<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/drivers/char/tpm, branch v4.11</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>tpm: declare tpm2_get_pcr_allocation() as static</title>
<updated>2017-02-20T11:23:18+00:00</updated>
<author>
<name>Jarkko Sakkinen</name>
<email>jarkko.sakkinen@linux.intel.com</email>
</author>
<published>2017-02-15T18:02:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=61841be6358c03e864ad4c386c9a102edbba9cb8'/>
<id>61841be6358c03e864ad4c386c9a102edbba9cb8</id>
<content type='text'>
There's no need to export tpm2_get_pcr_alloation() because it is only
a helper function for tpm2_auto_startup(). For the same reason it does
not make much sense to maintain documentation for it.

Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
There's no need to export tpm2_get_pcr_alloation() because it is only
a helper function for tpm2_auto_startup(). For the same reason it does
not make much sense to maintain documentation for it.

Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm: Fix expected number of response bytes of TPM1.2 PCR Extend</title>
<updated>2017-02-15T18:09:52+00:00</updated>
<author>
<name>Stefan Berger</name>
<email>stefanb@linux.vnet.ibm.com</email>
</author>
<published>2017-02-15T16:56:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=51b0be640cf6e2cb63a7cf4d9c7c4acd3ad5afd0'/>
<id>51b0be640cf6e2cb63a7cf4d9c7c4acd3ad5afd0</id>
<content type='text'>
The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
which is the size of the PCR state.

This fixes a problem where IMA gets errors with every PCR Extend.

Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
Signed-off-by: Stefan Berger &lt;stefanb@linux.vnet.ibm.com&gt;
Acked-by: Mimi Zohar &lt;zohar@us.ibm.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
which is the size of the PCR state.

This fixes a problem where IMA gets errors with every PCR Extend.

Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
Signed-off-by: Stefan Berger &lt;stefanb@linux.vnet.ibm.com&gt;
Acked-by: Mimi Zohar &lt;zohar@us.ibm.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm xen: drop unneeded chip variable</title>
<updated>2017-02-14T17:24:33+00:00</updated>
<author>
<name>Julia Lawall</name>
<email>Julia.Lawall@lip6.fr</email>
</author>
<published>2017-02-05T21:39:37+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=5cec5bacd37784a1596d2f8fea377212948a0bf4'/>
<id>5cec5bacd37784a1596d2f8fea377212948a0bf4</id>
<content type='text'>
The call that used chip was dropped in 1f0f30e404b3.  Drop the
leftover declaration and initialization.

Signed-off-by: Julia Lawall &lt;Julia.Lawall@lip6.fr&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The call that used chip was dropped in 1f0f30e404b3.  Drop the
leftover declaration and initialization.

Signed-off-by: Julia Lawall &lt;Julia.Lawall@lip6.fr&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm: fix misspelled "facilitate" in module parameter description</title>
<updated>2017-02-14T17:24:33+00:00</updated>
<author>
<name>Dmitry Torokhov</name>
<email>dmitry.torokhov@gmail.com</email>
</author>
<published>2017-02-06T04:47:18+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=39f5712b8f0167b446dd8a0a3754d6cd50e27dd8'/>
<id>39f5712b8f0167b446dd8a0a3754d6cd50e27dd8</id>
<content type='text'>
I typoed "facilitate" as "faciltate" a few years back...

Signed-off-by: Dmitry Torokhov &lt;dmitry.torokhov@gmail.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
I typoed "facilitate" as "faciltate" a few years back...

Signed-off-by: Dmitry Torokhov &lt;dmitry.torokhov@gmail.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm_tis: fix the error handling of init_tis()</title>
<updated>2017-02-14T17:24:33+00:00</updated>
<author>
<name>Wei Yongjun</name>
<email>weiyongjun1@huawei.com</email>
</author>
<published>2017-02-07T15:51:47+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=5939eaf4f9d432586dd2cdeea778506471e8088e'/>
<id>5939eaf4f9d432586dd2cdeea778506471e8088e</id>
<content type='text'>
Add the missing platform_driver_unregister() and remove the duplicate
platform_device_unregister(force_pdev) in the error handling case.

Fixes: 00194826e6be ("tpm_tis: Clean up the force=1 module parameter")
Cc: stable@vger.kernel.org
Signed-off-by: Wei Yongjun &lt;weiyongjun1@huawei.com&gt;
Reviewed-by: Jason Gunthorpe &lt;jgunthorpe@obsidianresearch.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Add the missing platform_driver_unregister() and remove the duplicate
platform_device_unregister(force_pdev) in the error handling case.

Fixes: 00194826e6be ("tpm_tis: Clean up the force=1 module parameter")
Cc: stable@vger.kernel.org
Signed-off-by: Wei Yongjun &lt;weiyongjun1@huawei.com&gt;
Reviewed-by: Jason Gunthorpe &lt;jgunthorpe@obsidianresearch.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm: silence an array overflow warning</title>
<updated>2017-02-03T20:33:55+00:00</updated>
<author>
<name>Dan Carpenter</name>
<email>dan.carpenter@oracle.com</email>
</author>
<published>2017-02-03T10:30:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=70ea163699b68963e222a905e184f6436e8a290d'/>
<id>70ea163699b68963e222a905e184f6436e8a290d</id>
<content type='text'>
We should check that we're within bounds first before checking that
"chip-&gt;active_banks[i] != TPM2_ALG_ERROR" so I've re-ordered the two
checks.

Signed-off-by: Dan Carpenter &lt;dan.carpenter@oracle.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
We should check that we're within bounds first before checking that
"chip-&gt;active_banks[i] != TPM2_ALG_ERROR" so I've re-ordered the two
checks.

Signed-off-by: Dan Carpenter &lt;dan.carpenter@oracle.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm: fix the type of owned field in cap_t</title>
<updated>2017-02-03T20:03:14+00:00</updated>
<author>
<name>Stefan Berger</name>
<email>stefanb@linux.vnet.ibm.com</email>
</author>
<published>2017-01-31T18:43:59+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=a118cf2a5b5a0d4541d04e8e8fcde8564803330c'/>
<id>a118cf2a5b5a0d4541d04e8e8fcde8564803330c</id>
<content type='text'>
In cap_t the size of the type bool is assumed to be one byte. This
commit sorts out the issue by changing the type to u8.

Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
Signed-off-by: Stefan Berger &lt;stefanb@linux.vnet.ibm.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
In cap_t the size of the type bool is assumed to be one byte. This
commit sorts out the issue by changing the type to u8.

Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
Signed-off-by: Stefan Berger &lt;stefanb@linux.vnet.ibm.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm: add securityfs support for TPM 2.0 firmware event log</title>
<updated>2017-02-03T20:03:14+00:00</updated>
<author>
<name>Nayna Jain</name>
<email>nayna@linux.vnet.ibm.com</email>
</author>
<published>2017-01-23T07:26:27+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=4d23cc323cdbee1cbcd8a7f059fff9ef2b0c473d'/>
<id>4d23cc323cdbee1cbcd8a7f059fff9ef2b0c473d</id>
<content type='text'>
Unlike the device driver support for TPM 1.2, the TPM 2.0 does
not support the securityfs pseudo files for displaying the
firmware event log.

This patch enables support for providing the TPM 2.0 event log in
binary form. TPM 2.0 event log supports a crypto agile format that
records multiple digests, which is different from TPM 1.2. This
patch enables the tpm_bios_log_setup for TPM 2.0  and adds the
event log parser which understand the TPM 2.0 crypto agile format.

Signed-off-by: Nayna Jain &lt;nayna@linux.vnet.ibm.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Kenneth Goldman &lt;kgold@linux.vnet.ibm.com&gt;
Tested-by: Stefan Berger &lt;stefanb@linux.vnet.ibm.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Unlike the device driver support for TPM 1.2, the TPM 2.0 does
not support the securityfs pseudo files for displaying the
firmware event log.

This patch enables support for providing the TPM 2.0 event log in
binary form. TPM 2.0 event log supports a crypto agile format that
records multiple digests, which is different from TPM 1.2. This
patch enables the tpm_bios_log_setup for TPM 2.0  and adds the
event log parser which understand the TPM 2.0 crypto agile format.

Signed-off-by: Nayna Jain &lt;nayna@linux.vnet.ibm.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Kenneth Goldman &lt;kgold@linux.vnet.ibm.com&gt;
Tested-by: Stefan Berger &lt;stefanb@linux.vnet.ibm.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm: enhance read_log_of() to support Physical TPM event log</title>
<updated>2017-02-03T20:03:14+00:00</updated>
<author>
<name>Nayna Jain</name>
<email>nayna@linux.vnet.ibm.com</email>
</author>
<published>2017-01-23T07:26:26+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=e46e22f12b19f0068b02afcf6edb716b4f49934f'/>
<id>e46e22f12b19f0068b02afcf6edb716b4f49934f</id>
<content type='text'>
Physical TPMs use Open Firmware Device Tree bindings that are similar
to the IBM Power virtual TPM to support event log. However, these
properties store the values in different endianness for Physical
and Virtual TPM.

This patch fixes the endianness issue by doing appropriate conversion
based on Physical or Virtual TPM.

Signed-off-by: Nayna Jain &lt;nayna@linux.vnet.ibm.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Kenneth Goldman &lt;kgold@linux.vnet.ibm.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Physical TPMs use Open Firmware Device Tree bindings that are similar
to the IBM Power virtual TPM to support event log. However, these
properties store the values in different endianness for Physical
and Virtual TPM.

This patch fixes the endianness issue by doing appropriate conversion
based on Physical or Virtual TPM.

Signed-off-by: Nayna Jain &lt;nayna@linux.vnet.ibm.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Kenneth Goldman &lt;kgold@linux.vnet.ibm.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm: enhance TPM 2.0 PCR extend to support multiple banks</title>
<updated>2017-02-03T20:03:14+00:00</updated>
<author>
<name>Nayna Jain</name>
<email>nayna@linux.vnet.ibm.com</email>
</author>
<published>2017-01-30T09:59:41+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=c1f92b4b04ad7006bdcbd1d5bb63f2864b06b7f8'/>
<id>c1f92b4b04ad7006bdcbd1d5bb63f2864b06b7f8</id>
<content type='text'>
The current TPM 2.0 device driver extends only the SHA1 PCR bank
but the TCG Specification[1] recommends extending all active PCR
banks, to prevent malicious users from setting unused PCR banks with
fake measurements and quoting them.

The existing in-kernel interface(tpm_pcr_extend()) expects only a
SHA1 digest.  To extend all active PCR banks with differing
digest sizes, the SHA1 digest is padded with trailing 0's as needed.

This patch reuses the defined digest sizes from the crypto subsystem,
adding a dependency on CRYPTO_HASH_INFO module.

[1] TPM 2.0 Specification referred here is "TCG PC Client Specific
Platform Firmware Profile for TPM 2.0"

Signed-off-by: Nayna Jain &lt;nayna@linux.vnet.ibm.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Kenneth Goldman &lt;kgold@linux.vnet.ibm.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The current TPM 2.0 device driver extends only the SHA1 PCR bank
but the TCG Specification[1] recommends extending all active PCR
banks, to prevent malicious users from setting unused PCR banks with
fake measurements and quoting them.

The existing in-kernel interface(tpm_pcr_extend()) expects only a
SHA1 digest.  To extend all active PCR banks with differing
digest sizes, the SHA1 digest is padded with trailing 0's as needed.

This patch reuses the defined digest sizes from the crypto subsystem,
adding a dependency on CRYPTO_HASH_INFO module.

[1] TPM 2.0 Specification referred here is "TCG PC Client Specific
Platform Firmware Profile for TPM 2.0"

Signed-off-by: Nayna Jain &lt;nayna@linux.vnet.ibm.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Kenneth Goldman &lt;kgold@linux.vnet.ibm.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
