0.1, v5.15.72, v6.0, v5.15.71, v5.15.70, v5.15.69, v5.15.68, v5.15.67, v5.15.66, v5.15.65, v5.15.64, v5.15.63, v5.15.62, v5.15.61, v5.15.60, v5.15.59, v5.19, v5.15.58, v5.15.57, v5.15.56, v5.15.55, v5.15.54, v5.15.53, v5.15.52, v5.15.51, v5.15.50, v5.15.49, v5.15.48, v5.15.47, v5.15.46, v5.15.45, v5.15.44, v5.15.43, v5.15.42, v5.18, v5.15.41, v5.15.40, v5.15.39, v5.15.38, v5.15.37, v5.15.36, v5.15.35, v5.15.34, v5.15.33, v5.15.32, v5.15.31, v5.17, v5.15.30, v5.15.29, v5.15.28, v5.15.27, v5.15.26, v5.15.25, v5.15.24, v5.15.23, v5.15.22, v5.15.21, v5.15.20, v5.15.19, v5.15.18, v5.15.17, v5.4.173, v5.15.16, v5.15.15, v5.16, v5.15.10, v5.15.9, v5.15.8 |
|
#
0aa69878 |
| 13-Dec-2021 |
axelj <axelj@axis.com> |
tpm: Add Upgrade/Reduced mode support for TPM2 modules
If something went wrong during the TPM firmware upgrade, like power failure or the firmware image file get corrupted, the TPM might end up in U
tpm: Add Upgrade/Reduced mode support for TPM2 modules
If something went wrong during the TPM firmware upgrade, like power failure or the firmware image file get corrupted, the TPM might end up in Upgrade or Failure mode upon the next start. The state is persistent between the TPM power cycle/restart.
According to TPM specification: * If the TPM is in Upgrade mode, it will answer with TPM2_RC_UPGRADE to all commands except TPM2_FieldUpgradeData(). It may also accept other commands if it is able to complete them using the previously installed firmware. * If the TPM is in Failure mode, it will allow performing TPM initialization but will not provide any crypto operations. Will happily respond to Field Upgrade calls.
Change the behavior of the tpm2_auto_startup(), so it detects the active running mode of the TPM by adding the following checks. If tpm2_do_selftest() call returns TPM2_RC_UPGRADE, the TPM is in Upgrade mode. If the TPM is in Failure mode, it will successfully respond to both tpm2_do_selftest() and tpm2_startup() calls. Although, will fail to answer to tpm2_get_cc_attrs_tbl(). Use this fact to conclude that TPM is in Failure mode.
If detected that the TPM is in the Upgrade or Failure mode, the function sets TPM_CHIP_FLAG_FIRMWARE_UPGRADE_MODE flag.
The TPM_CHIP_FLAG_FIRMWARE_UPGRADE_MODE flag is used later during driver initialization/deinitialization to disable functionality which makes no sense or will fail in the current TPM state. Following functionality is affected: * Do not register TPM as a hwrng * Do not register sysfs entries which provide information impossible to obtain in limited mode * Do not register resource managed character device
Signed-off-by: axelj <axelj@axis.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
show more ...
|
Revision tags: v5.15.7, v5.15.6, v5.15.5, v5.15.4, v5.15.3, v5.15.2, v5.15.1, v5.15, v5.14.14, v5.14.13, v5.14.12, v5.14.11, v5.14.10, v5.14.9, v5.14.8, v5.14.7, v5.14.6, v5.10.67, v5.10.66, v5.14.5, v5.14.4, v5.10.65, v5.14.3, v5.10.64, v5.14.2, v5.10.63, v5.14.1, v5.10.62, v5.14, v5.10.61, v5.10.60, v5.10.53, v5.10.52, v5.10.51, v5.10.50, v5.10.49, v5.13, v5.10.46, v5.10.43, v5.10.42, v5.10.41, v5.10.40, v5.10.39, v5.4.119, v5.10.36, v5.10.35, v5.10.34, v5.4.116, v5.10.33, v5.12, v5.10.32, v5.10.31, v5.10.30, v5.10.27, v5.10.26, v5.10.25, v5.10.24, v5.10.23, v5.10.22, v5.10.21, v5.10.20, v5.10.19, v5.4.101, v5.10.18, v5.10.17, v5.11, v5.10.16, v5.10.15, v5.10.14 |
|
#
aab73d95 |
| 13-Jan-2021 |
James Bottomley <James.Bottomley@HansenPartnership.com> |
tpm: add sysfs exports for all banks of PCR registers
Create sysfs per hash groups with 24 PCR files in them one group, named pcr-<hash>, for each agile hash of the TPM. The files are plugged in to
tpm: add sysfs exports for all banks of PCR registers
Create sysfs per hash groups with 24 PCR files in them one group, named pcr-<hash>, for each agile hash of the TPM. The files are plugged in to a PCR read function which is TPM version agnostic, so this works also for TPM 1.2 but the hash is only sha1 in that case.
Note: the macros used to create the hashes emit spurious checkpatch warnings. Do not try to "fix" them as checkpatch recommends, otherwise they'll break.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Tested-by: Thiago Jung Bauermann <bauerman@linux.ibm.com> Tested-by: Jarkko Sakkinen <jarkko@kernel.org> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
show more ...
|
Revision tags: v5.10, v5.8.17, v5.8.16, v5.8.15, v5.9, v5.8.14, v5.8.13, v5.8.12, v5.8.11, v5.8.10, v5.8.9, v5.8.8, v5.8.7, v5.8.6, v5.4.62, v5.8.5, v5.8.4, v5.4.61, v5.8.3, v5.4.60, v5.8.2, v5.4.59, v5.8.1, v5.4.58, v5.4.57, v5.4.56, v5.8, v5.7.12, v5.4.55 |
|
#
e08c6d3b |
| 30-Jul-2020 |
Andy Shevchenko <andriy.shevchenko@linux.intel.com> |
tpm: use %*ph to print small buffer
Use %*ph format to print small buffer as hex string.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Reviewed-by: Petr Vorel <pvorel@suse.cz>
tpm: use %*ph to print small buffer
Use %*ph format to print small buffer as hex string.
Signed-off-by: Andy Shevchenko <andriy.shevchenko@linux.intel.com> Reviewed-by: Petr Vorel <pvorel@suse.cz> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
show more ...
|
Revision tags: v5.7.11, v5.4.54, v5.7.10, v5.4.53, v5.4.52, v5.7.9, v5.7.8, v5.4.51, v5.4.50, v5.7.7, v5.4.49, v5.7.6, v5.7.5, v5.4.48, v5.7.4, v5.7.3, v5.4.47, v5.4.46, v5.7.2, v5.4.45, v5.7.1, v5.4.44, v5.7, v5.4.43, v5.4.42, v5.4.41, v5.4.40, v5.4.39, v5.4.38, v5.4.37, v5.4.36, v5.4.35, v5.4.34, v5.4.33, v5.4.32, v5.4.31, v5.4.30, v5.4.29, v5.6, v5.4.28, v5.4.27, v5.4.26, v5.4.25, v5.4.24, v5.4.23, v5.4.22, v5.4.21, v5.4.20, v5.4.19, v5.4.18, v5.4.17, v5.4.16, v5.5, v5.4.15, v5.4.14, v5.4.13, v5.4.12, v5.4.11, v5.4.10, v5.4.9, v5.4.8, v5.4.7, v5.4.6, v5.4.5, v5.4.4, v5.4.3, v5.3.15, v5.4.2, v5.4.1, v5.3.14, v5.4, v5.3.13, v5.3.12, v5.3.11, v5.3.10, v5.3.9 |
|
#
7084eddf |
| 30-Oct-2019 |
Jerry Snitselaar <jsnitsel@redhat.com> |
tpm: Add tpm_version_major sysfs file
Easily determining what TCG version a tpm device implements has been a pain point for userspace for a long time, so add a sysfs file to report the TCG major ver
tpm: Add tpm_version_major sysfs file
Easily determining what TCG version a tpm device implements has been a pain point for userspace for a long time, so add a sysfs file to report the TCG major version of a tpm device.
Also add an entry to Documentation/ABI/stable/sysfs-class-tpm describing the new file.
Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Cc: Mimi Zohar <zohar@linux.ibm.com> Cc: Peter Huewe <peterhuewe@gmx.de> Cc: Jason Gunthorpe <jgg@ziepe.ca> Cc: linux-integrity@vger.kernel.org Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: Mimi Zohar <zohar@linux.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
show more ...
|
Revision tags: v5.3.8, v5.3.7, v5.3.6, v5.3.5, v5.3.4, v5.3.3, v5.3.2, v5.3.1, v5.3, v5.2.14, v5.3-rc8, v5.2.13, v5.2.12 |
|
#
f2f5820e |
| 02-Sep-2019 |
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
tpm: Remove duplicate code from caps_show() in tpm-sysfs.c
Replace existing TPM 1.x version structs with new structs that consolidate the common parts into a single struct so that code duplication i
tpm: Remove duplicate code from caps_show() in tpm-sysfs.c
Replace existing TPM 1.x version structs with new structs that consolidate the common parts into a single struct so that code duplication is no longer needed in caps_show().
Cc: Peter Huewe <peterhuewe@gmx.de> Cc: Jason Gunthorpe <jgg@ziepe.ca> Cc: Alexey Klimov <aklimov@redhat.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Tested-by: Jerry Snitselaar <jsnitsel@redhat.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
show more ...
|
Revision tags: v5.2.11, v5.2.10, v5.2.9, v5.2.8, v5.2.7, v5.2.6, v5.2.5, v5.2.4, v5.2.3, v5.2.2, v5.2.1 |
|
#
28eba2fd |
| 08-Jul-2019 |
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
tpm: Remove a deprecated comments about implicit sysfs locking
Remove all comments about implicit locking tpm-sysfs.c as the file was updated in Linux v5.1 to use explicit locking.
Signed-off-by: J
tpm: Remove a deprecated comments about implicit sysfs locking
Remove all comments about implicit locking tpm-sysfs.c as the file was updated in Linux v5.1 to use explicit locking.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
show more ...
|
Revision tags: v5.2, v5.1.16, v5.1.15, v5.1.14, v5.1.13, v5.1.12, v5.1.11, v5.1.10, v5.1.9, v5.1.8, v5.1.7 |
|
#
b886d83c |
| 01-Jun-2019 |
Thomas Gleixner <tglx@linutronix.de> |
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
Based on 1 normalized pattern(s):
this program is free software you can redistribute it and or modify it under the terms of th
treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 441
Based on 1 normalized pattern(s):
this program is free software you can redistribute it and or modify it under the terms of the gnu general public license as published by the free software foundation version 2 of the license
extracted by the scancode license scanner the SPDX license identifier
GPL-2.0-only
has been chosen to replace the boilerplate/reference in 315 file(s).
Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Allison Randal <allison@lohutok.net> Reviewed-by: Armijn Hemel <armijn@tjaldur.nl> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190531190115.503150771@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
show more ...
|
Revision tags: v5.1.6, v5.1.5, v5.1.4, v5.1.3, v5.1.2, v5.1.1, v5.0.14, v5.1, v5.0.13, v5.0.12, v5.0.11, v5.0.10, v5.0.9, v5.0.8, v5.0.7, v5.0.6, v5.0.5, v5.0.4, v5.0.3, v4.19.29, v5.0.2, v4.19.28, v5.0.1, v4.19.27, v5.0, v4.19.26, v4.19.25, v4.19.24, v4.19.23, v4.19.22, v4.19.21, v4.19.20, v4.19.19, v4.19.18, v4.19.17, v4.19.16, v4.19.15, v4.19.14, v4.19.13, v4.19.12, v4.19.11, v4.19.10, v4.19.9, v4.19.8, v4.19.7, v4.19.6, v4.19.5, v4.19.4, v4.18.20, v4.19.3, v4.18.19, v4.19.2, v4.18.18 |
|
#
47a6c28b |
| 04-Nov-2018 |
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
tpm: remove @flags from tpm_transmit()
Remove @flags from tpm_transmit() API. It is no longer used for anything.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan
tpm: remove @flags from tpm_transmit()
Remove @flags from tpm_transmit() API. It is no longer used for anything.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
show more ...
|
Revision tags: v4.18.17, v4.19.1 |
|
#
2677ca98 |
| 04-Nov-2018 |
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
tpm: use tpm_try_get_ops() in tpm-sysfs.c.
Use tpm_try_get_ops() in tpm-sysfs.c so that we can consider moving other decorations (locking, localities, power management for example) inside it. This d
tpm: use tpm_try_get_ops() in tpm-sysfs.c.
Use tpm_try_get_ops() in tpm-sysfs.c so that we can consider moving other decorations (locking, localities, power management for example) inside it. This direction can be of course taken only after other call sites for tpm_transmit() have been treated in the same way.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
show more ...
|
#
5faafbab |
| 03-Nov-2018 |
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
tpm: remove @space from tpm_transmit()
Remove @space from tpm_transmit() API` in order to completely remove the bound between low-level transmission functionality and TPM spaces. The only real depen
tpm: remove @space from tpm_transmit()
Remove @space from tpm_transmit() API` in order to completely remove the bound between low-level transmission functionality and TPM spaces. The only real dependency existing is the amount of data saved before trying to send a command to the TPM.
It doesn't really matter if we save always a bit more than needed so this commit changes the amount saved always to be the size of the TPM header and three handles.
Cc: James Bottomley <James.Bottomley@HansenPartnership.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
show more ...
|
#
41484674 |
| 04-Nov-2018 |
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
tpm: return 0 from pcrs_show() when tpm1_pcr_read() fails
Do not print partial list of PCRs when tpm1_pcr_read() fails but instead return 0 from pcrs_show(). This is consistent behavior with other s
tpm: return 0 from pcrs_show() when tpm1_pcr_read() fails
Do not print partial list of PCRs when tpm1_pcr_read() fails but instead return 0 from pcrs_show(). This is consistent behavior with other sysfs functions.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
show more ...
|
#
c6286100 |
| 04-Nov-2018 |
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
tpm: fix invalid return value in pubek_show()
Return zero when tpm_buf_init() fails as we do for other functions in tpm-sysfs.c.
Fixes: da379f3c1db0c ("tpm: migrate pubek_show to struct tpm_buf") S
tpm: fix invalid return value in pubek_show()
Return zero when tpm_buf_init() fails as we do for other functions in tpm-sysfs.c.
Fixes: da379f3c1db0c ("tpm: migrate pubek_show to struct tpm_buf") Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
show more ...
|
#
412eb585 |
| 26-Oct-2018 |
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
tpm: use tpm_buf in tpm_transmit_cmd() as the IO parameter
Since we pass an initialized struct tpm_buf instance in every call site now, it is cleaner to pass that directly to the tpm_transmit_cmd()
tpm: use tpm_buf in tpm_transmit_cmd() as the IO parameter
Since we pass an initialized struct tpm_buf instance in every call site now, it is cleaner to pass that directly to the tpm_transmit_cmd() as the TPM command/response buffer.
Fine-tune a little bit tpm_transmit() and tpm_transmit_cmd() comments while doing this.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com> Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
show more ...
|
Revision tags: v4.19, v4.18.16 |
|
#
95adc6b4 |
| 19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: use u32 instead of int for PCR index
The TPM specs defines PCR index as a positive number, and there is no reason to use a signed number. It is also a possible security issue as currently no fu
tpm: use u32 instead of int for PCR index
The TPM specs defines PCR index as a positive number, and there is no reason to use a signed number. It is also a possible security issue as currently no functions check for a negative index, which may become a large number when converted to u32.
Adjust the API to use u32 instead of int in all PCR related functions.
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
show more ...
|
#
cfddcb05 |
| 19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read()
Rename tpm1_pcr_read_dev to tpm1_pcr_read() to match the counterpart tpm2_pcr_read().
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Review
tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read()
Rename tpm1_pcr_read_dev to tpm1_pcr_read() to match the counterpart tpm2_pcr_read().
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
show more ...
|
#
d4a31756 |
| 19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c
Move the tpm1 selftest code functions to tpm1-cmd.c and adjust callers to use the new function names. 1. tpm_pcr_read_dev() to tpm1_p
tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c
Move the tpm1 selftest code functions to tpm1-cmd.c and adjust callers to use the new function names. 1. tpm_pcr_read_dev() to tpm1_pcr_read_dev(). 2. tpm_continue_selftest() to tpm1_continue_selftest(). 3. tpm_do_selftest() to tpm1_do_selftest()
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
show more ...
|
#
f4d916b7 |
| 19-Oct-2018 |
Tomas Winkler <tomas.winkler@intel.com> |
tpm: move tpm_getcap to tpm1-cmd.c
1. Move tpm_getcap to tpm1-cmd. Rename the function to tpm1_getcap. 2. Remove unused tpm_getcap_header with unused constant as this functionality is already implem
tpm: move tpm_getcap to tpm1-cmd.c
1. Move tpm_getcap to tpm1-cmd. Rename the function to tpm1_getcap. 2. Remove unused tpm_getcap_header with unused constant as this functionality is already implemented using tpm_buf construct.
Fixes warning: drivers/char/tpm/tpm-interface.c:452:38: warning: ‘tpm_getcap_header’ defined but not used [-Wunused-const-variable=] static const struct tpm_input_header tpm_getcap_header = { ^~~~~~~~~~~~~~~~~ 3. Drop unused TPM_DIGEST_SIZE. It's already defined in include/linux/tpm.h
Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
show more ...
|
Revision tags: v4.18.15, v4.18.14, v4.18.13, v4.18.12, v4.18.11, v4.18.10, v4.18.9, v4.18.7, v4.18.6, v4.18.5, v4.17.18, v4.18.4, v4.18.3, v4.17.17, v4.18.2, v4.17.16, v4.17.15, v4.18.1, v4.18, v4.17.14, v4.17.13, v4.17.12, v4.17.11, v4.17.10, v4.17.9, v4.17.8, v4.17.7, v4.17.6, v4.17.5, v4.17.4, v4.17.3, v4.17.2, v4.17.1, v4.17, v4.16, v4.15, v4.13.16, v4.14, v4.13.5, v4.13, v4.12 |
|
#
da379f3c |
| 20-Jun-2017 |
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
tpm: migrate pubek_show to struct tpm_buf
Migrated pubek_show to struct tpm_buf and cleaned up its implementation. Previously the output parameter structure was declared but left completely unused.
tpm: migrate pubek_show to struct tpm_buf
Migrated pubek_show to struct tpm_buf and cleaned up its implementation. Previously the output parameter structure was declared but left completely unused. Now it is used to refer different fields of the output. We can move it to tpm-sysfs.c as it does not have any use outside of that file.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
show more ...
|
#
13b47cfc |
| 20-Jun-2017 |
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
tpm: fix a kernel memory leak in tpm-sysfs.c
While cleaning up sysfs callback that prints EK we discovered a kernel memory leak. This commit fixes the issue by zeroing the buffer used for TPM comman
tpm: fix a kernel memory leak in tpm-sysfs.c
While cleaning up sysfs callback that prints EK we discovered a kernel memory leak. This commit fixes the issue by zeroing the buffer used for TPM command/response.
The leak happen when we use either tpm_vtpm_proxy, tpm_ibmvtpm or xen-tpmfront.
Cc: stable@vger.kernel.org Fixes: 0883743825e3 ("TPM: sysfs functions consolidation") Reported-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Tested-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
show more ...
|
#
d1bd4a79 |
| 25-Jun-2017 |
Josh Zimmerman <joshz@google.com> |
tpm: Issue a TPM2_Shutdown for TPM2 devices.
If a TPM2 loses power without a TPM2_Shutdown command being issued (a "disorderly reboot"), it may lose some state that has yet to be persisted to NVRam,
tpm: Issue a TPM2_Shutdown for TPM2 devices.
If a TPM2 loses power without a TPM2_Shutdown command being issued (a "disorderly reboot"), it may lose some state that has yet to be persisted to NVRam, and will increment the DA counter. After the DA counter gets sufficiently large, the TPM will lock the user out.
NOTE: This only changes behavior on TPM2 devices. Since TPM1 uses sysfs, and sysfs relies on implicit locking on chip->ops, it is not safe to allow this code to run in TPM1, or to add sysfs support to TPM2, until that locking is made explicit.
Signed-off-by: Josh Zimmerman <joshz@google.com> Cc: stable@vger.kernel.org Fixes: 74d6b3ceaa17 ("tpm: fix suspend/resume paths for TPM 2.0") Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
show more ...
|
Revision tags: v4.10.17, v4.10.16, v4.10.15 |
|
#
a69faebf |
| 03-May-2017 |
Roberto Sassu <roberto.sassu@huawei.com> |
tpm: move endianness conversion of ordinals to tpm_input_header
Move CPU native value to big-endian conversion of ordinals to the tpm_input_header declarations.
With the previous and this patch it
tpm: move endianness conversion of ordinals to tpm_input_header
Move CPU native value to big-endian conversion of ordinals to the tpm_input_header declarations.
With the previous and this patch it will now be possible to modify TPM 1.2 functions to use tpm_buf_init(), which expects CPU native value for the tag and ordinal arguments.
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
show more ...
|
#
06e93279 |
| 03-May-2017 |
Roberto Sassu <roberto.sassu@huawei.com> |
tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header
In the long term, TPM 1.2 functions in the driver interface will be modified to use tpm_buf_init().
However, tag and ordin
tpm: move endianness conversion of TPM_TAG_RQU_COMMAND to tpm_input_header
In the long term, TPM 1.2 functions in the driver interface will be modified to use tpm_buf_init().
However, tag and ordinals cannot be passed directly to tpm_buf_init(), because this function performs CPU native to big-endian conversion of these arguments. Since TPM_TAG_RQU_COMMAND and TPM_ORD_ are already converted, passing them to the function will undo the previous conversion.
This patch moves the conversion of TPM_TAG_RQU_COMMAND from the tpm.h header file in the driver directory to the tpm_input_header declarations in the driver interface and tpm-sysfs.c.
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
show more ...
|
Revision tags: v4.10.14, v4.10.13, v4.10.12, v4.10.11, v4.10.10, v4.10.9, v4.10.8, v4.10.7, v4.10.6, v4.10.5, v4.10.4, v4.10.3, v4.10.2, v4.10.1, v4.10 |
|
#
745b361e |
| 06-Jan-2017 |
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
tpm: infrastructure for TPM spaces
Added an ability to virtualize TPM commands into an isolated context that we call a TPM space because the word context is already heavily used in the TPM specifica
tpm: infrastructure for TPM spaces
Added an ability to virtualize TPM commands into an isolated context that we call a TPM space because the word context is already heavily used in the TPM specification. Both the handle areas and bodies (where necessary) are virtualized.
The mechanism works by adding a new parameter struct tpm_space to the tpm_transmit() function. This new structure contains the list of virtual handles and a buffer of page size (currently) for backing storage.
When tpm_transmit() is called with a struct tpm_space instance it will execute the following sequence:
1. Take locks. 2. Load transient objects from the backing storage by using ContextLoad and map virtual handles to physical handles. 3. Perform the transaction. 4. Save transient objects to backing storage by using ContextSave and map resulting physical handle to virtual handle if there is such.
This commit does not implement virtualization support for hmac and policy sessions.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: James Bottomley <James.Bottomley@HansenPartnership.com> Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com>
show more ...
|
#
c659af78 |
| 19-Jan-2017 |
Stefan Berger <stefanb@linux.vnet.ibm.com> |
tpm: Check size of response before accessing data
Make sure that we have not received less bytes than what is indicated in the header of the TPM response. Also, check the number of bytes in the resp
tpm: Check size of response before accessing data
Make sure that we have not received less bytes than what is indicated in the header of the TPM response. Also, check the number of bytes in the response before accessing its data.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com>
show more ...
|
Revision tags: v4.9, openbmc-4.4-20161121-1, v4.4.33, v4.4.32 |
|
#
7518a21a |
| 14-Nov-2016 |
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> |
tpm: drop tpm1_chip_register(/unregister)
Check for TPM2 chip in tpm_sysfs_add_device, tpm_bios_log_setup and tpm_bios_log_teardown in order to make code flow cleaner and to enable to implement TPM
tpm: drop tpm1_chip_register(/unregister)
Check for TPM2 chip in tpm_sysfs_add_device, tpm_bios_log_setup and tpm_bios_log_teardown in order to make code flow cleaner and to enable to implement TPM 2.0 support later on. This is partially derived from the commit by Nayna Jain with the extension that also tpm1_chip_register is dropped.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Reviewed-by: Nayna Jain <nayna@linux.vnet.ibm.com> Tested-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com> Tested-by: Nayna Jain <nayna@linux.vnet.ibm.com>
show more ...
|