linux-integrity.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH 0/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations
@ 2019-10-02 13:14 Jarkko Sakkinen
  2019-10-02 13:14 ` [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf Jarkko Sakkinen
                   ` (2 more replies)
  0 siblings, 3 replies; 16+ messages in thread
From: Jarkko Sakkinen @ 2019-10-02 13:14 UTC (permalink / raw)
  To: linux-stabley
  Cc: Jarkko Sakkinen, Jason Gunthorpe, open list:TPM DEVICE DRIVER, open list

commit db4d8cb9c9f2af71c4d087817160d866ed572cc9 upstream

This backport is for v4.14 and v4.19 The backport requires non-racy
behaviour from TPM 1.x sysfs code. Thus, the dependecies for that
are included.

NOTE: 1/3 is only needed for v4.14.

v2:
* Something happened when merging 3/3 that write lock was taken
  twice. Fixed in this version. Did also sanity check test with
  TPM2:
  echo devices > /sys/power/pm_test && echo mem > /sys/power/state

Jarkko Sakkinen (2):
  tpm: migrate pubek_show to struct tpm_buf
  tpm: use tpm_try_get_ops() in tpm-sysfs.c.

Vadim Sukhomlinov (1):
  tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations

 drivers/char/tpm/tpm-chip.c  |   5 +-
 drivers/char/tpm/tpm-sysfs.c | 201 +++++++++++++++++++++--------------
 drivers/char/tpm/tpm.h       |  13 ---
 3 files changed, 124 insertions(+), 95 deletions(-)

-- 
2.20.1


^ permalink raw reply	[flat|nested] 16+ messages in thread

* [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf
  2019-10-02 13:14 [PATCH 0/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations Jarkko Sakkinen
@ 2019-10-02 13:14 ` Jarkko Sakkinen
  2019-10-02 13:14 ` [PATCH 2/3] tpm: use tpm_try_get_ops() in tpm-sysfs.c Jarkko Sakkinen
  2019-10-02 13:14 ` [PATCH 3/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations Jarkko Sakkinen
  2 siblings, 0 replies; 16+ messages in thread
From: Jarkko Sakkinen @ 2019-10-02 13:14 UTC (permalink / raw)
  To: linux-stabley
  Cc: Jarkko Sakkinen, Peter Huewe, Jason Gunthorpe,
	open list:TPM DEVICE DRIVER, open list

commit da379f3c1db0c9a1fd27b11d24c9894b5edc7c75 upstream

Migrated pubek_show to struct tpm_buf and cleaned up its implementation.
Previously the output parameter structure was declared but left
completely unused. Now it is used to refer different fields of the
output. We can move it to tpm-sysfs.c as it does not have any use
outside of that file.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 drivers/char/tpm/tpm-sysfs.c | 87 ++++++++++++++++++++----------------
 drivers/char/tpm/tpm.h       | 13 ------
 2 files changed, 48 insertions(+), 52 deletions(-)

diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 86f38d239476..83a77a445538 100644
--- a/drivers/char/tpm/tpm-sysfs.c
+++ b/drivers/char/tpm/tpm-sysfs.c
@@ -20,44 +20,48 @@
 #include <linux/device.h>
 #include "tpm.h"
 
-#define READ_PUBEK_RESULT_SIZE 314
+struct tpm_readpubek_out {
+	u8 algorithm[4];
+	u8 encscheme[2];
+	u8 sigscheme[2];
+	__be32 paramsize;
+	u8 parameters[12];
+	__be32 keysize;
+	u8 modulus[256];
+	u8 checksum[20];
+} __packed;
+
 #define READ_PUBEK_RESULT_MIN_BODY_SIZE (28 + 256)
 #define TPM_ORD_READPUBEK 124
-static const struct tpm_input_header tpm_readpubek_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(30),
-	.ordinal = cpu_to_be32(TPM_ORD_READPUBEK)
-};
+
 static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
 			  char *buf)
 {
-	u8 *data;
-	struct tpm_cmd_t tpm_cmd;
-	ssize_t err;
-	int i, rc;
+	struct tpm_buf tpm_buf;
+	struct tpm_readpubek_out *out;
+	ssize_t rc;
+	int i;
 	char *str = buf;
 	struct tpm_chip *chip = to_tpm_chip(dev);
+	char anti_replay[20];
 
-	memset(&tpm_cmd, 0, sizeof(tpm_cmd));
-
-	tpm_cmd.header.in = tpm_readpubek_header;
-	err = tpm_transmit_cmd(chip, NULL, &tpm_cmd, READ_PUBEK_RESULT_SIZE,
-			       READ_PUBEK_RESULT_MIN_BODY_SIZE, 0,
-			       "attempting to read the PUBEK");
-	if (err)
-		goto out;
-
-	/*
-	   ignore header 10 bytes
-	   algorithm 32 bits (1 == RSA )
-	   encscheme 16 bits
-	   sigscheme 16 bits
-	   parameters (RSA 12->bytes: keybit, #primes, expbit)
-	   keylenbytes 32 bits
-	   256 byte modulus
-	   ignore checksum 20 bytes
-	 */
-	data = tpm_cmd.params.readpubek_out_buffer;
+	memset(&anti_replay, 0, sizeof(anti_replay));
+
+	rc = tpm_buf_init(&tpm_buf, TPM_TAG_RQU_COMMAND, TPM_ORD_READPUBEK);
+	if (rc)
+		return rc;
+
+	tpm_buf_append(&tpm_buf, anti_replay, sizeof(anti_replay));
+
+	rc = tpm_transmit_cmd(chip, NULL, tpm_buf.data, PAGE_SIZE,
+			      READ_PUBEK_RESULT_MIN_BODY_SIZE, 0,
+			      "attempting to read the PUBEK");
+	if (rc) {
+		tpm_buf_destroy(&tpm_buf);
+		return 0;
+	}
+
+	out = (struct tpm_readpubek_out *)&tpm_buf.data[10];
 	str +=
 	    sprintf(str,
 		    "Algorithm: %02X %02X %02X %02X\n"
@@ -68,21 +72,26 @@ static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
 		    "%02X %02X %02X %02X\n"
 		    "Modulus length: %d\n"
 		    "Modulus:\n",
-		    data[0], data[1], data[2], data[3],
-		    data[4], data[5],
-		    data[6], data[7],
-		    data[12], data[13], data[14], data[15],
-		    data[16], data[17], data[18], data[19],
-		    data[20], data[21], data[22], data[23],
-		    be32_to_cpu(*((__be32 *) (data + 24))));
+		    out->algorithm[0], out->algorithm[1], out->algorithm[2],
+		    out->algorithm[3],
+		    out->encscheme[0], out->encscheme[1],
+		    out->sigscheme[0], out->sigscheme[1],
+		    out->parameters[0], out->parameters[1],
+		    out->parameters[2], out->parameters[3],
+		    out->parameters[4], out->parameters[5],
+		    out->parameters[6], out->parameters[7],
+		    out->parameters[8], out->parameters[9],
+		    out->parameters[10], out->parameters[11],
+		    be32_to_cpu(out->keysize));
 
 	for (i = 0; i < 256; i++) {
-		str += sprintf(str, "%02X ", data[i + 28]);
+		str += sprintf(str, "%02X ", out->modulus[i]);
 		if ((i + 1) % 16 == 0)
 			str += sprintf(str, "\n");
 	}
-out:
+
 	rc = str - buf;
+	tpm_buf_destroy(&tpm_buf);
 	return rc;
 }
 static DEVICE_ATTR_RO(pubek);
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 4bb9b4aa9b49..d53d12f3df6d 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -351,17 +351,6 @@ enum tpm_sub_capabilities {
 	TPM_CAP_PROP_TIS_DURATION = 0x120,
 };
 
-struct	tpm_readpubek_params_out {
-	u8	algorithm[4];
-	u8	encscheme[2];
-	u8	sigscheme[2];
-	__be32	paramsize;
-	u8	parameters[12]; /*assuming RSA*/
-	__be32	keysize;
-	u8	modulus[256];
-	u8	checksum[20];
-} __packed;
-
 typedef union {
 	struct	tpm_input_header in;
 	struct	tpm_output_header out;
@@ -391,8 +380,6 @@ struct tpm_getrandom_in {
 } __packed;
 
 typedef union {
-	struct	tpm_readpubek_params_out readpubek_out;
-	u8	readpubek_out_buffer[sizeof(struct tpm_readpubek_params_out)];
 	struct	tpm_pcrread_in	pcrread_in;
 	struct	tpm_pcrread_out	pcrread_out;
 	struct	tpm_getrandom_in getrandom_in;
-- 
2.20.1


^ permalink raw reply	[flat|nested] 16+ messages in thread

* [PATCH 2/3] tpm: use tpm_try_get_ops() in tpm-sysfs.c.
  2019-10-02 13:14 [PATCH 0/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations Jarkko Sakkinen
  2019-10-02 13:14 ` [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf Jarkko Sakkinen
@ 2019-10-02 13:14 ` Jarkko Sakkinen
  2019-10-02 13:14 ` [PATCH 3/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations Jarkko Sakkinen
  2 siblings, 0 replies; 16+ messages in thread
From: Jarkko Sakkinen @ 2019-10-02 13:14 UTC (permalink / raw)
  To: linux-stabley
  Cc: Jarkko Sakkinen, Stefan Berger, Jerry Snitselaar,
	James Bottomley, Alexander Steffen, Peter Huewe, Jason Gunthorpe,
	open list:TPM DEVICE DRIVER, open list

commit 2677ca98ae377517930c183248221f69f771c921 upstream

Use tpm_try_get_ops() in tpm-sysfs.c so that we can consider moving
other decorations (locking, localities, power management for example)
inside it. This direction can be of course taken only after other call
sites for tpm_transmit() have been treated in the same way.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com>
Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Tested-by: Alexander Steffen <Alexander.Steffen@infineon.com>
---
 drivers/char/tpm/tpm-sysfs.c | 134 ++++++++++++++++++++++-------------
 1 file changed, 83 insertions(+), 51 deletions(-)

diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 83a77a445538..177a60e5c6ec 100644
--- a/drivers/char/tpm/tpm-sysfs.c
+++ b/drivers/char/tpm/tpm-sysfs.c
@@ -39,7 +39,6 @@ static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
 {
 	struct tpm_buf tpm_buf;
 	struct tpm_readpubek_out *out;
-	ssize_t rc;
 	int i;
 	char *str = buf;
 	struct tpm_chip *chip = to_tpm_chip(dev);
@@ -47,19 +46,18 @@ static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
 
 	memset(&anti_replay, 0, sizeof(anti_replay));
 
-	rc = tpm_buf_init(&tpm_buf, TPM_TAG_RQU_COMMAND, TPM_ORD_READPUBEK);
-	if (rc)
-		return rc;
+	if (tpm_try_get_ops(chip))
+		return 0;
+
+	if (tpm_buf_init(&tpm_buf, TPM_TAG_RQU_COMMAND, TPM_ORD_READPUBEK))
+		goto out_ops;
 
 	tpm_buf_append(&tpm_buf, anti_replay, sizeof(anti_replay));
 
-	rc = tpm_transmit_cmd(chip, NULL, tpm_buf.data, PAGE_SIZE,
+	if (tpm_transmit_cmd(chip, NULL, tpm_buf.data, PAGE_SIZE,
 			      READ_PUBEK_RESULT_MIN_BODY_SIZE, 0,
-			      "attempting to read the PUBEK");
-	if (rc) {
-		tpm_buf_destroy(&tpm_buf);
-		return 0;
-	}
+			      "attempting to read the PUBEK"))
+		goto out_buf;
 
 	out = (struct tpm_readpubek_out *)&tpm_buf.data[10];
 	str +=
@@ -90,9 +88,11 @@ static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
 			str += sprintf(str, "\n");
 	}
 
-	rc = str - buf;
+out_buf:
 	tpm_buf_destroy(&tpm_buf);
-	return rc;
+out_ops:
+	tpm_put_ops(chip);
+	return str - buf;
 }
 static DEVICE_ATTR_RO(pubek);
 
@@ -106,12 +106,16 @@ static ssize_t pcrs_show(struct device *dev, struct device_attribute *attr,
 	char *str = buf;
 	struct tpm_chip *chip = to_tpm_chip(dev);
 
-	rc = tpm_getcap(chip, TPM_CAP_PROP_PCR, &cap,
-			"attempting to determine the number of PCRS",
-			sizeof(cap.num_pcrs));
-	if (rc)
+	if (tpm_try_get_ops(chip))
 		return 0;
 
+	if (tpm_getcap(chip, TPM_CAP_PROP_PCR, &cap,
+		       "attempting to determine the number of PCRS",
+		       sizeof(cap.num_pcrs))) {
+		tpm_put_ops(chip);
+		return 0;
+	}
+
 	num_pcrs = be32_to_cpu(cap.num_pcrs);
 	for (i = 0; i < num_pcrs; i++) {
 		rc = tpm_pcr_read_dev(chip, i, digest);
@@ -122,6 +126,7 @@ static ssize_t pcrs_show(struct device *dev, struct device_attribute *attr,
 			str += sprintf(str, "%02X ", digest[j]);
 		str += sprintf(str, "\n");
 	}
+	tpm_put_ops(chip);
 	return str - buf;
 }
 static DEVICE_ATTR_RO(pcrs);
@@ -129,16 +134,21 @@ static DEVICE_ATTR_RO(pcrs);
 static ssize_t enabled_show(struct device *dev, struct device_attribute *attr,
 		     char *buf)
 {
+	struct tpm_chip *chip = to_tpm_chip(dev);
+	ssize_t rc = 0;
 	cap_t cap;
-	ssize_t rc;
 
-	rc = tpm_getcap(to_tpm_chip(dev), TPM_CAP_FLAG_PERM, &cap,
-			"attempting to determine the permanent enabled state",
-			sizeof(cap.perm_flags));
-	if (rc)
+	if (tpm_try_get_ops(chip))
 		return 0;
 
+	if (tpm_getcap(chip, TPM_CAP_FLAG_PERM, &cap,
+		       "attempting to determine the permanent enabled state",
+		       sizeof(cap.perm_flags)))
+		goto out_ops;
+
 	rc = sprintf(buf, "%d\n", !cap.perm_flags.disable);
+out_ops:
+	tpm_put_ops(chip);
 	return rc;
 }
 static DEVICE_ATTR_RO(enabled);
@@ -146,16 +156,21 @@ static DEVICE_ATTR_RO(enabled);
 static ssize_t active_show(struct device *dev, struct device_attribute *attr,
 		    char *buf)
 {
+	struct tpm_chip *chip = to_tpm_chip(dev);
+	ssize_t rc = 0;
 	cap_t cap;
-	ssize_t rc;
 
-	rc = tpm_getcap(to_tpm_chip(dev), TPM_CAP_FLAG_PERM, &cap,
-			"attempting to determine the permanent active state",
-			sizeof(cap.perm_flags));
-	if (rc)
+	if (tpm_try_get_ops(chip))
 		return 0;
 
+	if (tpm_getcap(chip, TPM_CAP_FLAG_PERM, &cap,
+		       "attempting to determine the permanent active state",
+		       sizeof(cap.perm_flags)))
+		goto out_ops;
+
 	rc = sprintf(buf, "%d\n", !cap.perm_flags.deactivated);
+out_ops:
+	tpm_put_ops(chip);
 	return rc;
 }
 static DEVICE_ATTR_RO(active);
@@ -163,16 +178,21 @@ static DEVICE_ATTR_RO(active);
 static ssize_t owned_show(struct device *dev, struct device_attribute *attr,
 			  char *buf)
 {
+	struct tpm_chip *chip = to_tpm_chip(dev);
+	ssize_t rc = 0;
 	cap_t cap;
-	ssize_t rc;
 
-	rc = tpm_getcap(to_tpm_chip(dev), TPM_CAP_PROP_OWNER, &cap,
-			"attempting to determine the owner state",
-			sizeof(cap.owned));
-	if (rc)
+	if (tpm_try_get_ops(chip))
 		return 0;
 
+	if (tpm_getcap(to_tpm_chip(dev), TPM_CAP_PROP_OWNER, &cap,
+		       "attempting to determine the owner state",
+		       sizeof(cap.owned)))
+		goto out_ops;
+
 	rc = sprintf(buf, "%d\n", cap.owned);
+out_ops:
+	tpm_put_ops(chip);
 	return rc;
 }
 static DEVICE_ATTR_RO(owned);
@@ -180,16 +200,21 @@ static DEVICE_ATTR_RO(owned);
 static ssize_t temp_deactivated_show(struct device *dev,
 				     struct device_attribute *attr, char *buf)
 {
+	struct tpm_chip *chip = to_tpm_chip(dev);
+	ssize_t rc = 0;
 	cap_t cap;
-	ssize_t rc;
 
-	rc = tpm_getcap(to_tpm_chip(dev), TPM_CAP_FLAG_VOL, &cap,
-			"attempting to determine the temporary state",
-			sizeof(cap.stclear_flags));
-	if (rc)
+	if (tpm_try_get_ops(chip))
 		return 0;
 
+	if (tpm_getcap(to_tpm_chip(dev), TPM_CAP_FLAG_VOL, &cap,
+		       "attempting to determine the temporary state",
+		       sizeof(cap.stclear_flags)))
+		goto out_ops;
+
 	rc = sprintf(buf, "%d\n", cap.stclear_flags.deactivated);
+out_ops:
+	tpm_put_ops(chip);
 	return rc;
 }
 static DEVICE_ATTR_RO(temp_deactivated);
@@ -198,15 +223,18 @@ static ssize_t caps_show(struct device *dev, struct device_attribute *attr,
 			 char *buf)
 {
 	struct tpm_chip *chip = to_tpm_chip(dev);
-	cap_t cap;
-	ssize_t rc;
+	ssize_t rc = 0;
 	char *str = buf;
+	cap_t cap;
 
-	rc = tpm_getcap(chip, TPM_CAP_PROP_MANUFACTURER, &cap,
-			"attempting to determine the manufacturer",
-			sizeof(cap.manufacturer_id));
-	if (rc)
+	if (tpm_try_get_ops(chip))
 		return 0;
+
+	if (tpm_getcap(chip, TPM_CAP_PROP_MANUFACTURER, &cap,
+		       "attempting to determine the manufacturer",
+		       sizeof(cap.manufacturer_id)))
+		goto out_ops;
+
 	str += sprintf(str, "Manufacturer: 0x%x\n",
 		       be32_to_cpu(cap.manufacturer_id));
 
@@ -223,20 +251,22 @@ static ssize_t caps_show(struct device *dev, struct device_attribute *attr,
 			       cap.tpm_version_1_2.revMinor);
 	} else {
 		/* Otherwise just use TPM_STRUCT_VER */
-		rc = tpm_getcap(chip, TPM_CAP_VERSION_1_1, &cap,
-				"attempting to determine the 1.1 version",
-				sizeof(cap.tpm_version));
-		if (rc)
-			return 0;
+		if (tpm_getcap(chip, TPM_CAP_VERSION_1_1, &cap,
+			       "attempting to determine the 1.1 version",
+			       sizeof(cap.tpm_version)))
+			goto out_ops;
+
 		str += sprintf(str,
 			       "TCG version: %d.%d\nFirmware version: %d.%d\n",
 			       cap.tpm_version.Major,
 			       cap.tpm_version.Minor,
 			       cap.tpm_version.revMajor,
 			       cap.tpm_version.revMinor);
-	}
-
-	return str - buf;
+}
+	rc = str - buf;
+out_ops:
+	tpm_put_ops(chip);
+	return rc;
 }
 static DEVICE_ATTR_RO(caps);
 
@@ -244,10 +274,12 @@ static ssize_t cancel_store(struct device *dev, struct device_attribute *attr,
 			    const char *buf, size_t count)
 {
 	struct tpm_chip *chip = to_tpm_chip(dev);
-	if (chip == NULL)
+
+	if (tpm_try_get_ops(chip))
 		return 0;
 
 	chip->ops->cancel(chip);
+	tpm_put_ops(chip);
 	return count;
 }
 static DEVICE_ATTR_WO(cancel);
-- 
2.20.1


^ permalink raw reply	[flat|nested] 16+ messages in thread

* [PATCH 3/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations
  2019-10-02 13:14 [PATCH 0/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations Jarkko Sakkinen
  2019-10-02 13:14 ` [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf Jarkko Sakkinen
  2019-10-02 13:14 ` [PATCH 2/3] tpm: use tpm_try_get_ops() in tpm-sysfs.c Jarkko Sakkinen
@ 2019-10-02 13:14 ` Jarkko Sakkinen
  2019-10-02 13:57   ` Greg KH
  2 siblings, 1 reply; 16+ messages in thread
From: Jarkko Sakkinen @ 2019-10-02 13:14 UTC (permalink / raw)
  To: linux-stabley
  Cc: Vadim Sukhomlinov, stable, Douglas Anderson, Jarkko Sakkinen,
	Peter Huewe, Jason Gunthorpe, open list:TPM DEVICE DRIVER,
	open list

From: Vadim Sukhomlinov <sukhomlinov@google.com>

commit db4d8cb9c9f2af71c4d087817160d866ed572cc9 upstream

TPM 2.0 Shutdown involve sending TPM2_Shutdown to TPM chip and disabling
future TPM operations. TPM 1.2 behavior was different, future TPM
operations weren't disabled, causing rare issues. This patch ensures
that future TPM operations are disabled.

Fixes: d1bd4a792d39 ("tpm: Issue a TPM2_Shutdown for TPM2 devices.")
Cc: stable@vger.kernel.org
Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
[dianders: resolved merge conflicts with mainline]
Signed-off-by: Douglas Anderson <dianders@chromium.org>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 drivers/char/tpm/tpm-chip.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
index 0eca20c5a80c..dcf5bb153495 100644
--- a/drivers/char/tpm/tpm-chip.c
+++ b/drivers/char/tpm/tpm-chip.c
@@ -158,12 +158,13 @@ static int tpm_class_shutdown(struct device *dev)
 {
 	struct tpm_chip *chip = container_of(dev, struct tpm_chip, dev);
 
+	down_write(&chip->ops_sem);
 	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
-		down_write(&chip->ops_sem);
 		tpm2_shutdown(chip, TPM2_SU_CLEAR);
 		chip->ops = NULL;
-		up_write(&chip->ops_sem);
 	}
+	chip->ops = NULL;
+	up_write(&chip->ops_sem);
 
 	return 0;
 }
-- 
2.20.1


^ permalink raw reply	[flat|nested] 16+ messages in thread

* Re: [PATCH 3/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations
  2019-10-02 13:14 ` [PATCH 3/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations Jarkko Sakkinen
@ 2019-10-02 13:57   ` Greg KH
  2019-10-02 15:17     ` Sasha Levin
  0 siblings, 1 reply; 16+ messages in thread
From: Greg KH @ 2019-10-02 13:57 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: linux-stabley, Vadim Sukhomlinov, stable, Douglas Anderson,
	Peter Huewe, Jason Gunthorpe, open list:TPM DEVICE DRIVER,
	open list

On Wed, Oct 02, 2019 at 04:14:44PM +0300, Jarkko Sakkinen wrote:
> From: Vadim Sukhomlinov <sukhomlinov@google.com>
> 
> commit db4d8cb9c9f2af71c4d087817160d866ed572cc9 upstream
> 
> TPM 2.0 Shutdown involve sending TPM2_Shutdown to TPM chip and disabling
> future TPM operations. TPM 1.2 behavior was different, future TPM
> operations weren't disabled, causing rare issues. This patch ensures
> that future TPM operations are disabled.
> 
> Fixes: d1bd4a792d39 ("tpm: Issue a TPM2_Shutdown for TPM2 devices.")
> Cc: stable@vger.kernel.org
> Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
> [dianders: resolved merge conflicts with mainline]
> Signed-off-by: Douglas Anderson <dianders@chromium.org>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
>  drivers/char/tpm/tpm-chip.c | 5 +++--
>  1 file changed, 3 insertions(+), 2 deletions(-)

What kernel version(s) is this for?

thanks,

greg k-h

^ permalink raw reply	[flat|nested] 16+ messages in thread

* Re: [PATCH 3/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations
  2019-10-02 13:57   ` Greg KH
@ 2019-10-02 15:17     ` Sasha Levin
  2019-10-02 15:31       ` Jerry Snitselaar
  0 siblings, 1 reply; 16+ messages in thread
From: Sasha Levin @ 2019-10-02 15:17 UTC (permalink / raw)
  To: Greg KH
  Cc: Jarkko Sakkinen, linux-stabley, Vadim Sukhomlinov, stable,
	Douglas Anderson, Peter Huewe, Jason Gunthorpe,
	open list:TPM DEVICE DRIVER, open list

On Wed, Oct 02, 2019 at 03:57:58PM +0200, Greg KH wrote:
>On Wed, Oct 02, 2019 at 04:14:44PM +0300, Jarkko Sakkinen wrote:
>> From: Vadim Sukhomlinov <sukhomlinov@google.com>
>>
>> commit db4d8cb9c9f2af71c4d087817160d866ed572cc9 upstream
>>
>> TPM 2.0 Shutdown involve sending TPM2_Shutdown to TPM chip and disabling
>> future TPM operations. TPM 1.2 behavior was different, future TPM
>> operations weren't disabled, causing rare issues. This patch ensures
>> that future TPM operations are disabled.
>>
>> Fixes: d1bd4a792d39 ("tpm: Issue a TPM2_Shutdown for TPM2 devices.")
>> Cc: stable@vger.kernel.org
>> Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
>> [dianders: resolved merge conflicts with mainline]
>> Signed-off-by: Douglas Anderson <dianders@chromium.org>
>> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>> ---
>>  drivers/char/tpm/tpm-chip.c | 5 +++--
>>  1 file changed, 3 insertions(+), 2 deletions(-)
>
>What kernel version(s) is this for?

It would go to 4.19, we've recently reverted an incorrect backport of
this patch.

Jarkko, why is this patch 3/3? We haven't seen the first two on the
mailing list, do we need anything besides this patch?

--
Thanks,
Sasha

^ permalink raw reply	[flat|nested] 16+ messages in thread

* Re: [PATCH 3/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations
  2019-10-02 15:17     ` Sasha Levin
@ 2019-10-02 15:31       ` Jerry Snitselaar
  2019-10-02 15:42         ` Jerry Snitselaar
  0 siblings, 1 reply; 16+ messages in thread
From: Jerry Snitselaar @ 2019-10-02 15:31 UTC (permalink / raw)
  To: Sasha Levin
  Cc: Greg KH, Jarkko Sakkinen, linux-stabley, Vadim Sukhomlinov,
	stable, Douglas Anderson, Peter Huewe, Jason Gunthorpe,
	open list:TPM DEVICE DRIVER, open list

On Wed Oct 02 19, Sasha Levin wrote:
>On Wed, Oct 02, 2019 at 03:57:58PM +0200, Greg KH wrote:
>>On Wed, Oct 02, 2019 at 04:14:44PM +0300, Jarkko Sakkinen wrote:
>>>From: Vadim Sukhomlinov <sukhomlinov@google.com>
>>>
>>>commit db4d8cb9c9f2af71c4d087817160d866ed572cc9 upstream
>>>
>>>TPM 2.0 Shutdown involve sending TPM2_Shutdown to TPM chip and disabling
>>>future TPM operations. TPM 1.2 behavior was different, future TPM
>>>operations weren't disabled, causing rare issues. This patch ensures
>>>that future TPM operations are disabled.
>>>
>>>Fixes: d1bd4a792d39 ("tpm: Issue a TPM2_Shutdown for TPM2 devices.")
>>>Cc: stable@vger.kernel.org
>>>Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
>>>[dianders: resolved merge conflicts with mainline]
>>>Signed-off-by: Douglas Anderson <dianders@chromium.org>
>>>Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>>>Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>>>---
>>> drivers/char/tpm/tpm-chip.c | 5 +++--
>>> 1 file changed, 3 insertions(+), 2 deletions(-)
>>
>>What kernel version(s) is this for?
>
>It would go to 4.19, we've recently reverted an incorrect backport of
>this patch.
>
>Jarkko, why is this patch 3/3? We haven't seen the first two on the
>mailing list, do we need anything besides this patch?
>
>--
>Thanks,
>Sasha

It looks like there was a problem mailing the earlier patchset, and patches 1 and 2
weren't cc'd to stable, but patch 3 was.


^ permalink raw reply	[flat|nested] 16+ messages in thread

* Re: [PATCH 3/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations
  2019-10-02 15:31       ` Jerry Snitselaar
@ 2019-10-02 15:42         ` Jerry Snitselaar
  2019-10-02 16:09           ` Greg KH
  2019-10-03 11:24           ` Jarkko Sakkinen
  0 siblings, 2 replies; 16+ messages in thread
From: Jerry Snitselaar @ 2019-10-02 15:42 UTC (permalink / raw)
  To: Sasha Levin, Greg KH, Jarkko Sakkinen, linux-stabley,
	Vadim Sukhomlinov, stable, Douglas Anderson, Peter Huewe,
	Jason Gunthorpe, open list:TPM DEVICE DRIVER, open list

On Wed Oct 02 19, Jerry Snitselaar wrote:
>On Wed Oct 02 19, Sasha Levin wrote:
>>On Wed, Oct 02, 2019 at 03:57:58PM +0200, Greg KH wrote:
>>>On Wed, Oct 02, 2019 at 04:14:44PM +0300, Jarkko Sakkinen wrote:
>>>>From: Vadim Sukhomlinov <sukhomlinov@google.com>
>>>>
>>>>commit db4d8cb9c9f2af71c4d087817160d866ed572cc9 upstream
>>>>
>>>>TPM 2.0 Shutdown involve sending TPM2_Shutdown to TPM chip and disabling
>>>>future TPM operations. TPM 1.2 behavior was different, future TPM
>>>>operations weren't disabled, causing rare issues. This patch ensures
>>>>that future TPM operations are disabled.
>>>>
>>>>Fixes: d1bd4a792d39 ("tpm: Issue a TPM2_Shutdown for TPM2 devices.")
>>>>Cc: stable@vger.kernel.org
>>>>Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
>>>>[dianders: resolved merge conflicts with mainline]
>>>>Signed-off-by: Douglas Anderson <dianders@chromium.org>
>>>>Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>>>>Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>>>>---
>>>>drivers/char/tpm/tpm-chip.c | 5 +++--
>>>>1 file changed, 3 insertions(+), 2 deletions(-)
>>>
>>>What kernel version(s) is this for?
>>
>>It would go to 4.19, we've recently reverted an incorrect backport of
>>this patch.
>>
>>Jarkko, why is this patch 3/3? We haven't seen the first two on the
>>mailing list, do we need anything besides this patch?
>>
>>--
>>Thanks,
>>Sasha
>
>It looks like there was a problem mailing the earlier patchset, and patches 1 and 2
>weren't cc'd to stable, but patch 3 was.

Is linux-stabley@vger.kernel.org a valid address?


^ permalink raw reply	[flat|nested] 16+ messages in thread

* Re: [PATCH 3/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations
  2019-10-02 15:42         ` Jerry Snitselaar
@ 2019-10-02 16:09           ` Greg KH
  2019-10-03 11:24           ` Jarkko Sakkinen
  1 sibling, 0 replies; 16+ messages in thread
From: Greg KH @ 2019-10-02 16:09 UTC (permalink / raw)
  To: Sasha Levin, Jarkko Sakkinen, linux-stabley, Vadim Sukhomlinov,
	stable, Douglas Anderson, Peter Huewe, Jason Gunthorpe,
	open list:TPM DEVICE DRIVER, open list

On Wed, Oct 02, 2019 at 08:42:04AM -0700, Jerry Snitselaar wrote:
> On Wed Oct 02 19, Jerry Snitselaar wrote:
> > On Wed Oct 02 19, Sasha Levin wrote:
> > > On Wed, Oct 02, 2019 at 03:57:58PM +0200, Greg KH wrote:
> > > > On Wed, Oct 02, 2019 at 04:14:44PM +0300, Jarkko Sakkinen wrote:
> > > > > From: Vadim Sukhomlinov <sukhomlinov@google.com>
> > > > > 
> > > > > commit db4d8cb9c9f2af71c4d087817160d866ed572cc9 upstream
> > > > > 
> > > > > TPM 2.0 Shutdown involve sending TPM2_Shutdown to TPM chip and disabling
> > > > > future TPM operations. TPM 1.2 behavior was different, future TPM
> > > > > operations weren't disabled, causing rare issues. This patch ensures
> > > > > that future TPM operations are disabled.
> > > > > 
> > > > > Fixes: d1bd4a792d39 ("tpm: Issue a TPM2_Shutdown for TPM2 devices.")
> > > > > Cc: stable@vger.kernel.org
> > > > > Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
> > > > > [dianders: resolved merge conflicts with mainline]
> > > > > Signed-off-by: Douglas Anderson <dianders@chromium.org>
> > > > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > > > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > > > ---
> > > > > drivers/char/tpm/tpm-chip.c | 5 +++--
> > > > > 1 file changed, 3 insertions(+), 2 deletions(-)
> > > > 
> > > > What kernel version(s) is this for?
> > > 
> > > It would go to 4.19, we've recently reverted an incorrect backport of
> > > this patch.
> > > 
> > > Jarkko, why is this patch 3/3? We haven't seen the first two on the
> > > mailing list, do we need anything besides this patch?
> > > 
> > > --
> > > Thanks,
> > > Sasha
> > 
> > It looks like there was a problem mailing the earlier patchset, and patches 1 and 2
> > weren't cc'd to stable, but patch 3 was.
> 
> Is linux-stabley@vger.kernel.org a valid address?
> 

Heh, no :)

^ permalink raw reply	[flat|nested] 16+ messages in thread

* Re: [PATCH 3/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations
  2019-10-02 15:42         ` Jerry Snitselaar
  2019-10-02 16:09           ` Greg KH
@ 2019-10-03 11:24           ` Jarkko Sakkinen
  2019-10-03 11:25             ` Jarkko Sakkinen
  1 sibling, 1 reply; 16+ messages in thread
From: Jarkko Sakkinen @ 2019-10-03 11:24 UTC (permalink / raw)
  To: Sasha Levin, Greg KH, linux-stabley, Vadim Sukhomlinov, stable,
	Douglas Anderson, Peter Huewe, Jason Gunthorpe,
	open list:TPM DEVICE DRIVER, open list

On Wed, Oct 02, 2019 at 08:42:04AM -0700, Jerry Snitselaar wrote:
> On Wed Oct 02 19, Jerry Snitselaar wrote:
> > On Wed Oct 02 19, Sasha Levin wrote:
> > > On Wed, Oct 02, 2019 at 03:57:58PM +0200, Greg KH wrote:
> > > > On Wed, Oct 02, 2019 at 04:14:44PM +0300, Jarkko Sakkinen wrote:
> > > > > From: Vadim Sukhomlinov <sukhomlinov@google.com>
> > > > > 
> > > > > commit db4d8cb9c9f2af71c4d087817160d866ed572cc9 upstream
> > > > > 
> > > > > TPM 2.0 Shutdown involve sending TPM2_Shutdown to TPM chip and disabling
> > > > > future TPM operations. TPM 1.2 behavior was different, future TPM
> > > > > operations weren't disabled, causing rare issues. This patch ensures
> > > > > that future TPM operations are disabled.
> > > > > 
> > > > > Fixes: d1bd4a792d39 ("tpm: Issue a TPM2_Shutdown for TPM2 devices.")
> > > > > Cc: stable@vger.kernel.org
> > > > > Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
> > > > > [dianders: resolved merge conflicts with mainline]
> > > > > Signed-off-by: Douglas Anderson <dianders@chromium.org>
> > > > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > > > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > > > ---
> > > > > drivers/char/tpm/tpm-chip.c | 5 +++--
> > > > > 1 file changed, 3 insertions(+), 2 deletions(-)
> > > > 
> > > > What kernel version(s) is this for?
> > > 
> > > It would go to 4.19, we've recently reverted an incorrect backport of
> > > this patch.
> > > 
> > > Jarkko, why is this patch 3/3? We haven't seen the first two on the
> > > mailing list, do we need anything besides this patch?
> > > 
> > > --
> > > Thanks,
> > > Sasha
> > 
> > It looks like there was a problem mailing the earlier patchset, and patches 1 and 2
> > weren't cc'd to stable, but patch 3 was.
> 
> Is linux-stabley@vger.kernel.org a valid address?
> 

No, did a resend :-(

/Jarkko

^ permalink raw reply	[flat|nested] 16+ messages in thread

* Re: [PATCH 3/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations
  2019-10-03 11:24           ` Jarkko Sakkinen
@ 2019-10-03 11:25             ` Jarkko Sakkinen
  0 siblings, 0 replies; 16+ messages in thread
From: Jarkko Sakkinen @ 2019-10-03 11:25 UTC (permalink / raw)
  To: Sasha Levin, Greg KH, linux-stabley, Vadim Sukhomlinov, stable,
	Douglas Anderson, Peter Huewe, Jason Gunthorpe,
	open list:TPM DEVICE DRIVER, open list

On Thu, Oct 03, 2019 at 02:24:42PM +0300, Jarkko Sakkinen wrote:
> On Wed, Oct 02, 2019 at 08:42:04AM -0700, Jerry Snitselaar wrote:
> > On Wed Oct 02 19, Jerry Snitselaar wrote:
> > > On Wed Oct 02 19, Sasha Levin wrote:
> > > > On Wed, Oct 02, 2019 at 03:57:58PM +0200, Greg KH wrote:
> > > > > On Wed, Oct 02, 2019 at 04:14:44PM +0300, Jarkko Sakkinen wrote:
> > > > > > From: Vadim Sukhomlinov <sukhomlinov@google.com>
> > > > > > 
> > > > > > commit db4d8cb9c9f2af71c4d087817160d866ed572cc9 upstream
> > > > > > 
> > > > > > TPM 2.0 Shutdown involve sending TPM2_Shutdown to TPM chip and disabling
> > > > > > future TPM operations. TPM 1.2 behavior was different, future TPM
> > > > > > operations weren't disabled, causing rare issues. This patch ensures
> > > > > > that future TPM operations are disabled.
> > > > > > 
> > > > > > Fixes: d1bd4a792d39 ("tpm: Issue a TPM2_Shutdown for TPM2 devices.")
> > > > > > Cc: stable@vger.kernel.org
> > > > > > Signed-off-by: Vadim Sukhomlinov <sukhomlinov@google.com>
> > > > > > [dianders: resolved merge conflicts with mainline]
> > > > > > Signed-off-by: Douglas Anderson <dianders@chromium.org>
> > > > > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > > > > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > > > > ---
> > > > > > drivers/char/tpm/tpm-chip.c | 5 +++--
> > > > > > 1 file changed, 3 insertions(+), 2 deletions(-)
> > > > > 
> > > > > What kernel version(s) is this for?
> > > > 
> > > > It would go to 4.19, we've recently reverted an incorrect backport of
> > > > this patch.
> > > > 
> > > > Jarkko, why is this patch 3/3? We haven't seen the first two on the
> > > > mailing list, do we need anything besides this patch?
> > > > 
> > > > --
> > > > Thanks,
> > > > Sasha
> > > 
> > > It looks like there was a problem mailing the earlier patchset, and patches 1 and 2
> > > weren't cc'd to stable, but patch 3 was.
> > 
> > Is linux-stabley@vger.kernel.org a valid address?
> > 
> 
> No, did a resend :-(

New version sent to stableish@vger.kernel.org.

/Jarkko

^ permalink raw reply	[flat|nested] 16+ messages in thread

* Re: [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf
  2019-10-03 11:31   ` Greg Kroah-Hartman
@ 2019-10-03 17:56     ` Jarkko Sakkinen
  0 siblings, 0 replies; 16+ messages in thread
From: Jarkko Sakkinen @ 2019-10-03 17:56 UTC (permalink / raw)
  To: Greg Kroah-Hartman
  Cc: linux-stable, Peter Huewe, Jason Gunthorpe, Arnd Bergmann,
	open list:TPM DEVICE DRIVER, open list

On Thu, Oct 03, 2019 at 01:31:12PM +0200, Greg Kroah-Hartman wrote:
> On Thu, Oct 03, 2019 at 02:24:22PM +0300, Jarkko Sakkinen wrote:
> > commit da379f3c1db0c9a1fd27b11d24c9894b5edc7c75 upstream
> > 
> > Migrated pubek_show to struct tpm_buf and cleaned up its implementation.
> > Previously the output parameter structure was declared but left
> > completely unused. Now it is used to refer different fields of the
> > output. We can move it to tpm-sysfs.c as it does not have any use
> > outside of that file.
> > 
> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > ---
> >  drivers/char/tpm/tpm-sysfs.c | 87 ++++++++++++++++++++----------------
> >  drivers/char/tpm/tpm.h       | 13 ------
> >  2 files changed, 48 insertions(+), 52 deletions(-)
> 
> Again, what kernel tree(s) do you want this, and the other 2 patches
> applied to?  And why?
> 
> thanks,
> 
> greg k-h

D'oh, this is the cover letter:

https://patchwork.kernel.org/cover/11172533/

Looks like somehow forgot to include cc's, which were in the first
version:

Cc: linux-integrity@vger.kernel.org
Cc: Greg KH <gregkh@linuxfoundation.org>
Cc: Vadim Sukhomlinov <sukhomlinov@google.com>
Link: https://lore.kernel.org/stable/20190712152734.GA13940@kroah.com/

/Jarkko

^ permalink raw reply	[flat|nested] 16+ messages in thread

* Re: [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf
  2019-10-03 11:24 ` [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf Jarkko Sakkinen
@ 2019-10-03 11:31   ` Greg Kroah-Hartman
  2019-10-03 17:56     ` Jarkko Sakkinen
  0 siblings, 1 reply; 16+ messages in thread
From: Greg Kroah-Hartman @ 2019-10-03 11:31 UTC (permalink / raw)
  To: Jarkko Sakkinen
  Cc: linux-stable, Peter Huewe, Jason Gunthorpe, Arnd Bergmann,
	open list:TPM DEVICE DRIVER, open list

On Thu, Oct 03, 2019 at 02:24:22PM +0300, Jarkko Sakkinen wrote:
> commit da379f3c1db0c9a1fd27b11d24c9894b5edc7c75 upstream
> 
> Migrated pubek_show to struct tpm_buf and cleaned up its implementation.
> Previously the output parameter structure was declared but left
> completely unused. Now it is used to refer different fields of the
> output. We can move it to tpm-sysfs.c as it does not have any use
> outside of that file.
> 
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
>  drivers/char/tpm/tpm-sysfs.c | 87 ++++++++++++++++++++----------------
>  drivers/char/tpm/tpm.h       | 13 ------
>  2 files changed, 48 insertions(+), 52 deletions(-)

Again, what kernel tree(s) do you want this, and the other 2 patches
applied to?  And why?

thanks,

greg k-h

^ permalink raw reply	[flat|nested] 16+ messages in thread

* [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf
  2019-10-03 11:24 [PATCH 0/3] " Jarkko Sakkinen
@ 2019-10-03 11:24 ` Jarkko Sakkinen
  2019-10-03 11:31   ` Greg Kroah-Hartman
  0 siblings, 1 reply; 16+ messages in thread
From: Jarkko Sakkinen @ 2019-10-03 11:24 UTC (permalink / raw)
  To: linux-stable
  Cc: Jarkko Sakkinen, Peter Huewe, Jason Gunthorpe, Arnd Bergmann,
	Greg Kroah-Hartman, open list:TPM DEVICE DRIVER, open list

commit da379f3c1db0c9a1fd27b11d24c9894b5edc7c75 upstream

Migrated pubek_show to struct tpm_buf and cleaned up its implementation.
Previously the output parameter structure was declared but left
completely unused. Now it is used to refer different fields of the
output. We can move it to tpm-sysfs.c as it does not have any use
outside of that file.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 drivers/char/tpm/tpm-sysfs.c | 87 ++++++++++++++++++++----------------
 drivers/char/tpm/tpm.h       | 13 ------
 2 files changed, 48 insertions(+), 52 deletions(-)

diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 86f38d239476..83a77a445538 100644
--- a/drivers/char/tpm/tpm-sysfs.c
+++ b/drivers/char/tpm/tpm-sysfs.c
@@ -20,44 +20,48 @@
 #include <linux/device.h>
 #include "tpm.h"
 
-#define READ_PUBEK_RESULT_SIZE 314
+struct tpm_readpubek_out {
+	u8 algorithm[4];
+	u8 encscheme[2];
+	u8 sigscheme[2];
+	__be32 paramsize;
+	u8 parameters[12];
+	__be32 keysize;
+	u8 modulus[256];
+	u8 checksum[20];
+} __packed;
+
 #define READ_PUBEK_RESULT_MIN_BODY_SIZE (28 + 256)
 #define TPM_ORD_READPUBEK 124
-static const struct tpm_input_header tpm_readpubek_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(30),
-	.ordinal = cpu_to_be32(TPM_ORD_READPUBEK)
-};
+
 static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
 			  char *buf)
 {
-	u8 *data;
-	struct tpm_cmd_t tpm_cmd;
-	ssize_t err;
-	int i, rc;
+	struct tpm_buf tpm_buf;
+	struct tpm_readpubek_out *out;
+	ssize_t rc;
+	int i;
 	char *str = buf;
 	struct tpm_chip *chip = to_tpm_chip(dev);
+	char anti_replay[20];
 
-	memset(&tpm_cmd, 0, sizeof(tpm_cmd));
-
-	tpm_cmd.header.in = tpm_readpubek_header;
-	err = tpm_transmit_cmd(chip, NULL, &tpm_cmd, READ_PUBEK_RESULT_SIZE,
-			       READ_PUBEK_RESULT_MIN_BODY_SIZE, 0,
-			       "attempting to read the PUBEK");
-	if (err)
-		goto out;
-
-	/*
-	   ignore header 10 bytes
-	   algorithm 32 bits (1 == RSA )
-	   encscheme 16 bits
-	   sigscheme 16 bits
-	   parameters (RSA 12->bytes: keybit, #primes, expbit)
-	   keylenbytes 32 bits
-	   256 byte modulus
-	   ignore checksum 20 bytes
-	 */
-	data = tpm_cmd.params.readpubek_out_buffer;
+	memset(&anti_replay, 0, sizeof(anti_replay));
+
+	rc = tpm_buf_init(&tpm_buf, TPM_TAG_RQU_COMMAND, TPM_ORD_READPUBEK);
+	if (rc)
+		return rc;
+
+	tpm_buf_append(&tpm_buf, anti_replay, sizeof(anti_replay));
+
+	rc = tpm_transmit_cmd(chip, NULL, tpm_buf.data, PAGE_SIZE,
+			      READ_PUBEK_RESULT_MIN_BODY_SIZE, 0,
+			      "attempting to read the PUBEK");
+	if (rc) {
+		tpm_buf_destroy(&tpm_buf);
+		return 0;
+	}
+
+	out = (struct tpm_readpubek_out *)&tpm_buf.data[10];
 	str +=
 	    sprintf(str,
 		    "Algorithm: %02X %02X %02X %02X\n"
@@ -68,21 +72,26 @@ static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
 		    "%02X %02X %02X %02X\n"
 		    "Modulus length: %d\n"
 		    "Modulus:\n",
-		    data[0], data[1], data[2], data[3],
-		    data[4], data[5],
-		    data[6], data[7],
-		    data[12], data[13], data[14], data[15],
-		    data[16], data[17], data[18], data[19],
-		    data[20], data[21], data[22], data[23],
-		    be32_to_cpu(*((__be32 *) (data + 24))));
+		    out->algorithm[0], out->algorithm[1], out->algorithm[2],
+		    out->algorithm[3],
+		    out->encscheme[0], out->encscheme[1],
+		    out->sigscheme[0], out->sigscheme[1],
+		    out->parameters[0], out->parameters[1],
+		    out->parameters[2], out->parameters[3],
+		    out->parameters[4], out->parameters[5],
+		    out->parameters[6], out->parameters[7],
+		    out->parameters[8], out->parameters[9],
+		    out->parameters[10], out->parameters[11],
+		    be32_to_cpu(out->keysize));
 
 	for (i = 0; i < 256; i++) {
-		str += sprintf(str, "%02X ", data[i + 28]);
+		str += sprintf(str, "%02X ", out->modulus[i]);
 		if ((i + 1) % 16 == 0)
 			str += sprintf(str, "\n");
 	}
-out:
+
 	rc = str - buf;
+	tpm_buf_destroy(&tpm_buf);
 	return rc;
 }
 static DEVICE_ATTR_RO(pubek);
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 4bb9b4aa9b49..d53d12f3df6d 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -351,17 +351,6 @@ enum tpm_sub_capabilities {
 	TPM_CAP_PROP_TIS_DURATION = 0x120,
 };
 
-struct	tpm_readpubek_params_out {
-	u8	algorithm[4];
-	u8	encscheme[2];
-	u8	sigscheme[2];
-	__be32	paramsize;
-	u8	parameters[12]; /*assuming RSA*/
-	__be32	keysize;
-	u8	modulus[256];
-	u8	checksum[20];
-} __packed;
-
 typedef union {
 	struct	tpm_input_header in;
 	struct	tpm_output_header out;
@@ -391,8 +380,6 @@ struct tpm_getrandom_in {
 } __packed;
 
 typedef union {
-	struct	tpm_readpubek_params_out readpubek_out;
-	u8	readpubek_out_buffer[sizeof(struct tpm_readpubek_params_out)];
 	struct	tpm_pcrread_in	pcrread_in;
 	struct	tpm_pcrread_out	pcrread_out;
 	struct	tpm_getrandom_in getrandom_in;
-- 
2.20.1


^ permalink raw reply	[flat|nested] 16+ messages in thread

* [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf
  2019-09-25 10:15 [PATCH 0/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations Jarkko Sakkinen
@ 2019-09-25 10:15 ` Jarkko Sakkinen
  0 siblings, 0 replies; 16+ messages in thread
From: Jarkko Sakkinen @ 2019-09-25 10:15 UTC (permalink / raw)
  To: linux-integrity
  Cc: Jarkko Sakkinen, Peter Huewe, Jason Gunthorpe, Arnd Bergmann,
	Greg Kroah-Hartman, open list

commit da379f3c1db0c9a1fd27b11d24c9894b5edc7c75 upstream

Migrated pubek_show to struct tpm_buf and cleaned up its implementation.
Previously the output parameter structure was declared but left
completely unused. Now it is used to refer different fields of the
output. We can move it to tpm-sysfs.c as it does not have any use
outside of that file.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 drivers/char/tpm/tpm-sysfs.c | 87 ++++++++++++++++++++----------------
 drivers/char/tpm/tpm.h       | 13 ------
 2 files changed, 48 insertions(+), 52 deletions(-)

diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 86f38d239476..83a77a445538 100644
--- a/drivers/char/tpm/tpm-sysfs.c
+++ b/drivers/char/tpm/tpm-sysfs.c
@@ -20,44 +20,48 @@
 #include <linux/device.h>
 #include "tpm.h"
 
-#define READ_PUBEK_RESULT_SIZE 314
+struct tpm_readpubek_out {
+	u8 algorithm[4];
+	u8 encscheme[2];
+	u8 sigscheme[2];
+	__be32 paramsize;
+	u8 parameters[12];
+	__be32 keysize;
+	u8 modulus[256];
+	u8 checksum[20];
+} __packed;
+
 #define READ_PUBEK_RESULT_MIN_BODY_SIZE (28 + 256)
 #define TPM_ORD_READPUBEK 124
-static const struct tpm_input_header tpm_readpubek_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(30),
-	.ordinal = cpu_to_be32(TPM_ORD_READPUBEK)
-};
+
 static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
 			  char *buf)
 {
-	u8 *data;
-	struct tpm_cmd_t tpm_cmd;
-	ssize_t err;
-	int i, rc;
+	struct tpm_buf tpm_buf;
+	struct tpm_readpubek_out *out;
+	ssize_t rc;
+	int i;
 	char *str = buf;
 	struct tpm_chip *chip = to_tpm_chip(dev);
+	char anti_replay[20];
 
-	memset(&tpm_cmd, 0, sizeof(tpm_cmd));
-
-	tpm_cmd.header.in = tpm_readpubek_header;
-	err = tpm_transmit_cmd(chip, NULL, &tpm_cmd, READ_PUBEK_RESULT_SIZE,
-			       READ_PUBEK_RESULT_MIN_BODY_SIZE, 0,
-			       "attempting to read the PUBEK");
-	if (err)
-		goto out;
-
-	/*
-	   ignore header 10 bytes
-	   algorithm 32 bits (1 == RSA )
-	   encscheme 16 bits
-	   sigscheme 16 bits
-	   parameters (RSA 12->bytes: keybit, #primes, expbit)
-	   keylenbytes 32 bits
-	   256 byte modulus
-	   ignore checksum 20 bytes
-	 */
-	data = tpm_cmd.params.readpubek_out_buffer;
+	memset(&anti_replay, 0, sizeof(anti_replay));
+
+	rc = tpm_buf_init(&tpm_buf, TPM_TAG_RQU_COMMAND, TPM_ORD_READPUBEK);
+	if (rc)
+		return rc;
+
+	tpm_buf_append(&tpm_buf, anti_replay, sizeof(anti_replay));
+
+	rc = tpm_transmit_cmd(chip, NULL, tpm_buf.data, PAGE_SIZE,
+			      READ_PUBEK_RESULT_MIN_BODY_SIZE, 0,
+			      "attempting to read the PUBEK");
+	if (rc) {
+		tpm_buf_destroy(&tpm_buf);
+		return 0;
+	}
+
+	out = (struct tpm_readpubek_out *)&tpm_buf.data[10];
 	str +=
 	    sprintf(str,
 		    "Algorithm: %02X %02X %02X %02X\n"
@@ -68,21 +72,26 @@ static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
 		    "%02X %02X %02X %02X\n"
 		    "Modulus length: %d\n"
 		    "Modulus:\n",
-		    data[0], data[1], data[2], data[3],
-		    data[4], data[5],
-		    data[6], data[7],
-		    data[12], data[13], data[14], data[15],
-		    data[16], data[17], data[18], data[19],
-		    data[20], data[21], data[22], data[23],
-		    be32_to_cpu(*((__be32 *) (data + 24))));
+		    out->algorithm[0], out->algorithm[1], out->algorithm[2],
+		    out->algorithm[3],
+		    out->encscheme[0], out->encscheme[1],
+		    out->sigscheme[0], out->sigscheme[1],
+		    out->parameters[0], out->parameters[1],
+		    out->parameters[2], out->parameters[3],
+		    out->parameters[4], out->parameters[5],
+		    out->parameters[6], out->parameters[7],
+		    out->parameters[8], out->parameters[9],
+		    out->parameters[10], out->parameters[11],
+		    be32_to_cpu(out->keysize));
 
 	for (i = 0; i < 256; i++) {
-		str += sprintf(str, "%02X ", data[i + 28]);
+		str += sprintf(str, "%02X ", out->modulus[i]);
 		if ((i + 1) % 16 == 0)
 			str += sprintf(str, "\n");
 	}
-out:
+
 	rc = str - buf;
+	tpm_buf_destroy(&tpm_buf);
 	return rc;
 }
 static DEVICE_ATTR_RO(pubek);
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 4bb9b4aa9b49..d53d12f3df6d 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -351,17 +351,6 @@ enum tpm_sub_capabilities {
 	TPM_CAP_PROP_TIS_DURATION = 0x120,
 };
 
-struct	tpm_readpubek_params_out {
-	u8	algorithm[4];
-	u8	encscheme[2];
-	u8	sigscheme[2];
-	__be32	paramsize;
-	u8	parameters[12]; /*assuming RSA*/
-	__be32	keysize;
-	u8	modulus[256];
-	u8	checksum[20];
-} __packed;
-
 typedef union {
 	struct	tpm_input_header in;
 	struct	tpm_output_header out;
@@ -391,8 +380,6 @@ struct tpm_getrandom_in {
 } __packed;
 
 typedef union {
-	struct	tpm_readpubek_params_out readpubek_out;
-	u8	readpubek_out_buffer[sizeof(struct tpm_readpubek_params_out)];
 	struct	tpm_pcrread_in	pcrread_in;
 	struct	tpm_pcrread_out	pcrread_out;
 	struct	tpm_getrandom_in getrandom_in;
-- 
2.20.1


^ permalink raw reply	[flat|nested] 16+ messages in thread

* [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf
  2019-09-24 14:01 [PATCH 0/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations Jarkko Sakkinen
@ 2019-09-24 14:02 ` Jarkko Sakkinen
  0 siblings, 0 replies; 16+ messages in thread
From: Jarkko Sakkinen @ 2019-09-24 14:02 UTC (permalink / raw)
  To: linux-stable
  Cc: Jarkko Sakkinen, Peter Huewe, Jason Gunthorpe, Arnd Bergmann,
	Greg Kroah-Hartman, open list:TPM DEVICE DRIVER, open list

commit da379f3c1db0c9a1fd27b11d24c9894b5edc7c75 upstream

Migrated pubek_show to struct tpm_buf and cleaned up its implementation.
Previously the output parameter structure was declared but left
completely unused. Now it is used to refer different fields of the
output. We can move it to tpm-sysfs.c as it does not have any use
outside of that file.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 drivers/char/tpm/tpm-sysfs.c | 87 ++++++++++++++++++++----------------
 drivers/char/tpm/tpm.h       | 13 ------
 2 files changed, 48 insertions(+), 52 deletions(-)

diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 86f38d239476..83a77a445538 100644
--- a/drivers/char/tpm/tpm-sysfs.c
+++ b/drivers/char/tpm/tpm-sysfs.c
@@ -20,44 +20,48 @@
 #include <linux/device.h>
 #include "tpm.h"
 
-#define READ_PUBEK_RESULT_SIZE 314
+struct tpm_readpubek_out {
+	u8 algorithm[4];
+	u8 encscheme[2];
+	u8 sigscheme[2];
+	__be32 paramsize;
+	u8 parameters[12];
+	__be32 keysize;
+	u8 modulus[256];
+	u8 checksum[20];
+} __packed;
+
 #define READ_PUBEK_RESULT_MIN_BODY_SIZE (28 + 256)
 #define TPM_ORD_READPUBEK 124
-static const struct tpm_input_header tpm_readpubek_header = {
-	.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
-	.length = cpu_to_be32(30),
-	.ordinal = cpu_to_be32(TPM_ORD_READPUBEK)
-};
+
 static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
 			  char *buf)
 {
-	u8 *data;
-	struct tpm_cmd_t tpm_cmd;
-	ssize_t err;
-	int i, rc;
+	struct tpm_buf tpm_buf;
+	struct tpm_readpubek_out *out;
+	ssize_t rc;
+	int i;
 	char *str = buf;
 	struct tpm_chip *chip = to_tpm_chip(dev);
+	char anti_replay[20];
 
-	memset(&tpm_cmd, 0, sizeof(tpm_cmd));
-
-	tpm_cmd.header.in = tpm_readpubek_header;
-	err = tpm_transmit_cmd(chip, NULL, &tpm_cmd, READ_PUBEK_RESULT_SIZE,
-			       READ_PUBEK_RESULT_MIN_BODY_SIZE, 0,
-			       "attempting to read the PUBEK");
-	if (err)
-		goto out;
-
-	/*
-	   ignore header 10 bytes
-	   algorithm 32 bits (1 == RSA )
-	   encscheme 16 bits
-	   sigscheme 16 bits
-	   parameters (RSA 12->bytes: keybit, #primes, expbit)
-	   keylenbytes 32 bits
-	   256 byte modulus
-	   ignore checksum 20 bytes
-	 */
-	data = tpm_cmd.params.readpubek_out_buffer;
+	memset(&anti_replay, 0, sizeof(anti_replay));
+
+	rc = tpm_buf_init(&tpm_buf, TPM_TAG_RQU_COMMAND, TPM_ORD_READPUBEK);
+	if (rc)
+		return rc;
+
+	tpm_buf_append(&tpm_buf, anti_replay, sizeof(anti_replay));
+
+	rc = tpm_transmit_cmd(chip, NULL, tpm_buf.data, PAGE_SIZE,
+			      READ_PUBEK_RESULT_MIN_BODY_SIZE, 0,
+			      "attempting to read the PUBEK");
+	if (rc) {
+		tpm_buf_destroy(&tpm_buf);
+		return 0;
+	}
+
+	out = (struct tpm_readpubek_out *)&tpm_buf.data[10];
 	str +=
 	    sprintf(str,
 		    "Algorithm: %02X %02X %02X %02X\n"
@@ -68,21 +72,26 @@ static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
 		    "%02X %02X %02X %02X\n"
 		    "Modulus length: %d\n"
 		    "Modulus:\n",
-		    data[0], data[1], data[2], data[3],
-		    data[4], data[5],
-		    data[6], data[7],
-		    data[12], data[13], data[14], data[15],
-		    data[16], data[17], data[18], data[19],
-		    data[20], data[21], data[22], data[23],
-		    be32_to_cpu(*((__be32 *) (data + 24))));
+		    out->algorithm[0], out->algorithm[1], out->algorithm[2],
+		    out->algorithm[3],
+		    out->encscheme[0], out->encscheme[1],
+		    out->sigscheme[0], out->sigscheme[1],
+		    out->parameters[0], out->parameters[1],
+		    out->parameters[2], out->parameters[3],
+		    out->parameters[4], out->parameters[5],
+		    out->parameters[6], out->parameters[7],
+		    out->parameters[8], out->parameters[9],
+		    out->parameters[10], out->parameters[11],
+		    be32_to_cpu(out->keysize));
 
 	for (i = 0; i < 256; i++) {
-		str += sprintf(str, "%02X ", data[i + 28]);
+		str += sprintf(str, "%02X ", out->modulus[i]);
 		if ((i + 1) % 16 == 0)
 			str += sprintf(str, "\n");
 	}
-out:
+
 	rc = str - buf;
+	tpm_buf_destroy(&tpm_buf);
 	return rc;
 }
 static DEVICE_ATTR_RO(pubek);
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 4bb9b4aa9b49..d53d12f3df6d 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -351,17 +351,6 @@ enum tpm_sub_capabilities {
 	TPM_CAP_PROP_TIS_DURATION = 0x120,
 };
 
-struct	tpm_readpubek_params_out {
-	u8	algorithm[4];
-	u8	encscheme[2];
-	u8	sigscheme[2];
-	__be32	paramsize;
-	u8	parameters[12]; /*assuming RSA*/
-	__be32	keysize;
-	u8	modulus[256];
-	u8	checksum[20];
-} __packed;
-
 typedef union {
 	struct	tpm_input_header in;
 	struct	tpm_output_header out;
@@ -391,8 +380,6 @@ struct tpm_getrandom_in {
 } __packed;
 
 typedef union {
-	struct	tpm_readpubek_params_out readpubek_out;
-	u8	readpubek_out_buffer[sizeof(struct tpm_readpubek_params_out)];
 	struct	tpm_pcrread_in	pcrread_in;
 	struct	tpm_pcrread_out	pcrread_out;
 	struct	tpm_getrandom_in getrandom_in;
-- 
2.20.1


^ permalink raw reply	[flat|nested] 16+ messages in thread

end of thread, other threads:[~2019-10-03 17:56 UTC | newest]

Thread overview: 16+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-02 13:14 [PATCH 0/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations Jarkko Sakkinen
2019-10-02 13:14 ` [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf Jarkko Sakkinen
2019-10-02 13:14 ` [PATCH 2/3] tpm: use tpm_try_get_ops() in tpm-sysfs.c Jarkko Sakkinen
2019-10-02 13:14 ` [PATCH 3/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations Jarkko Sakkinen
2019-10-02 13:57   ` Greg KH
2019-10-02 15:17     ` Sasha Levin
2019-10-02 15:31       ` Jerry Snitselaar
2019-10-02 15:42         ` Jerry Snitselaar
2019-10-02 16:09           ` Greg KH
2019-10-03 11:24           ` Jarkko Sakkinen
2019-10-03 11:25             ` Jarkko Sakkinen
  -- strict thread matches above, loose matches on Subject: below --
2019-10-03 11:24 [PATCH 0/3] " Jarkko Sakkinen
2019-10-03 11:24 ` [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf Jarkko Sakkinen
2019-10-03 11:31   ` Greg Kroah-Hartman
2019-10-03 17:56     ` Jarkko Sakkinen
2019-09-25 10:15 [PATCH 0/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations Jarkko Sakkinen
2019-09-25 10:15 ` [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf Jarkko Sakkinen
2019-09-24 14:01 [PATCH 0/3] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM operations Jarkko Sakkinen
2019-09-24 14:02 ` [PATCH 1/3] tpm: migrate pubek_show to struct tpm_buf Jarkko Sakkinen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).