<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/drivers/char/tpm, branch v5.1</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>tpm: Fix the type of the return value in calc_tpm2_event_size()</title>
<updated>2019-04-08T22:58:54+00:00</updated>
<author>
<name>Yue Haibing</name>
<email>yuehaibing@huawei.com</email>
</author>
<published>2019-02-20T08:25:38+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=b9d0a85d6b2e76630cfd4c475ee3af4109bfd87a'/>
<id>b9d0a85d6b2e76630cfd4c475ee3af4109bfd87a</id>
<content type='text'>
calc_tpm2_event_size() has an invalid signature because
it returns a 'size_t' where as its signature says that
it returns 'int'.

Cc: &lt;stable@vger.kernel.org&gt;
Fixes: 4d23cc323cdb ("tpm: add securityfs support for TPM 2.0 firmware event log")
Suggested-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Yue Haibing &lt;yuehaibing@huawei.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
calc_tpm2_event_size() has an invalid signature because
it returns a 'size_t' where as its signature says that
it returns 'int'.

Cc: &lt;stable@vger.kernel.org&gt;
Fixes: 4d23cc323cdb ("tpm: add securityfs support for TPM 2.0 firmware event log")
Suggested-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Yue Haibing &lt;yuehaibing@huawei.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm: fix an invalid condition in tpm_common_poll</title>
<updated>2019-04-08T22:58:53+00:00</updated>
<author>
<name>Tadeusz Struk</name>
<email>tadeusz.struk@intel.com</email>
</author>
<published>2019-03-27T18:32:38+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=7110629263469b4664d00b38ef80a656eddf3637'/>
<id>7110629263469b4664d00b38ef80a656eddf3637</id>
<content type='text'>
The poll condition should only check response_length,
because reads should only be issued if there is data to read.
The response_read flag only prevents double writes.
The problem was that the write set the response_read to false,
enqued a tpm job, and returned. Then application called poll
which checked the response_read flag and returned EPOLLIN.
Then the application called read, but got nothing.
After all that the async_work kicked in.
Added also mutex_lock around the poll check to prevent
other possible race conditions.

Fixes: 9488585b21bef0df12 ("tpm: add support for partial reads")
Reported-by: Mantas Mikulėnas &lt;grawity@gmail.com&gt;
Tested-by: Mantas Mikulėnas &lt;grawity@gmail.com&gt;
Signed-off-by: Tadeusz Struk &lt;tadeusz.struk@intel.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The poll condition should only check response_length,
because reads should only be issued if there is data to read.
The response_read flag only prevents double writes.
The problem was that the write set the response_read to false,
enqued a tpm job, and returned. Then application called poll
which checked the response_read flag and returned EPOLLIN.
Then the application called read, but got nothing.
After all that the async_work kicked in.
Added also mutex_lock around the poll check to prevent
other possible race conditions.

Fixes: 9488585b21bef0df12 ("tpm: add support for partial reads")
Reported-by: Mantas Mikulėnas &lt;grawity@gmail.com&gt;
Tested-by: Mantas Mikulėnas &lt;grawity@gmail.com&gt;
Signed-off-by: Tadeusz Struk &lt;tadeusz.struk@intel.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm: turn on TPM on suspend for TPM 1.x</title>
<updated>2019-04-08T22:58:52+00:00</updated>
<author>
<name>Jarkko Sakkinen</name>
<email>jarkko.sakkinen@linux.intel.com</email>
</author>
<published>2019-03-22T10:51:20+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=e891db1a18bf11e02533ec2386b796cfd8d60666'/>
<id>e891db1a18bf11e02533ec2386b796cfd8d60666</id>
<content type='text'>
tpm_chip_start/stop() should be also called for TPM 1.x devices on
suspend. Add that functionality back. Do not lock the chip because
it is unnecessary as there are no multiple threads using it when
doing the suspend.

Fixes: a3fbfae82b4c ("tpm: take TPM chip power gating out of tpm_transmit()")
Reported-by: Paul Zimmerman &lt;pauldzim@gmail.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Domenico Andreoli &lt;domenico.andreoli@linux.com&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
tpm_chip_start/stop() should be also called for TPM 1.x devices on
suspend. Add that functionality back. Do not lock the chip because
it is unnecessary as there are no multiple threads using it when
doing the suspend.

Fixes: a3fbfae82b4c ("tpm: take TPM chip power gating out of tpm_transmit()")
Reported-by: Paul Zimmerman &lt;pauldzim@gmail.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Domenico Andreoli &lt;domenico.andreoli@linux.com&gt;
Signed-off-by: James Morris &lt;james.morris@microsoft.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm/ppi: Enable submission of optional command parameter for PPI 1.3</title>
<updated>2019-02-13T07:48:53+00:00</updated>
<author>
<name>Stefan Berger</name>
<email>stefanb@linux.ibm.com</email>
</author>
<published>2019-01-17T17:41:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=50a81b60bfe075a0023670ff86558abd02536799'/>
<id>50a81b60bfe075a0023670ff86558abd02536799</id>
<content type='text'>
This patch enables a user to specify the additional optional command
parameter by writing it into the request file:

   # echo "23 16" &gt; request
   # cat request
   23 16

For backwards compatibility:

If only 1 parameter is given then we assume this is the operation request
number.

   # echo "5" &gt; request
   # cat request
   5

Signed-off-by: Stefan Berger &lt;stefanb@linux.ibm.com&gt;
Tested-by: David Safford &lt;david.safford@ge.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
This patch enables a user to specify the additional optional command
parameter by writing it into the request file:

   # echo "23 16" &gt; request
   # cat request
   23 16

For backwards compatibility:

If only 1 parameter is given then we assume this is the operation request
number.

   # echo "5" &gt; request
   # cat request
   5

Signed-off-by: Stefan Berger &lt;stefanb@linux.ibm.com&gt;
Tested-by: David Safford &lt;david.safford@ge.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm/ppi: Possibly show command parameter if TPM PPI 1.3 is used</title>
<updated>2019-02-13T07:48:53+00:00</updated>
<author>
<name>Stefan Berger</name>
<email>stefanb@linux.ibm.com</email>
</author>
<published>2019-01-17T17:41:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=8b60c79bcc102dba22da684c7e51e9bab1d44237'/>
<id>8b60c79bcc102dba22da684c7e51e9bab1d44237</id>
<content type='text'>
TPM PPI 1.3 introduces an additional optional command parameter
that may be needed for some commands. Display the parameter if the
command requires such a parameter. Only command 23 needs one.

The PPI request file will show output like this then:

   # echo "23 16" &gt; request
   # cat request
   23 16

   # echo "5" &gt; request
   # cat request
   5

Signed-off-by: Stefan Berger &lt;stefanb@linux.ibm.com&gt;
Tested-by: David Safford &lt;david.safford@ge.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
TPM PPI 1.3 introduces an additional optional command parameter
that may be needed for some commands. Display the parameter if the
command requires such a parameter. Only command 23 needs one.

The PPI request file will show output like this then:

   # echo "23 16" &gt; request
   # cat request
   23 16

   # echo "5" &gt; request
   # cat request
   5

Signed-off-by: Stefan Berger &lt;stefanb@linux.ibm.com&gt;
Tested-by: David Safford &lt;david.safford@ge.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm/ppi: Display up to 101 operations as define for version 1.3</title>
<updated>2019-02-13T07:48:53+00:00</updated>
<author>
<name>Stefan Berger</name>
<email>stefanb@linux.ibm.com</email>
</author>
<published>2019-01-17T17:41:33+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=9d4023ed4db6e01ff50cb68d782202c2f50760ae'/>
<id>9d4023ed4db6e01ff50cb68d782202c2f50760ae</id>
<content type='text'>
TPM PPI 1.3 defines operations up to number 101. We need to query up
to this number to show the user what the firmware implements.

Signed-off-by: Stefan Berger &lt;stefanb@linux.ibm.com&gt;
Tested-by: David Safford &lt;david.safford@ge.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
TPM PPI 1.3 defines operations up to number 101. We need to query up
to this number to show the user what the firmware implements.

Signed-off-by: Stefan Berger &lt;stefanb@linux.ibm.com&gt;
Tested-by: David Safford &lt;david.safford@ge.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm/ppi: rename TPM_PPI_REVISION_ID to TPM_PPI_REVISION_ID_1</title>
<updated>2019-02-13T07:48:52+00:00</updated>
<author>
<name>Stefan Berger</name>
<email>stefanb@linux.ibm.com</email>
</author>
<published>2019-01-17T17:41:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=09fe1b42583d0275657b388ad8a67c081863d47d'/>
<id>09fe1b42583d0275657b388ad8a67c081863d47d</id>
<content type='text'>
TPM PPI 1.3 introduces a function revision 2 for some functions. So,
rename the existing TPM_PPI_REVISION_ID to TPM_PPI_REVISION_ID_1.

Signed-off-by: Stefan Berger &lt;stefanb@linux.ibm.com&gt;
Tested-by: David Safford &lt;david.safford@ge.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
TPM PPI 1.3 introduces a function revision 2 for some functions. So,
rename the existing TPM_PPI_REVISION_ID to TPM_PPI_REVISION_ID_1.

Signed-off-by: Stefan Berger &lt;stefanb@linux.ibm.com&gt;
Tested-by: David Safford &lt;david.safford@ge.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm/ppi: pass function revision ID to tpm_eval_dsm()</title>
<updated>2019-02-13T07:48:52+00:00</updated>
<author>
<name>Stefan Berger</name>
<email>stefanb@linux.ibm.com</email>
</author>
<published>2019-01-17T17:41:31+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=587bad77e9c6d73c49b4ce7996822628824ca30e'/>
<id>587bad77e9c6d73c49b4ce7996822628824ca30e</id>
<content type='text'>
Since we will need to pass different function revision numbers
to tpm_eval_dsm, convert this function now to take the function revision
as an additional parameter.

Signed-off-by: Stefan Berger &lt;stefanb@linux.ibm.com&gt;
Tested-by: David Safford &lt;david.safford@ge.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Since we will need to pass different function revision numbers
to tpm_eval_dsm, convert this function now to take the function revision
as an additional parameter.

Signed-off-by: Stefan Berger &lt;stefanb@linux.ibm.com&gt;
Tested-by: David Safford &lt;david.safford@ge.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()</title>
<updated>2019-02-13T07:48:52+00:00</updated>
<author>
<name>Roberto Sassu</name>
<email>roberto.sassu@huawei.com</email>
</author>
<published>2019-02-06T16:24:52+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=0b6cf6b97b7ef1fa3c7fefab0cac897a1c4a3400'/>
<id>0b6cf6b97b7ef1fa3c7fefab0cac897a1c4a3400</id>
<content type='text'>
Currently, tpm_pcr_extend() accepts as an input only a SHA1 digest.

This patch replaces the hash parameter of tpm_pcr_extend() with an array of
tpm_digest structures, so that the caller can provide a digest for each PCR
bank currently allocated in the TPM.

tpm_pcr_extend() will not extend banks for which no digest was provided,
as it happened before this patch, but instead it requires that callers
provide the full set of digests. Since the number of digests will always be
chip-&gt;nr_allocated_banks, the count parameter has been removed.

Due to the API change, ima_pcr_extend() and pcrlock() have been modified.
Since the number of allocated banks is not known in advance, the memory for
the digests must be dynamically allocated. To avoid performance degradation
and to avoid that a PCR extend is not done due to lack of memory, the array
of tpm_digest structures is allocated by the users of the TPM driver at
initialization time.

Signed-off-by: Roberto Sassu &lt;roberto.sassu@huawei.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Mimi Zohar &lt;zohar@linux.ibm.com&gt; (on x86 for TPM 1.2 &amp; PTT TPM 2.0)
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Currently, tpm_pcr_extend() accepts as an input only a SHA1 digest.

This patch replaces the hash parameter of tpm_pcr_extend() with an array of
tpm_digest structures, so that the caller can provide a digest for each PCR
bank currently allocated in the TPM.

tpm_pcr_extend() will not extend banks for which no digest was provided,
as it happened before this patch, but instead it requires that callers
provide the full set of digests. Since the number of digests will always be
chip-&gt;nr_allocated_banks, the count parameter has been removed.

Due to the API change, ima_pcr_extend() and pcrlock() have been modified.
Since the number of allocated banks is not known in advance, the memory for
the digests must be dynamically allocated. To avoid performance degradation
and to avoid that a PCR extend is not done due to lack of memory, the array
of tpm_digest structures is allocated by the users of the TPM driver at
initialization time.

Signed-off-by: Roberto Sassu &lt;roberto.sassu@huawei.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Mimi Zohar &lt;zohar@linux.ibm.com&gt; (on x86 for TPM 1.2 &amp; PTT TPM 2.0)
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>tpm: move tpm_chip definition to include/linux/tpm.h</title>
<updated>2019-02-13T07:48:51+00:00</updated>
<author>
<name>Roberto Sassu</name>
<email>roberto.sassu@huawei.com</email>
</author>
<published>2019-02-06T16:24:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=901615cb916dc955fb7bda4e34402bf263532e4a'/>
<id>901615cb916dc955fb7bda4e34402bf263532e4a</id>
<content type='text'>
The tpm_chip structure contains the list of PCR banks currently allocated
in the TPM. When support for crypto agility will be added to the TPM
driver, users of the driver have to provide a digest for each allocated
bank to tpm_pcr_extend(). With this patch, they can obtain the PCR bank
algorithms directly from chip-&gt;allocated_banks.

Signed-off-by: Roberto Sassu &lt;roberto.sassu@huawei.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The tpm_chip structure contains the list of PCR banks currently allocated
in the TPM. When support for crypto agility will be added to the TPM
driver, users of the driver have to provide a digest for each allocated
bank to tpm_pcr_extend(). With this patch, they can obtain the PCR bank
algorithms directly from chip-&gt;allocated_banks.

Signed-off-by: Roberto Sassu &lt;roberto.sassu@huawei.com&gt;
Reviewed-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Tested-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
Signed-off-by: Jarkko Sakkinen &lt;jarkko.sakkinen@linux.intel.com&gt;
</pre>
</div>
</content>
</entry>
</feed>
