* [PATCH 0/3] tpm_pcr_extend() code split
@ 2017-05-02 12:31 Roberto Sassu
2017-05-02 12:31 ` [PATCH 1/3] tpm: use CPU native value for TPM_TAG_RQU_COMMAND Roberto Sassu
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Roberto Sassu @ 2017-05-02 12:31 UTC (permalink / raw)
To: tpmdd-devel
Cc: linux-ima-devel, linux-security-module, linux-kernel, Roberto Sassu
This patch set moves TPM 1.2 specific code to a new function called
tpm1_pcr_extend(). The purpose of splitting is to isolate TPM 2.0 code,
so that it can be more easily modified to handle multiple digests.
With TPM 2.0, a Platform Configuration Register (PCR) could have multiple
values, stored in locations called banks. Each bank stores the values
of PCRs extended with the same hash algorithm.
Currently, the TPM kernel driver does not take advantage of stronger
algorithms because PCRs are always extended with a SHA1 digest, padded
with zeros to match the length of the input for the hash algorithm
being used. Shortly after these patches, a new patch set will be provided
to allow callers of tpm_pcr_extend() to pass a digest for each algorithm
supported by the TPM.
In this patch set, TPM 1.2 specific code will prepare the command buffer
with tpm_buf_init() which, in respect to the previous method, offers
protection against buffer overflow. Moreover, CPU native to big-endian
conversion has been removed from tags and ordinals definition, as it is
already done by tpm_buf_init().
Roberto Sassu (3):
tpm: use CPU native value for TPM_TAG_RQU_COMMAND
tpm: move ordinals definition to include/linux/tpm_command.h
tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend()
drivers/char/tpm/tpm-interface.c | 76 +++++++++++++++++++---------------------
drivers/char/tpm/tpm-sysfs.c | 6 ++--
drivers/char/tpm/tpm.h | 2 --
include/linux/tpm_command.h | 7 ++++
4 files changed, 46 insertions(+), 45 deletions(-)
--
2.9.3
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH 1/3] tpm: use CPU native value for TPM_TAG_RQU_COMMAND
2017-05-02 12:31 [PATCH 0/3] tpm_pcr_extend() code split Roberto Sassu
@ 2017-05-02 12:31 ` Roberto Sassu
2017-05-02 12:31 ` [PATCH 2/3] tpm: move ordinals definition to include/linux/tpm_command.h Roberto Sassu
2017-05-02 12:31 ` [PATCH 3/3] tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend() Roberto Sassu
2 siblings, 0 replies; 9+ messages in thread
From: Roberto Sassu @ 2017-05-02 12:31 UTC (permalink / raw)
To: tpmdd-devel
Cc: linux-ima-devel, linux-security-module, linux-kernel, Roberto Sassu
In the long term, TPM 1.2 functions in the driver interface will be
converted to use tpm_buf_init().
However, tag and ordinals cannot be passed directly to tpm_buf_init(),
because this function performs CPU native to big-endian conversion of these
arguments. Since TPM_TAG_RQU_COMMAND and TPM_ORD_ are already converted,
passing them to the function will undo the previous conversion.
This patch removes the definition of TPM_TAG_RQU_COMMAND in the
tpm driver directory, and uses the CPU native value defined in
include/linux/tpm_command.h.
The conversion of TPM_TAG_RQU_COMMAND is done in the tpm_input_header
declarations.
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
drivers/char/tpm/tpm-interface.c | 15 ++++++++-------
drivers/char/tpm/tpm-sysfs.c | 3 ++-
drivers/char/tpm/tpm.h | 2 --
3 files changed, 10 insertions(+), 10 deletions(-)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index bd2128e..48f5dff 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -30,6 +30,7 @@
#include <linux/spinlock.h>
#include <linux/freezer.h>
#include <linux/pm_runtime.h>
+#include <linux/tpm_command.h>
#include "tpm.h"
#include "tpm_eventlog.h"
@@ -472,7 +473,7 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, const void *buf,
#define TPM_ORD_GET_RANDOM cpu_to_be32(70)
static const struct tpm_input_header tpm_getcap_header = {
- .tag = TPM_TAG_RQU_COMMAND,
+ .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(22),
.ordinal = TPM_ORD_GET_CAP
};
@@ -514,7 +515,7 @@ EXPORT_SYMBOL_GPL(tpm_getcap);
#define TPM_ST_STATE cpu_to_be16(2)
#define TPM_ST_DEACTIVATED cpu_to_be16(3)
static const struct tpm_input_header tpm_startup_header = {
- .tag = TPM_TAG_RQU_COMMAND,
+ .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(12),
.ordinal = TPM_ORD_STARTUP
};
@@ -664,7 +665,7 @@ EXPORT_SYMBOL_GPL(tpm_get_timeouts);
#define CONTINUE_SELFTEST_RESULT_SIZE 10
static const struct tpm_input_header continue_selftest_header = {
- .tag = TPM_TAG_RQU_COMMAND,
+ .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(10),
.ordinal = cpu_to_be32(TPM_ORD_CONTINUE_SELFTEST),
};
@@ -691,7 +692,7 @@ static int tpm_continue_selftest(struct tpm_chip *chip)
#define READ_PCR_RESULT_SIZE 30
#define READ_PCR_RESULT_BODY_SIZE 20
static const struct tpm_input_header pcrread_header = {
- .tag = TPM_TAG_RQU_COMMAND,
+ .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(14),
.ordinal = TPM_ORDINAL_PCRREAD
};
@@ -769,7 +770,7 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
#define EXTEND_PCR_RESULT_SIZE 34
#define EXTEND_PCR_RESULT_BODY_SIZE 20
static const struct tpm_input_header pcrextend_header = {
- .tag = TPM_TAG_RQU_COMMAND,
+ .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(34),
.ordinal = TPM_ORD_PCR_EXTEND
};
@@ -991,7 +992,7 @@ EXPORT_SYMBOL_GPL(wait_for_tpm_stat);
#define SAVESTATE_RESULT_SIZE 10
static const struct tpm_input_header savestate_header = {
- .tag = TPM_TAG_RQU_COMMAND,
+ .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(10),
.ordinal = TPM_ORD_SAVESTATE
};
@@ -1076,7 +1077,7 @@ EXPORT_SYMBOL_GPL(tpm_pm_resume);
#define TPM_GETRANDOM_RESULT_SIZE 18
static const struct tpm_input_header tpm_getrandom_header = {
- .tag = TPM_TAG_RQU_COMMAND,
+ .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(14),
.ordinal = TPM_ORD_GET_RANDOM
};
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 2f596d7..69a0741 100644
--- a/drivers/char/tpm/tpm-sysfs.c
+++ b/drivers/char/tpm/tpm-sysfs.c
@@ -18,13 +18,14 @@
*
*/
#include <linux/device.h>
+#include <linux/tpm_command.h>
#include "tpm.h"
#define READ_PUBEK_RESULT_SIZE 314
#define READ_PUBEK_RESULT_MIN_BODY_SIZE (28 + 256)
#define TPM_ORD_READPUBEK cpu_to_be32(124)
static const struct tpm_input_header tpm_readpubek_header = {
- .tag = TPM_TAG_RQU_COMMAND,
+ .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(30),
.ordinal = TPM_ORD_READPUBEK
};
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 4937b56..d88c462 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -215,8 +215,6 @@ struct tpm_output_header {
__be32 return_code;
} __packed;
-#define TPM_TAG_RQU_COMMAND cpu_to_be16(193)
-
struct stclear_flags_t {
__be16 tag;
u8 deactivated;
--
2.9.3
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 2/3] tpm: move ordinals definition to include/linux/tpm_command.h
2017-05-02 12:31 [PATCH 0/3] tpm_pcr_extend() code split Roberto Sassu
2017-05-02 12:31 ` [PATCH 1/3] tpm: use CPU native value for TPM_TAG_RQU_COMMAND Roberto Sassu
@ 2017-05-02 12:31 ` Roberto Sassu
2017-05-03 12:45 ` [tpmdd-devel] " Jarkko Sakkinen
2017-05-03 12:48 ` Jarkko Sakkinen
2017-05-02 12:31 ` [PATCH 3/3] tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend() Roberto Sassu
2 siblings, 2 replies; 9+ messages in thread
From: Roberto Sassu @ 2017-05-02 12:31 UTC (permalink / raw)
To: tpmdd-devel
Cc: linux-ima-devel, linux-security-module, linux-kernel, Roberto Sassu
Move definition from tpm-interface.c to tpm_command.h, so that there is
no duplication. Also convert the ordinals in the tpm_input_header
declarations.
With the previous and this patch it will now be possible to convert TPM 1.2
functions to use tpm_buf_init(), which expect CPU native value for the
tag and ordinal arguments.
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
drivers/char/tpm/tpm-interface.c | 19 ++++++-------------
drivers/char/tpm/tpm-sysfs.c | 3 +--
include/linux/tpm_command.h | 7 +++++++
3 files changed, 14 insertions(+), 15 deletions(-)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 48f5dff..5c2c032 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -469,13 +469,11 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, const void *buf,
#define TPM_DIGEST_SIZE 20
#define TPM_RET_CODE_IDX 6
#define TPM_INTERNAL_RESULT_SIZE 200
-#define TPM_ORD_GET_CAP cpu_to_be32(101)
-#define TPM_ORD_GET_RANDOM cpu_to_be32(70)
static const struct tpm_input_header tpm_getcap_header = {
.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(22),
- .ordinal = TPM_ORD_GET_CAP
+ .ordinal = cpu_to_be32(TPM_ORD_GET_CAP)
};
ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
@@ -510,14 +508,13 @@ ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
}
EXPORT_SYMBOL_GPL(tpm_getcap);
-#define TPM_ORD_STARTUP cpu_to_be32(153)
#define TPM_ST_CLEAR cpu_to_be16(1)
#define TPM_ST_STATE cpu_to_be16(2)
#define TPM_ST_DEACTIVATED cpu_to_be16(3)
static const struct tpm_input_header tpm_startup_header = {
.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(12),
- .ordinal = TPM_ORD_STARTUP
+ .ordinal = cpu_to_be32(TPM_ORD_STARTUP)
};
static int tpm_startup(struct tpm_chip *chip, __be16 startup_type)
@@ -661,7 +658,6 @@ int tpm_get_timeouts(struct tpm_chip *chip)
}
EXPORT_SYMBOL_GPL(tpm_get_timeouts);
-#define TPM_ORD_CONTINUE_SELFTEST 83
#define CONTINUE_SELFTEST_RESULT_SIZE 10
static const struct tpm_input_header continue_selftest_header = {
@@ -688,13 +684,12 @@ static int tpm_continue_selftest(struct tpm_chip *chip)
return rc;
}
-#define TPM_ORDINAL_PCRREAD cpu_to_be32(21)
#define READ_PCR_RESULT_SIZE 30
#define READ_PCR_RESULT_BODY_SIZE 20
static const struct tpm_input_header pcrread_header = {
.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(14),
- .ordinal = TPM_ORDINAL_PCRREAD
+ .ordinal = cpu_to_be32(TPM_ORD_PCRREAD)
};
int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
@@ -766,13 +761,12 @@ int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf)
}
EXPORT_SYMBOL_GPL(tpm_pcr_read);
-#define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
#define EXTEND_PCR_RESULT_SIZE 34
#define EXTEND_PCR_RESULT_BODY_SIZE 20
static const struct tpm_input_header pcrextend_header = {
.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(34),
- .ordinal = TPM_ORD_PCR_EXTEND
+ .ordinal = cpu_to_be32(TPM_ORD_PCREXTEND)
};
/**
@@ -988,13 +982,12 @@ int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
}
EXPORT_SYMBOL_GPL(wait_for_tpm_stat);
-#define TPM_ORD_SAVESTATE cpu_to_be32(152)
#define SAVESTATE_RESULT_SIZE 10
static const struct tpm_input_header savestate_header = {
.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(10),
- .ordinal = TPM_ORD_SAVESTATE
+ .ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
};
/*
@@ -1079,7 +1072,7 @@ EXPORT_SYMBOL_GPL(tpm_pm_resume);
static const struct tpm_input_header tpm_getrandom_header = {
.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(14),
- .ordinal = TPM_ORD_GET_RANDOM
+ .ordinal = cpu_to_be32(TPM_ORD_GETRANDOM)
};
/**
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 69a0741..413ac2c 100644
--- a/drivers/char/tpm/tpm-sysfs.c
+++ b/drivers/char/tpm/tpm-sysfs.c
@@ -23,11 +23,10 @@
#define READ_PUBEK_RESULT_SIZE 314
#define READ_PUBEK_RESULT_MIN_BODY_SIZE (28 + 256)
-#define TPM_ORD_READPUBEK cpu_to_be32(124)
static const struct tpm_input_header tpm_readpubek_header = {
.tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
.length = cpu_to_be32(30),
- .ordinal = TPM_ORD_READPUBEK
+ .ordinal = cpu_to_be32(TPM_ORD_READPUBEK)
};
static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
char *buf)
diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h
index 727512e..0fe58d8 100644
--- a/include/linux/tpm_command.h
+++ b/include/linux/tpm_command.h
@@ -20,6 +20,13 @@
#define TPM_ORD_OIAP 10
#define TPM_ORD_SEAL 23
#define TPM_ORD_UNSEAL 24
+#define TPM_ORD_GET_CAP 101
+#define TPM_ORD_STARTUP 153
+#define TPM_ORD_CONTINUE_SELFTEST 83
+#define TPM_ORD_PCRREAD 21
+#define TPM_ORD_PCREXTEND 20
+#define TPM_ORD_SAVESTATE 152
+#define TPM_ORD_READPUBEK 124
/* Other constants */
#define SRKHANDLE 0x40000000
--
2.9.3
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH 3/3] tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend()
2017-05-02 12:31 [PATCH 0/3] tpm_pcr_extend() code split Roberto Sassu
2017-05-02 12:31 ` [PATCH 1/3] tpm: use CPU native value for TPM_TAG_RQU_COMMAND Roberto Sassu
2017-05-02 12:31 ` [PATCH 2/3] tpm: move ordinals definition to include/linux/tpm_command.h Roberto Sassu
@ 2017-05-02 12:31 ` Roberto Sassu
2017-05-03 12:49 ` Jarkko Sakkinen
2 siblings, 1 reply; 9+ messages in thread
From: Roberto Sassu @ 2017-05-02 12:31 UTC (permalink / raw)
To: tpmdd-devel
Cc: linux-ima-devel, linux-security-module, linux-kernel, Roberto Sassu
In preparation of the modifications to tpm_pcr_extend(), which will
allow callers to supply a digest for each PCR bank of a TPM 2.0,
the TPM 1.2 specific code has been moved to tpm1_pcr_extend().
tpm1_pcr_extend() uses tpm_buf_init() to prepare the command buffer,
which offers protection against buffer overflow. It is called by
tpm_pcr_extend() and tpm_pm_suspend().
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
drivers/char/tpm/tpm-interface.c | 46 +++++++++++++++++++++-------------------
1 file changed, 24 insertions(+), 22 deletions(-)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 5c2c032..9059f67 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -763,11 +763,25 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
#define EXTEND_PCR_RESULT_SIZE 34
#define EXTEND_PCR_RESULT_BODY_SIZE 20
-static const struct tpm_input_header pcrextend_header = {
- .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
- .length = cpu_to_be32(34),
- .ordinal = cpu_to_be32(TPM_ORD_PCREXTEND)
-};
+
+static int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
+ char *log_msg)
+{
+ struct tpm_buf buf;
+ int rc;
+
+ rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCREXTEND);
+ if (rc)
+ return rc;
+
+ tpm_buf_append_u32(&buf, pcr_idx);
+ tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE);
+
+ rc = tpm_transmit_cmd(chip, buf.data, EXTEND_PCR_RESULT_SIZE,
+ EXTEND_PCR_RESULT_BODY_SIZE, 0, log_msg);
+ tpm_buf_destroy(&buf);
+ return rc;
+}
/**
* tpm_pcr_extend - extend pcr value with hash
@@ -781,7 +795,6 @@ static const struct tpm_input_header pcrextend_header = {
*/
int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
{
- struct tpm_cmd_t cmd;
int rc;
struct tpm_chip *chip;
struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)];
@@ -807,13 +820,8 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
return rc;
}
- cmd.header.in = pcrextend_header;
- cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
- memcpy(cmd.params.pcrextend_in.hash, hash, TPM_DIGEST_SIZE);
- rc = tpm_transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
- EXTEND_PCR_RESULT_BODY_SIZE, 0,
- "attempting extend a PCR value");
-
+ rc = tpm1_pcr_extend(chip, pcr_idx, hash,
+ "attempting extend a PCR value");
tpm_put_ops(chip);
return rc;
}
@@ -1011,15 +1019,9 @@ int tpm_pm_suspend(struct device *dev)
}
/* for buggy tpm, flush pcrs with extend to selected dummy */
- if (tpm_suspend_pcr) {
- cmd.header.in = pcrextend_header;
- cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(tpm_suspend_pcr);
- memcpy(cmd.params.pcrextend_in.hash, dummy_hash,
- TPM_DIGEST_SIZE);
- rc = tpm_transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
- EXTEND_PCR_RESULT_BODY_SIZE, 0,
- "extending dummy pcr before suspend");
- }
+ if (tpm_suspend_pcr)
+ rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash,
+ "extending dummy pcr before suspend");
/* now do the actual savestate */
for (try = 0; try < TPM_RETRY; try++) {
--
2.9.3
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [tpmdd-devel] [PATCH 2/3] tpm: move ordinals definition to include/linux/tpm_command.h
2017-05-02 12:31 ` [PATCH 2/3] tpm: move ordinals definition to include/linux/tpm_command.h Roberto Sassu
@ 2017-05-03 12:45 ` Jarkko Sakkinen
2017-05-03 12:48 ` Jarkko Sakkinen
1 sibling, 0 replies; 9+ messages in thread
From: Jarkko Sakkinen @ 2017-05-03 12:45 UTC (permalink / raw)
To: Roberto Sassu
Cc: tpmdd-devel, linux-ima-devel, linux-security-module, linux-kernel
On Tue, May 02, 2017 at 02:31:50PM +0200, Roberto Sassu wrote:
> Move definition from tpm-interface.c to tpm_command.h, so that there is
> no duplication. Also convert the ordinals in the tpm_input_header
> declarations.
>
> With the previous and this patch it will now be possible to convert TPM 1.2
> functions to use tpm_buf_init(), which expect CPU native value for the
> tag and ordinal arguments.
>
> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
/Jarkko
> ---
> drivers/char/tpm/tpm-interface.c | 19 ++++++-------------
> drivers/char/tpm/tpm-sysfs.c | 3 +--
> include/linux/tpm_command.h | 7 +++++++
> 3 files changed, 14 insertions(+), 15 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index 48f5dff..5c2c032 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -469,13 +469,11 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, const void *buf,
> #define TPM_DIGEST_SIZE 20
> #define TPM_RET_CODE_IDX 6
> #define TPM_INTERNAL_RESULT_SIZE 200
> -#define TPM_ORD_GET_CAP cpu_to_be32(101)
> -#define TPM_ORD_GET_RANDOM cpu_to_be32(70)
>
> static const struct tpm_input_header tpm_getcap_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(22),
> - .ordinal = TPM_ORD_GET_CAP
> + .ordinal = cpu_to_be32(TPM_ORD_GET_CAP)
> };
>
> ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> @@ -510,14 +508,13 @@ ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> }
> EXPORT_SYMBOL_GPL(tpm_getcap);
>
> -#define TPM_ORD_STARTUP cpu_to_be32(153)
> #define TPM_ST_CLEAR cpu_to_be16(1)
> #define TPM_ST_STATE cpu_to_be16(2)
> #define TPM_ST_DEACTIVATED cpu_to_be16(3)
> static const struct tpm_input_header tpm_startup_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(12),
> - .ordinal = TPM_ORD_STARTUP
> + .ordinal = cpu_to_be32(TPM_ORD_STARTUP)
> };
>
> static int tpm_startup(struct tpm_chip *chip, __be16 startup_type)
> @@ -661,7 +658,6 @@ int tpm_get_timeouts(struct tpm_chip *chip)
> }
> EXPORT_SYMBOL_GPL(tpm_get_timeouts);
>
> -#define TPM_ORD_CONTINUE_SELFTEST 83
> #define CONTINUE_SELFTEST_RESULT_SIZE 10
>
> static const struct tpm_input_header continue_selftest_header = {
> @@ -688,13 +684,12 @@ static int tpm_continue_selftest(struct tpm_chip *chip)
> return rc;
> }
>
> -#define TPM_ORDINAL_PCRREAD cpu_to_be32(21)
> #define READ_PCR_RESULT_SIZE 30
> #define READ_PCR_RESULT_BODY_SIZE 20
> static const struct tpm_input_header pcrread_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(14),
> - .ordinal = TPM_ORDINAL_PCRREAD
> + .ordinal = cpu_to_be32(TPM_ORD_PCRREAD)
> };
>
> int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> @@ -766,13 +761,12 @@ int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf)
> }
> EXPORT_SYMBOL_GPL(tpm_pcr_read);
>
> -#define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
> #define EXTEND_PCR_RESULT_SIZE 34
> #define EXTEND_PCR_RESULT_BODY_SIZE 20
> static const struct tpm_input_header pcrextend_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(34),
> - .ordinal = TPM_ORD_PCR_EXTEND
> + .ordinal = cpu_to_be32(TPM_ORD_PCREXTEND)
> };
>
> /**
> @@ -988,13 +982,12 @@ int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
> }
> EXPORT_SYMBOL_GPL(wait_for_tpm_stat);
>
> -#define TPM_ORD_SAVESTATE cpu_to_be32(152)
> #define SAVESTATE_RESULT_SIZE 10
>
> static const struct tpm_input_header savestate_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(10),
> - .ordinal = TPM_ORD_SAVESTATE
> + .ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
> };
>
> /*
> @@ -1079,7 +1072,7 @@ EXPORT_SYMBOL_GPL(tpm_pm_resume);
> static const struct tpm_input_header tpm_getrandom_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(14),
> - .ordinal = TPM_ORD_GET_RANDOM
> + .ordinal = cpu_to_be32(TPM_ORD_GETRANDOM)
> };
>
> /**
> diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
> index 69a0741..413ac2c 100644
> --- a/drivers/char/tpm/tpm-sysfs.c
> +++ b/drivers/char/tpm/tpm-sysfs.c
> @@ -23,11 +23,10 @@
>
> #define READ_PUBEK_RESULT_SIZE 314
> #define READ_PUBEK_RESULT_MIN_BODY_SIZE (28 + 256)
> -#define TPM_ORD_READPUBEK cpu_to_be32(124)
> static const struct tpm_input_header tpm_readpubek_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(30),
> - .ordinal = TPM_ORD_READPUBEK
> + .ordinal = cpu_to_be32(TPM_ORD_READPUBEK)
> };
> static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
> char *buf)
> diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h
> index 727512e..0fe58d8 100644
> --- a/include/linux/tpm_command.h
> +++ b/include/linux/tpm_command.h
> @@ -20,6 +20,13 @@
> #define TPM_ORD_OIAP 10
> #define TPM_ORD_SEAL 23
> #define TPM_ORD_UNSEAL 24
> +#define TPM_ORD_GET_CAP 101
> +#define TPM_ORD_STARTUP 153
> +#define TPM_ORD_CONTINUE_SELFTEST 83
> +#define TPM_ORD_PCRREAD 21
> +#define TPM_ORD_PCREXTEND 20
> +#define TPM_ORD_SAVESTATE 152
> +#define TPM_ORD_READPUBEK 124
>
> /* Other constants */
> #define SRKHANDLE 0x40000000
> --
> 2.9.3
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> tpmdd-devel mailing list
> tpmdd-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [tpmdd-devel] [PATCH 2/3] tpm: move ordinals definition to include/linux/tpm_command.h
2017-05-02 12:31 ` [PATCH 2/3] tpm: move ordinals definition to include/linux/tpm_command.h Roberto Sassu
2017-05-03 12:45 ` [tpmdd-devel] " Jarkko Sakkinen
@ 2017-05-03 12:48 ` Jarkko Sakkinen
2017-05-03 14:27 ` Roberto Sassu
1 sibling, 1 reply; 9+ messages in thread
From: Jarkko Sakkinen @ 2017-05-03 12:48 UTC (permalink / raw)
To: Roberto Sassu
Cc: tpmdd-devel, linux-ima-devel, linux-security-module, linux-kernel
On Tue, May 02, 2017 at 02:31:50PM +0200, Roberto Sassu wrote:
> Move definition from tpm-interface.c to tpm_command.h, so that there is
> no duplication. Also convert the ordinals in the tpm_input_header
> declarations.
>
> With the previous and this patch it will now be possible to convert TPM 1.2
> functions to use tpm_buf_init(), which expect CPU native value for the
> tag and ordinal arguments.
ORD ought not be used outside of drivers/char/tpm. TPM 1.2 trusted
keys does use this header but it should be eventually moved to
drivers/char/tpm (not done because of other stuff at this point).
/Jarkko
>
> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> ---
> drivers/char/tpm/tpm-interface.c | 19 ++++++-------------
> drivers/char/tpm/tpm-sysfs.c | 3 +--
> include/linux/tpm_command.h | 7 +++++++
> 3 files changed, 14 insertions(+), 15 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index 48f5dff..5c2c032 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -469,13 +469,11 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, const void *buf,
> #define TPM_DIGEST_SIZE 20
> #define TPM_RET_CODE_IDX 6
> #define TPM_INTERNAL_RESULT_SIZE 200
> -#define TPM_ORD_GET_CAP cpu_to_be32(101)
> -#define TPM_ORD_GET_RANDOM cpu_to_be32(70)
>
> static const struct tpm_input_header tpm_getcap_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(22),
> - .ordinal = TPM_ORD_GET_CAP
> + .ordinal = cpu_to_be32(TPM_ORD_GET_CAP)
> };
>
> ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> @@ -510,14 +508,13 @@ ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> }
> EXPORT_SYMBOL_GPL(tpm_getcap);
>
> -#define TPM_ORD_STARTUP cpu_to_be32(153)
> #define TPM_ST_CLEAR cpu_to_be16(1)
> #define TPM_ST_STATE cpu_to_be16(2)
> #define TPM_ST_DEACTIVATED cpu_to_be16(3)
> static const struct tpm_input_header tpm_startup_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(12),
> - .ordinal = TPM_ORD_STARTUP
> + .ordinal = cpu_to_be32(TPM_ORD_STARTUP)
> };
>
> static int tpm_startup(struct tpm_chip *chip, __be16 startup_type)
> @@ -661,7 +658,6 @@ int tpm_get_timeouts(struct tpm_chip *chip)
> }
> EXPORT_SYMBOL_GPL(tpm_get_timeouts);
>
> -#define TPM_ORD_CONTINUE_SELFTEST 83
> #define CONTINUE_SELFTEST_RESULT_SIZE 10
>
> static const struct tpm_input_header continue_selftest_header = {
> @@ -688,13 +684,12 @@ static int tpm_continue_selftest(struct tpm_chip *chip)
> return rc;
> }
>
> -#define TPM_ORDINAL_PCRREAD cpu_to_be32(21)
> #define READ_PCR_RESULT_SIZE 30
> #define READ_PCR_RESULT_BODY_SIZE 20
> static const struct tpm_input_header pcrread_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(14),
> - .ordinal = TPM_ORDINAL_PCRREAD
> + .ordinal = cpu_to_be32(TPM_ORD_PCRREAD)
> };
>
> int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> @@ -766,13 +761,12 @@ int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf)
> }
> EXPORT_SYMBOL_GPL(tpm_pcr_read);
>
> -#define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
> #define EXTEND_PCR_RESULT_SIZE 34
> #define EXTEND_PCR_RESULT_BODY_SIZE 20
> static const struct tpm_input_header pcrextend_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(34),
> - .ordinal = TPM_ORD_PCR_EXTEND
> + .ordinal = cpu_to_be32(TPM_ORD_PCREXTEND)
> };
>
> /**
> @@ -988,13 +982,12 @@ int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
> }
> EXPORT_SYMBOL_GPL(wait_for_tpm_stat);
>
> -#define TPM_ORD_SAVESTATE cpu_to_be32(152)
> #define SAVESTATE_RESULT_SIZE 10
>
> static const struct tpm_input_header savestate_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(10),
> - .ordinal = TPM_ORD_SAVESTATE
> + .ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
> };
>
> /*
> @@ -1079,7 +1072,7 @@ EXPORT_SYMBOL_GPL(tpm_pm_resume);
> static const struct tpm_input_header tpm_getrandom_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(14),
> - .ordinal = TPM_ORD_GET_RANDOM
> + .ordinal = cpu_to_be32(TPM_ORD_GETRANDOM)
> };
>
> /**
> diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
> index 69a0741..413ac2c 100644
> --- a/drivers/char/tpm/tpm-sysfs.c
> +++ b/drivers/char/tpm/tpm-sysfs.c
> @@ -23,11 +23,10 @@
>
> #define READ_PUBEK_RESULT_SIZE 314
> #define READ_PUBEK_RESULT_MIN_BODY_SIZE (28 + 256)
> -#define TPM_ORD_READPUBEK cpu_to_be32(124)
> static const struct tpm_input_header tpm_readpubek_header = {
> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> .length = cpu_to_be32(30),
> - .ordinal = TPM_ORD_READPUBEK
> + .ordinal = cpu_to_be32(TPM_ORD_READPUBEK)
> };
> static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
> char *buf)
> diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h
> index 727512e..0fe58d8 100644
> --- a/include/linux/tpm_command.h
> +++ b/include/linux/tpm_command.h
> @@ -20,6 +20,13 @@
> #define TPM_ORD_OIAP 10
> #define TPM_ORD_SEAL 23
> #define TPM_ORD_UNSEAL 24
> +#define TPM_ORD_GET_CAP 101
> +#define TPM_ORD_STARTUP 153
> +#define TPM_ORD_CONTINUE_SELFTEST 83
> +#define TPM_ORD_PCRREAD 21
> +#define TPM_ORD_PCREXTEND 20
> +#define TPM_ORD_SAVESTATE 152
> +#define TPM_ORD_READPUBEK 124
>
> /* Other constants */
> #define SRKHANDLE 0x40000000
> --
> 2.9.3
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> tpmdd-devel mailing list
> tpmdd-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH 3/3] tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend()
2017-05-02 12:31 ` [PATCH 3/3] tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend() Roberto Sassu
@ 2017-05-03 12:49 ` Jarkko Sakkinen
0 siblings, 0 replies; 9+ messages in thread
From: Jarkko Sakkinen @ 2017-05-03 12:49 UTC (permalink / raw)
To: Roberto Sassu
Cc: tpmdd-devel, linux-ima-devel, linux-security-module, linux-kernel
On Tue, May 02, 2017 at 02:31:51PM +0200, Roberto Sassu wrote:
> In preparation of the modifications to tpm_pcr_extend(), which will
> allow callers to supply a digest for each PCR bank of a TPM 2.0,
> the TPM 1.2 specific code has been moved to tpm1_pcr_extend().
>
> tpm1_pcr_extend() uses tpm_buf_init() to prepare the command buffer,
> which offers protection against buffer overflow. It is called by
> tpm_pcr_extend() and tpm_pm_suspend().
>
> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
/Jarkko
> ---
> drivers/char/tpm/tpm-interface.c | 46 +++++++++++++++++++++-------------------
> 1 file changed, 24 insertions(+), 22 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index 5c2c032..9059f67 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -763,11 +763,25 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
>
> #define EXTEND_PCR_RESULT_SIZE 34
> #define EXTEND_PCR_RESULT_BODY_SIZE 20
> -static const struct tpm_input_header pcrextend_header = {
> - .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> - .length = cpu_to_be32(34),
> - .ordinal = cpu_to_be32(TPM_ORD_PCREXTEND)
> -};
> +
> +static int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash,
> + char *log_msg)
> +{
> + struct tpm_buf buf;
> + int rc;
> +
> + rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCREXTEND);
> + if (rc)
> + return rc;
> +
> + tpm_buf_append_u32(&buf, pcr_idx);
> + tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE);
> +
> + rc = tpm_transmit_cmd(chip, buf.data, EXTEND_PCR_RESULT_SIZE,
> + EXTEND_PCR_RESULT_BODY_SIZE, 0, log_msg);
> + tpm_buf_destroy(&buf);
> + return rc;
> +}
>
> /**
> * tpm_pcr_extend - extend pcr value with hash
> @@ -781,7 +795,6 @@ static const struct tpm_input_header pcrextend_header = {
> */
> int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
> {
> - struct tpm_cmd_t cmd;
> int rc;
> struct tpm_chip *chip;
> struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)];
> @@ -807,13 +820,8 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
> return rc;
> }
>
> - cmd.header.in = pcrextend_header;
> - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
> - memcpy(cmd.params.pcrextend_in.hash, hash, TPM_DIGEST_SIZE);
> - rc = tpm_transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
> - EXTEND_PCR_RESULT_BODY_SIZE, 0,
> - "attempting extend a PCR value");
> -
> + rc = tpm1_pcr_extend(chip, pcr_idx, hash,
> + "attempting extend a PCR value");
> tpm_put_ops(chip);
> return rc;
> }
> @@ -1011,15 +1019,9 @@ int tpm_pm_suspend(struct device *dev)
> }
>
> /* for buggy tpm, flush pcrs with extend to selected dummy */
> - if (tpm_suspend_pcr) {
> - cmd.header.in = pcrextend_header;
> - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(tpm_suspend_pcr);
> - memcpy(cmd.params.pcrextend_in.hash, dummy_hash,
> - TPM_DIGEST_SIZE);
> - rc = tpm_transmit_cmd(chip, &cmd, EXTEND_PCR_RESULT_SIZE,
> - EXTEND_PCR_RESULT_BODY_SIZE, 0,
> - "extending dummy pcr before suspend");
> - }
> + if (tpm_suspend_pcr)
> + rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash,
> + "extending dummy pcr before suspend");
>
> /* now do the actual savestate */
> for (try = 0; try < TPM_RETRY; try++) {
> --
> 2.9.3
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [tpmdd-devel] [PATCH 2/3] tpm: move ordinals definition to include/linux/tpm_command.h
2017-05-03 12:48 ` Jarkko Sakkinen
@ 2017-05-03 14:27 ` Roberto Sassu
2017-05-04 8:09 ` Jarkko Sakkinen
0 siblings, 1 reply; 9+ messages in thread
From: Roberto Sassu @ 2017-05-03 14:27 UTC (permalink / raw)
To: Jarkko Sakkinen
Cc: tpmdd-devel, linux-ima-devel, linux-security-module, linux-kernel
On 5/3/2017 2:48 PM, Jarkko Sakkinen wrote:
> ORD ought not be used outside of drivers/char/tpm. TPM 1.2 trusted
> keys does use this header but it should be eventually moved to
> drivers/char/tpm (not done because of other stuff at this point).
Ok. Then, I just move the ordinal conversion to the tpm_input_header
declaration.
Probably, the Reviewed-by in your previous email was for patch 1/3.
Thanks
Roberto
>
> /Jarkko
>
>>
>> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
>> ---
>> drivers/char/tpm/tpm-interface.c | 19 ++++++-------------
>> drivers/char/tpm/tpm-sysfs.c | 3 +--
>> include/linux/tpm_command.h | 7 +++++++
>> 3 files changed, 14 insertions(+), 15 deletions(-)
>>
>> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
>> index 48f5dff..5c2c032 100644
>> --- a/drivers/char/tpm/tpm-interface.c
>> +++ b/drivers/char/tpm/tpm-interface.c
>> @@ -469,13 +469,11 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, const void *buf,
>> #define TPM_DIGEST_SIZE 20
>> #define TPM_RET_CODE_IDX 6
>> #define TPM_INTERNAL_RESULT_SIZE 200
>> -#define TPM_ORD_GET_CAP cpu_to_be32(101)
>> -#define TPM_ORD_GET_RANDOM cpu_to_be32(70)
>>
>> static const struct tpm_input_header tpm_getcap_header = {
>> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
>> .length = cpu_to_be32(22),
>> - .ordinal = TPM_ORD_GET_CAP
>> + .ordinal = cpu_to_be32(TPM_ORD_GET_CAP)
>> };
>>
>> ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
>> @@ -510,14 +508,13 @@ ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
>> }
>> EXPORT_SYMBOL_GPL(tpm_getcap);
>>
>> -#define TPM_ORD_STARTUP cpu_to_be32(153)
>> #define TPM_ST_CLEAR cpu_to_be16(1)
>> #define TPM_ST_STATE cpu_to_be16(2)
>> #define TPM_ST_DEACTIVATED cpu_to_be16(3)
>> static const struct tpm_input_header tpm_startup_header = {
>> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
>> .length = cpu_to_be32(12),
>> - .ordinal = TPM_ORD_STARTUP
>> + .ordinal = cpu_to_be32(TPM_ORD_STARTUP)
>> };
>>
>> static int tpm_startup(struct tpm_chip *chip, __be16 startup_type)
>> @@ -661,7 +658,6 @@ int tpm_get_timeouts(struct tpm_chip *chip)
>> }
>> EXPORT_SYMBOL_GPL(tpm_get_timeouts);
>>
>> -#define TPM_ORD_CONTINUE_SELFTEST 83
>> #define CONTINUE_SELFTEST_RESULT_SIZE 10
>>
>> static const struct tpm_input_header continue_selftest_header = {
>> @@ -688,13 +684,12 @@ static int tpm_continue_selftest(struct tpm_chip *chip)
>> return rc;
>> }
>>
>> -#define TPM_ORDINAL_PCRREAD cpu_to_be32(21)
>> #define READ_PCR_RESULT_SIZE 30
>> #define READ_PCR_RESULT_BODY_SIZE 20
>> static const struct tpm_input_header pcrread_header = {
>> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
>> .length = cpu_to_be32(14),
>> - .ordinal = TPM_ORDINAL_PCRREAD
>> + .ordinal = cpu_to_be32(TPM_ORD_PCRREAD)
>> };
>>
>> int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
>> @@ -766,13 +761,12 @@ int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf)
>> }
>> EXPORT_SYMBOL_GPL(tpm_pcr_read);
>>
>> -#define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
>> #define EXTEND_PCR_RESULT_SIZE 34
>> #define EXTEND_PCR_RESULT_BODY_SIZE 20
>> static const struct tpm_input_header pcrextend_header = {
>> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
>> .length = cpu_to_be32(34),
>> - .ordinal = TPM_ORD_PCR_EXTEND
>> + .ordinal = cpu_to_be32(TPM_ORD_PCREXTEND)
>> };
>>
>> /**
>> @@ -988,13 +982,12 @@ int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
>> }
>> EXPORT_SYMBOL_GPL(wait_for_tpm_stat);
>>
>> -#define TPM_ORD_SAVESTATE cpu_to_be32(152)
>> #define SAVESTATE_RESULT_SIZE 10
>>
>> static const struct tpm_input_header savestate_header = {
>> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
>> .length = cpu_to_be32(10),
>> - .ordinal = TPM_ORD_SAVESTATE
>> + .ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
>> };
>>
>> /*
>> @@ -1079,7 +1072,7 @@ EXPORT_SYMBOL_GPL(tpm_pm_resume);
>> static const struct tpm_input_header tpm_getrandom_header = {
>> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
>> .length = cpu_to_be32(14),
>> - .ordinal = TPM_ORD_GET_RANDOM
>> + .ordinal = cpu_to_be32(TPM_ORD_GETRANDOM)
>> };
>>
>> /**
>> diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
>> index 69a0741..413ac2c 100644
>> --- a/drivers/char/tpm/tpm-sysfs.c
>> +++ b/drivers/char/tpm/tpm-sysfs.c
>> @@ -23,11 +23,10 @@
>>
>> #define READ_PUBEK_RESULT_SIZE 314
>> #define READ_PUBEK_RESULT_MIN_BODY_SIZE (28 + 256)
>> -#define TPM_ORD_READPUBEK cpu_to_be32(124)
>> static const struct tpm_input_header tpm_readpubek_header = {
>> .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
>> .length = cpu_to_be32(30),
>> - .ordinal = TPM_ORD_READPUBEK
>> + .ordinal = cpu_to_be32(TPM_ORD_READPUBEK)
>> };
>> static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
>> char *buf)
>> diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h
>> index 727512e..0fe58d8 100644
>> --- a/include/linux/tpm_command.h
>> +++ b/include/linux/tpm_command.h
>> @@ -20,6 +20,13 @@
>> #define TPM_ORD_OIAP 10
>> #define TPM_ORD_SEAL 23
>> #define TPM_ORD_UNSEAL 24
>> +#define TPM_ORD_GET_CAP 101
>> +#define TPM_ORD_STARTUP 153
>> +#define TPM_ORD_CONTINUE_SELFTEST 83
>> +#define TPM_ORD_PCRREAD 21
>> +#define TPM_ORD_PCREXTEND 20
>> +#define TPM_ORD_SAVESTATE 152
>> +#define TPM_ORD_READPUBEK 124
>>
>> /* Other constants */
>> #define SRKHANDLE 0x40000000
>> --
>> 2.9.3
>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> tpmdd-devel mailing list
>> tpmdd-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [tpmdd-devel] [PATCH 2/3] tpm: move ordinals definition to include/linux/tpm_command.h
2017-05-03 14:27 ` Roberto Sassu
@ 2017-05-04 8:09 ` Jarkko Sakkinen
0 siblings, 0 replies; 9+ messages in thread
From: Jarkko Sakkinen @ 2017-05-04 8:09 UTC (permalink / raw)
To: Roberto Sassu
Cc: tpmdd-devel, linux-ima-devel, linux-security-module, linux-kernel
On Wed, May 03, 2017 at 04:27:20PM +0200, Roberto Sassu wrote:
> On 5/3/2017 2:48 PM, Jarkko Sakkinen wrote:
> > ORD ought not be used outside of drivers/char/tpm. TPM 1.2 trusted
> > keys does use this header but it should be eventually moved to
> > drivers/char/tpm (not done because of other stuff at this point).
>
> Ok. Then, I just move the ordinal conversion to the tpm_input_header
> declaration.
>
> Probably, the Reviewed-by in your previous email was for patch 1/3.
Yes, it was!
> Thanks
>
> Roberto
/Jarkko
>
>
> >
> > /Jarkko
> >
> > >
> > > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> > > ---
> > > drivers/char/tpm/tpm-interface.c | 19 ++++++-------------
> > > drivers/char/tpm/tpm-sysfs.c | 3 +--
> > > include/linux/tpm_command.h | 7 +++++++
> > > 3 files changed, 14 insertions(+), 15 deletions(-)
> > >
> > > diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> > > index 48f5dff..5c2c032 100644
> > > --- a/drivers/char/tpm/tpm-interface.c
> > > +++ b/drivers/char/tpm/tpm-interface.c
> > > @@ -469,13 +469,11 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, const void *buf,
> > > #define TPM_DIGEST_SIZE 20
> > > #define TPM_RET_CODE_IDX 6
> > > #define TPM_INTERNAL_RESULT_SIZE 200
> > > -#define TPM_ORD_GET_CAP cpu_to_be32(101)
> > > -#define TPM_ORD_GET_RANDOM cpu_to_be32(70)
> > >
> > > static const struct tpm_input_header tpm_getcap_header = {
> > > .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> > > .length = cpu_to_be32(22),
> > > - .ordinal = TPM_ORD_GET_CAP
> > > + .ordinal = cpu_to_be32(TPM_ORD_GET_CAP)
> > > };
> > >
> > > ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> > > @@ -510,14 +508,13 @@ ssize_t tpm_getcap(struct tpm_chip *chip, u32 subcap_id, cap_t *cap,
> > > }
> > > EXPORT_SYMBOL_GPL(tpm_getcap);
> > >
> > > -#define TPM_ORD_STARTUP cpu_to_be32(153)
> > > #define TPM_ST_CLEAR cpu_to_be16(1)
> > > #define TPM_ST_STATE cpu_to_be16(2)
> > > #define TPM_ST_DEACTIVATED cpu_to_be16(3)
> > > static const struct tpm_input_header tpm_startup_header = {
> > > .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> > > .length = cpu_to_be32(12),
> > > - .ordinal = TPM_ORD_STARTUP
> > > + .ordinal = cpu_to_be32(TPM_ORD_STARTUP)
> > > };
> > >
> > > static int tpm_startup(struct tpm_chip *chip, __be16 startup_type)
> > > @@ -661,7 +658,6 @@ int tpm_get_timeouts(struct tpm_chip *chip)
> > > }
> > > EXPORT_SYMBOL_GPL(tpm_get_timeouts);
> > >
> > > -#define TPM_ORD_CONTINUE_SELFTEST 83
> > > #define CONTINUE_SELFTEST_RESULT_SIZE 10
> > >
> > > static const struct tpm_input_header continue_selftest_header = {
> > > @@ -688,13 +684,12 @@ static int tpm_continue_selftest(struct tpm_chip *chip)
> > > return rc;
> > > }
> > >
> > > -#define TPM_ORDINAL_PCRREAD cpu_to_be32(21)
> > > #define READ_PCR_RESULT_SIZE 30
> > > #define READ_PCR_RESULT_BODY_SIZE 20
> > > static const struct tpm_input_header pcrread_header = {
> > > .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> > > .length = cpu_to_be32(14),
> > > - .ordinal = TPM_ORDINAL_PCRREAD
> > > + .ordinal = cpu_to_be32(TPM_ORD_PCRREAD)
> > > };
> > >
> > > int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> > > @@ -766,13 +761,12 @@ int tpm_pcr_read(u32 chip_num, int pcr_idx, u8 *res_buf)
> > > }
> > > EXPORT_SYMBOL_GPL(tpm_pcr_read);
> > >
> > > -#define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
> > > #define EXTEND_PCR_RESULT_SIZE 34
> > > #define EXTEND_PCR_RESULT_BODY_SIZE 20
> > > static const struct tpm_input_header pcrextend_header = {
> > > .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> > > .length = cpu_to_be32(34),
> > > - .ordinal = TPM_ORD_PCR_EXTEND
> > > + .ordinal = cpu_to_be32(TPM_ORD_PCREXTEND)
> > > };
> > >
> > > /**
> > > @@ -988,13 +982,12 @@ int wait_for_tpm_stat(struct tpm_chip *chip, u8 mask, unsigned long timeout,
> > > }
> > > EXPORT_SYMBOL_GPL(wait_for_tpm_stat);
> > >
> > > -#define TPM_ORD_SAVESTATE cpu_to_be32(152)
> > > #define SAVESTATE_RESULT_SIZE 10
> > >
> > > static const struct tpm_input_header savestate_header = {
> > > .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> > > .length = cpu_to_be32(10),
> > > - .ordinal = TPM_ORD_SAVESTATE
> > > + .ordinal = cpu_to_be32(TPM_ORD_SAVESTATE)
> > > };
> > >
> > > /*
> > > @@ -1079,7 +1072,7 @@ EXPORT_SYMBOL_GPL(tpm_pm_resume);
> > > static const struct tpm_input_header tpm_getrandom_header = {
> > > .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> > > .length = cpu_to_be32(14),
> > > - .ordinal = TPM_ORD_GET_RANDOM
> > > + .ordinal = cpu_to_be32(TPM_ORD_GETRANDOM)
> > > };
> > >
> > > /**
> > > diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
> > > index 69a0741..413ac2c 100644
> > > --- a/drivers/char/tpm/tpm-sysfs.c
> > > +++ b/drivers/char/tpm/tpm-sysfs.c
> > > @@ -23,11 +23,10 @@
> > >
> > > #define READ_PUBEK_RESULT_SIZE 314
> > > #define READ_PUBEK_RESULT_MIN_BODY_SIZE (28 + 256)
> > > -#define TPM_ORD_READPUBEK cpu_to_be32(124)
> > > static const struct tpm_input_header tpm_readpubek_header = {
> > > .tag = cpu_to_be16(TPM_TAG_RQU_COMMAND),
> > > .length = cpu_to_be32(30),
> > > - .ordinal = TPM_ORD_READPUBEK
> > > + .ordinal = cpu_to_be32(TPM_ORD_READPUBEK)
> > > };
> > > static ssize_t pubek_show(struct device *dev, struct device_attribute *attr,
> > > char *buf)
> > > diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h
> > > index 727512e..0fe58d8 100644
> > > --- a/include/linux/tpm_command.h
> > > +++ b/include/linux/tpm_command.h
> > > @@ -20,6 +20,13 @@
> > > #define TPM_ORD_OIAP 10
> > > #define TPM_ORD_SEAL 23
> > > #define TPM_ORD_UNSEAL 24
> > > +#define TPM_ORD_GET_CAP 101
> > > +#define TPM_ORD_STARTUP 153
> > > +#define TPM_ORD_CONTINUE_SELFTEST 83
> > > +#define TPM_ORD_PCRREAD 21
> > > +#define TPM_ORD_PCREXTEND 20
> > > +#define TPM_ORD_SAVESTATE 152
> > > +#define TPM_ORD_READPUBEK 124
> > >
> > > /* Other constants */
> > > #define SRKHANDLE 0x40000000
> > > --
> > > 2.9.3
> > >
> > >
> > > ------------------------------------------------------------------------------
> > > Check out the vibrant tech community on one of the world's most
> > > engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> > > _______________________________________________
> > > tpmdd-devel mailing list
> > > tpmdd-devel@lists.sourceforge.net
> > > https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2017-05-04 8:09 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-05-02 12:31 [PATCH 0/3] tpm_pcr_extend() code split Roberto Sassu
2017-05-02 12:31 ` [PATCH 1/3] tpm: use CPU native value for TPM_TAG_RQU_COMMAND Roberto Sassu
2017-05-02 12:31 ` [PATCH 2/3] tpm: move ordinals definition to include/linux/tpm_command.h Roberto Sassu
2017-05-03 12:45 ` [tpmdd-devel] " Jarkko Sakkinen
2017-05-03 12:48 ` Jarkko Sakkinen
2017-05-03 14:27 ` Roberto Sassu
2017-05-04 8:09 ` Jarkko Sakkinen
2017-05-02 12:31 ` [PATCH 3/3] tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend() Roberto Sassu
2017-05-03 12:49 ` Jarkko Sakkinen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).