* [PATCH 0/2] Update PCR read code
@ 2017-06-23 13:41 Roberto Sassu
2017-06-23 13:41 ` [PATCH 1/2] tpm: use tpm_buf functions in tpm2_pcr_read() Roberto Sassu
2017-06-23 13:41 ` [PATCH 2/2] tpm: use tpm2_pcr_read() in tpm2_do_selftest() Roberto Sassu
0 siblings, 2 replies; 7+ messages in thread
From: Roberto Sassu @ 2017-06-23 13:41 UTC (permalink / raw)
To: tpmdd-devel
Cc: linux-ima-devel, linux-security-module, linux-kernel, Roberto Sassu
This patch set updates tpm2_pcr_read(), to build the PCR read command
buffer with tpm_buf functions, which offer protection against buffer
overflow.
It also removes duplicate code in tpm2_do_selftest(), and replaces it with
a call to tpm2_pcr_read().
The previous version of the patches can be found at the URLs:
https://sourceforge.net/p/tpmdd/mailman/message/35905413/
https://sourceforge.net/p/tpmdd/mailman/message/35905415/
The version number has not been incremented from 3 to 4, since this
is considered as a new patch set, not providing the same functionality
of the set the patches were originally part of.
Changelog
- PCR code changes are applied directly to tpm2_pcr_read()
- removed tpm2_pcr_read_in structure
- modified size of digest array in tpm2_pcr_read_out structure
Roberto Sassu (2):
tpm: use tpm_buf functions in tpm2_pcr_read()
tpm: use tpm2_pcr_read() in tpm2_do_selftest()
drivers/char/tpm/tpm2-cmd.c | 89 +++++++++++++++------------------------------
1 file changed, 30 insertions(+), 59 deletions(-)
--
2.9.3
^ permalink raw reply [flat|nested] 7+ messages in thread
* [PATCH 1/2] tpm: use tpm_buf functions in tpm2_pcr_read()
2017-06-23 13:41 [PATCH 0/2] Update PCR read code Roberto Sassu
@ 2017-06-23 13:41 ` Roberto Sassu
2017-06-28 22:18 ` Jarkko Sakkinen
2017-06-23 13:41 ` [PATCH 2/2] tpm: use tpm2_pcr_read() in tpm2_do_selftest() Roberto Sassu
1 sibling, 1 reply; 7+ messages in thread
From: Roberto Sassu @ 2017-06-23 13:41 UTC (permalink / raw)
To: tpmdd-devel
Cc: linux-ima-devel, linux-security-module, linux-kernel, Roberto Sassu
tpm2_pcr_read() now builds the PCR read command buffer with tpm_buf
functions. This solution is preferred to using a tpm2_cmd structure,
as tpm_buf functions provide protection against buffer overflow.
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
drivers/char/tpm/tpm2-cmd.c | 60 ++++++++++++++++++++++-----------------------
1 file changed, 30 insertions(+), 30 deletions(-)
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 3a99643..fdce77d 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -42,17 +42,6 @@ struct tpm2_pcr_read_in {
u8 pcr_select[TPM2_PCR_SELECT_MIN];
} __packed;
-struct tpm2_pcr_read_out {
- __be32 update_cnt;
- __be32 pcr_selects_cnt;
- __be16 hash_alg;
- u8 pcr_select_size;
- u8 pcr_select[TPM2_PCR_SELECT_MIN];
- __be32 digests_cnt;
- __be16 digest_size;
- u8 digest[TPM_DIGEST_SIZE];
-} __packed;
-
struct tpm2_get_tpm_pt_in {
__be32 cap_id;
__be32 property_id;
@@ -80,7 +69,6 @@ union tpm2_cmd_params {
struct tpm2_startup_in startup_in;
struct tpm2_self_test_in selftest_in;
struct tpm2_pcr_read_in pcrread_in;
- struct tpm2_pcr_read_out pcrread_out;
struct tpm2_get_tpm_pt_in get_tpm_pt_in;
struct tpm2_get_tpm_pt_out get_tpm_pt_out;
struct tpm2_get_random_in getrandom_in;
@@ -231,15 +219,23 @@ static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = {
(sizeof(struct tpm_input_header) + \
sizeof(struct tpm2_pcr_read_in))
-#define TPM2_PCR_READ_RESP_BODY_SIZE \
- sizeof(struct tpm2_pcr_read_out)
-
static const struct tpm_input_header tpm2_pcrread_header = {
.tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
.length = cpu_to_be32(TPM2_PCR_READ_IN_SIZE),
.ordinal = cpu_to_be32(TPM2_CC_PCR_READ)
};
+struct tpm2_pcr_read_out {
+ __be32 update_cnt;
+ __be32 pcr_selects_cnt;
+ __be16 hash_alg;
+ u8 pcr_select_size;
+ u8 pcr_select[TPM2_PCR_SELECT_MIN];
+ __be32 digests_cnt;
+ __be16 digest_size;
+ u8 digest[];
+} __packed;
+
/**
* tpm2_pcr_read() - read a PCR value
* @chip: TPM chip to use.
@@ -251,29 +247,33 @@ static const struct tpm_input_header tpm2_pcrread_header = {
int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
{
int rc;
- struct tpm2_cmd cmd;
- u8 *buf;
+ struct tpm_buf buf;
+ struct tpm2_pcr_read_out *out;
+ u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0};
if (pcr_idx >= TPM2_PLATFORM_PCR)
return -EINVAL;
- cmd.header.in = tpm2_pcrread_header;
- cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1);
- cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
- cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN;
+ rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ);
+ if (rc)
+ return rc;
- memset(cmd.params.pcrread_in.pcr_select, 0,
- sizeof(cmd.params.pcrread_in.pcr_select));
- cmd.params.pcrread_in.pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
+ pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
- rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd),
- TPM2_PCR_READ_RESP_BODY_SIZE,
- 0, "attempting to read a pcr value");
- if (rc == 0) {
- buf = cmd.params.pcrread_out.digest;
- memcpy(res_buf, buf, TPM_DIGEST_SIZE);
+ tpm_buf_append_u32(&buf, 1);
+ tpm_buf_append_u16(&buf, TPM2_ALG_SHA1);
+ tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN);
+ tpm_buf_append(&buf, (const unsigned char *)pcr_select,
+ sizeof(pcr_select));
+
+ rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
+ res_buf ? "attempting to read a pcr value" : NULL);
+ if (rc == 0 && res_buf) {
+ out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE];
+ memcpy(res_buf, out->digest, SHA1_DIGEST_SIZE);
}
+ tpm_buf_destroy(&buf);
return rc;
}
--
2.9.3
^ permalink raw reply related [flat|nested] 7+ messages in thread
* [PATCH 2/2] tpm: use tpm2_pcr_read() in tpm2_do_selftest()
2017-06-23 13:41 [PATCH 0/2] Update PCR read code Roberto Sassu
2017-06-23 13:41 ` [PATCH 1/2] tpm: use tpm_buf functions in tpm2_pcr_read() Roberto Sassu
@ 2017-06-23 13:41 ` Roberto Sassu
2017-06-28 22:19 ` Jarkko Sakkinen
1 sibling, 1 reply; 7+ messages in thread
From: Roberto Sassu @ 2017-06-23 13:41 UTC (permalink / raw)
To: tpmdd-devel
Cc: linux-ima-devel, linux-security-module, linux-kernel, Roberto Sassu
tpm2_do_selftest() performs a PCR read during the TPM initialization phase.
This patch replaces the PCR read code with a call to tpm2_pcr_read().
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
drivers/char/tpm/tpm2-cmd.c | 31 +------------------------------
1 file changed, 1 insertion(+), 30 deletions(-)
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index fdce77d..2d6ee0c 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -35,13 +35,6 @@ struct tpm2_self_test_in {
u8 full_test;
} __packed;
-struct tpm2_pcr_read_in {
- __be32 pcr_selects_cnt;
- __be16 hash_alg;
- u8 pcr_select_size;
- u8 pcr_select[TPM2_PCR_SELECT_MIN];
-} __packed;
-
struct tpm2_get_tpm_pt_in {
__be32 cap_id;
__be32 property_id;
@@ -68,7 +61,6 @@ struct tpm2_get_random_out {
union tpm2_cmd_params {
struct tpm2_startup_in startup_in;
struct tpm2_self_test_in selftest_in;
- struct tpm2_pcr_read_in pcrread_in;
struct tpm2_get_tpm_pt_in get_tpm_pt_in;
struct tpm2_get_tpm_pt_out get_tpm_pt_out;
struct tpm2_get_random_in getrandom_in;
@@ -215,16 +207,6 @@ static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = {
TPM_UNDEFINED /* 18f */
};
-#define TPM2_PCR_READ_IN_SIZE \
- (sizeof(struct tpm_input_header) + \
- sizeof(struct tpm2_pcr_read_in))
-
-static const struct tpm_input_header tpm2_pcrread_header = {
- .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
- .length = cpu_to_be32(TPM2_PCR_READ_IN_SIZE),
- .ordinal = cpu_to_be32(TPM2_CC_PCR_READ)
-};
-
struct tpm2_pcr_read_out {
__be32 update_cnt;
__be32 pcr_selects_cnt;
@@ -928,7 +910,6 @@ static int tpm2_do_selftest(struct tpm_chip *chip)
unsigned int loops;
unsigned int delay_msec = 100;
unsigned long duration;
- struct tpm2_cmd cmd;
int i;
duration = tpm2_calc_ordinal_duration(chip, TPM2_CC_SELF_TEST);
@@ -941,20 +922,10 @@ static int tpm2_do_selftest(struct tpm_chip *chip)
for (i = 0; i < loops; i++) {
/* Attempt to read a PCR value */
- cmd.header.in = tpm2_pcrread_header;
- cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1);
- cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
- cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN;
- cmd.params.pcrread_in.pcr_select[0] = 0x01;
- cmd.params.pcrread_in.pcr_select[1] = 0x00;
- cmd.params.pcrread_in.pcr_select[2] = 0x00;
-
- rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 0, 0,
- NULL);
+ rc = tpm2_pcr_read(chip, 0, NULL);
if (rc < 0)
break;
- rc = be32_to_cpu(cmd.header.out.return_code);
if (rc != TPM2_RC_TESTING)
break;
--
2.9.3
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH 1/2] tpm: use tpm_buf functions in tpm2_pcr_read()
2017-06-23 13:41 ` [PATCH 1/2] tpm: use tpm_buf functions in tpm2_pcr_read() Roberto Sassu
@ 2017-06-28 22:18 ` Jarkko Sakkinen
2017-06-29 19:54 ` Jarkko Sakkinen
0 siblings, 1 reply; 7+ messages in thread
From: Jarkko Sakkinen @ 2017-06-28 22:18 UTC (permalink / raw)
To: Roberto Sassu
Cc: tpmdd-devel, linux-ima-devel, linux-security-module, linux-kernel
On Fri, Jun 23, 2017 at 03:41:56PM +0200, Roberto Sassu wrote:
> tpm2_pcr_read() now builds the PCR read command buffer with tpm_buf
> functions. This solution is preferred to using a tpm2_cmd structure,
> as tpm_buf functions provide protection against buffer overflow.
>
> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
> drivers/char/tpm/tpm2-cmd.c | 60 ++++++++++++++++++++++-----------------------
> 1 file changed, 30 insertions(+), 30 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index 3a99643..fdce77d 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -42,17 +42,6 @@ struct tpm2_pcr_read_in {
> u8 pcr_select[TPM2_PCR_SELECT_MIN];
> } __packed;
>
> -struct tpm2_pcr_read_out {
> - __be32 update_cnt;
> - __be32 pcr_selects_cnt;
> - __be16 hash_alg;
> - u8 pcr_select_size;
> - u8 pcr_select[TPM2_PCR_SELECT_MIN];
> - __be32 digests_cnt;
> - __be16 digest_size;
> - u8 digest[TPM_DIGEST_SIZE];
> -} __packed;
> -
> struct tpm2_get_tpm_pt_in {
> __be32 cap_id;
> __be32 property_id;
> @@ -80,7 +69,6 @@ union tpm2_cmd_params {
> struct tpm2_startup_in startup_in;
> struct tpm2_self_test_in selftest_in;
> struct tpm2_pcr_read_in pcrread_in;
> - struct tpm2_pcr_read_out pcrread_out;
> struct tpm2_get_tpm_pt_in get_tpm_pt_in;
> struct tpm2_get_tpm_pt_out get_tpm_pt_out;
> struct tpm2_get_random_in getrandom_in;
> @@ -231,15 +219,23 @@ static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = {
> (sizeof(struct tpm_input_header) + \
> sizeof(struct tpm2_pcr_read_in))
>
> -#define TPM2_PCR_READ_RESP_BODY_SIZE \
> - sizeof(struct tpm2_pcr_read_out)
> -
> static const struct tpm_input_header tpm2_pcrread_header = {
> .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
> .length = cpu_to_be32(TPM2_PCR_READ_IN_SIZE),
> .ordinal = cpu_to_be32(TPM2_CC_PCR_READ)
> };
>
> +struct tpm2_pcr_read_out {
> + __be32 update_cnt;
> + __be32 pcr_selects_cnt;
> + __be16 hash_alg;
> + u8 pcr_select_size;
> + u8 pcr_select[TPM2_PCR_SELECT_MIN];
> + __be32 digests_cnt;
> + __be16 digest_size;
> + u8 digest[];
> +} __packed;
> +
> /**
> * tpm2_pcr_read() - read a PCR value
> * @chip: TPM chip to use.
> @@ -251,29 +247,33 @@ static const struct tpm_input_header tpm2_pcrread_header = {
> int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> {
> int rc;
> - struct tpm2_cmd cmd;
> - u8 *buf;
> + struct tpm_buf buf;
> + struct tpm2_pcr_read_out *out;
> + u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0};
>
> if (pcr_idx >= TPM2_PLATFORM_PCR)
> return -EINVAL;
>
> - cmd.header.in = tpm2_pcrread_header;
> - cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1);
> - cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
> - cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN;
> + rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ);
> + if (rc)
> + return rc;
>
> - memset(cmd.params.pcrread_in.pcr_select, 0,
> - sizeof(cmd.params.pcrread_in.pcr_select));
> - cmd.params.pcrread_in.pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
> + pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
>
> - rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd),
> - TPM2_PCR_READ_RESP_BODY_SIZE,
> - 0, "attempting to read a pcr value");
> - if (rc == 0) {
> - buf = cmd.params.pcrread_out.digest;
> - memcpy(res_buf, buf, TPM_DIGEST_SIZE);
> + tpm_buf_append_u32(&buf, 1);
> + tpm_buf_append_u16(&buf, TPM2_ALG_SHA1);
> + tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN);
> + tpm_buf_append(&buf, (const unsigned char *)pcr_select,
> + sizeof(pcr_select));
> +
> + rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
> + res_buf ? "attempting to read a pcr value" : NULL);
> + if (rc == 0 && res_buf) {
> + out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE];
> + memcpy(res_buf, out->digest, SHA1_DIGEST_SIZE);
> }
>
> + tpm_buf_destroy(&buf);
> return rc;
> }
>
> --
> 2.9.3
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 2/2] tpm: use tpm2_pcr_read() in tpm2_do_selftest()
2017-06-23 13:41 ` [PATCH 2/2] tpm: use tpm2_pcr_read() in tpm2_do_selftest() Roberto Sassu
@ 2017-06-28 22:19 ` Jarkko Sakkinen
2017-06-29 19:56 ` [tpmdd-devel] " Jarkko Sakkinen
0 siblings, 1 reply; 7+ messages in thread
From: Jarkko Sakkinen @ 2017-06-28 22:19 UTC (permalink / raw)
To: Roberto Sassu
Cc: tpmdd-devel, linux-ima-devel, linux-security-module, linux-kernel
On Fri, Jun 23, 2017 at 03:41:57PM +0200, Roberto Sassu wrote:
> tpm2_do_selftest() performs a PCR read during the TPM initialization phase.
> This patch replaces the PCR read code with a call to tpm2_pcr_read().
>
> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com>
/Jarkko
> ---
> drivers/char/tpm/tpm2-cmd.c | 31 +------------------------------
> 1 file changed, 1 insertion(+), 30 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index fdce77d..2d6ee0c 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -35,13 +35,6 @@ struct tpm2_self_test_in {
> u8 full_test;
> } __packed;
>
> -struct tpm2_pcr_read_in {
> - __be32 pcr_selects_cnt;
> - __be16 hash_alg;
> - u8 pcr_select_size;
> - u8 pcr_select[TPM2_PCR_SELECT_MIN];
> -} __packed;
> -
> struct tpm2_get_tpm_pt_in {
> __be32 cap_id;
> __be32 property_id;
> @@ -68,7 +61,6 @@ struct tpm2_get_random_out {
> union tpm2_cmd_params {
> struct tpm2_startup_in startup_in;
> struct tpm2_self_test_in selftest_in;
> - struct tpm2_pcr_read_in pcrread_in;
> struct tpm2_get_tpm_pt_in get_tpm_pt_in;
> struct tpm2_get_tpm_pt_out get_tpm_pt_out;
> struct tpm2_get_random_in getrandom_in;
> @@ -215,16 +207,6 @@ static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = {
> TPM_UNDEFINED /* 18f */
> };
>
> -#define TPM2_PCR_READ_IN_SIZE \
> - (sizeof(struct tpm_input_header) + \
> - sizeof(struct tpm2_pcr_read_in))
> -
> -static const struct tpm_input_header tpm2_pcrread_header = {
> - .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
> - .length = cpu_to_be32(TPM2_PCR_READ_IN_SIZE),
> - .ordinal = cpu_to_be32(TPM2_CC_PCR_READ)
> -};
> -
> struct tpm2_pcr_read_out {
> __be32 update_cnt;
> __be32 pcr_selects_cnt;
> @@ -928,7 +910,6 @@ static int tpm2_do_selftest(struct tpm_chip *chip)
> unsigned int loops;
> unsigned int delay_msec = 100;
> unsigned long duration;
> - struct tpm2_cmd cmd;
> int i;
>
> duration = tpm2_calc_ordinal_duration(chip, TPM2_CC_SELF_TEST);
> @@ -941,20 +922,10 @@ static int tpm2_do_selftest(struct tpm_chip *chip)
>
> for (i = 0; i < loops; i++) {
> /* Attempt to read a PCR value */
> - cmd.header.in = tpm2_pcrread_header;
> - cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1);
> - cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
> - cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN;
> - cmd.params.pcrread_in.pcr_select[0] = 0x01;
> - cmd.params.pcrread_in.pcr_select[1] = 0x00;
> - cmd.params.pcrread_in.pcr_select[2] = 0x00;
> -
> - rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd), 0, 0,
> - NULL);
> + rc = tpm2_pcr_read(chip, 0, NULL);
> if (rc < 0)
> break;
>
> - rc = be32_to_cpu(cmd.header.out.return_code);
> if (rc != TPM2_RC_TESTING)
> break;
>
> --
> 2.9.3
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH 1/2] tpm: use tpm_buf functions in tpm2_pcr_read()
2017-06-28 22:18 ` Jarkko Sakkinen
@ 2017-06-29 19:54 ` Jarkko Sakkinen
0 siblings, 0 replies; 7+ messages in thread
From: Jarkko Sakkinen @ 2017-06-29 19:54 UTC (permalink / raw)
To: Roberto Sassu
Cc: tpmdd-devel, linux-ima-devel, linux-security-module, linux-kernel
On Thu, Jun 29, 2017 at 01:18:58AM +0300, Jarkko Sakkinen wrote:
> On Fri, Jun 23, 2017 at 03:41:56PM +0200, Roberto Sassu wrote:
> > tpm2_pcr_read() now builds the PCR read command buffer with tpm_buf
> > functions. This solution is preferred to using a tpm2_cmd structure,
> > as tpm_buf functions provide protection against buffer overflow.
> >
> > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
/Jarkko
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [tpmdd-devel] [PATCH 2/2] tpm: use tpm2_pcr_read() in tpm2_do_selftest()
2017-06-28 22:19 ` Jarkko Sakkinen
@ 2017-06-29 19:56 ` Jarkko Sakkinen
0 siblings, 0 replies; 7+ messages in thread
From: Jarkko Sakkinen @ 2017-06-29 19:56 UTC (permalink / raw)
To: Roberto Sassu
Cc: linux-ima-devel, linux-security-module, tpmdd-devel, linux-kernel
On Thu, Jun 29, 2017 at 01:19:35AM +0300, Jarkko Sakkinen wrote:
> On Fri, Jun 23, 2017 at 03:41:57PM +0200, Roberto Sassu wrote:
> > tpm2_do_selftest() performs a PCR read during the TPM initialization phase.
> > This patch replaces the PCR read code with a call to tpm2_pcr_read().
> >
> > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkine@linux.intel.com>
/Jarkko
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2017-06-29 19:56 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-06-23 13:41 [PATCH 0/2] Update PCR read code Roberto Sassu
2017-06-23 13:41 ` [PATCH 1/2] tpm: use tpm_buf functions in tpm2_pcr_read() Roberto Sassu
2017-06-28 22:18 ` Jarkko Sakkinen
2017-06-29 19:54 ` Jarkko Sakkinen
2017-06-23 13:41 ` [PATCH 2/2] tpm: use tpm2_pcr_read() in tpm2_do_selftest() Roberto Sassu
2017-06-28 22:19 ` Jarkko Sakkinen
2017-06-29 19:56 ` [tpmdd-devel] " Jarkko Sakkinen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).