From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: linux-integrity@vger.kernel.org
Cc: Jarkko Sakkinen <jarkko@kernel.org>,
keyrings@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>
Subject: [PATCH v6 10/20] tpm: add buffer function to point to returned parameters
Date: Tue, 2 Jan 2024 12:03:58 -0500 [thread overview]
Message-ID: <20240102170408.21969-11-James.Bottomley@HansenPartnership.com> (raw)
In-Reply-To: <20240102170408.21969-1-James.Bottomley@HansenPartnership.com>
Replace all instances of &buf.data[TPM_HEADER_SIZE] with a new
function tpm_buf_parameters() because encryption sessions change
where the return parameters are located in the buffer since if a
return session is present they're 4 bytes beyond the header with those
4 bytes giving the parameter length. If there is no return session,
then they're in the usual place immediately after the header.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
---
v4: add kdoc
v5: update kdoc add review
---
drivers/char/tpm/tpm-buf.c | 28 ++++++++++++++++++++++++++++
include/linux/tpm.h | 2 ++
2 files changed, 30 insertions(+)
diff --git a/drivers/char/tpm/tpm-buf.c b/drivers/char/tpm/tpm-buf.c
index 32619e9ab4fa..bb81180495d1 100644
--- a/drivers/char/tpm/tpm-buf.c
+++ b/drivers/char/tpm/tpm-buf.c
@@ -220,3 +220,31 @@ u32 tpm_buf_read_u32(struct tpm_buf *buf, off_t *offset)
return be32_to_cpu(value);
}
EXPORT_SYMBOL_GPL(tpm_buf_read_u32);
+
+static u16 tpm_buf_tag(struct tpm_buf *buf)
+{
+ struct tpm_header *head = (struct tpm_header *)buf->data;
+
+ return be16_to_cpu(head->tag);
+}
+
+/**
+ * tpm_buf_parameters - return the TPM response parameters area of the tpm_buf
+ * @buf: tpm_buf to use
+ *
+ * Where the parameters are located depends on the tag of a TPM
+ * command (it's immediately after the header for TPM_ST_NO_SESSIONS
+ * or 4 bytes after for TPM_ST_SESSIONS). Evaluate this and return a
+ * pointer to the first byte of the parameters area.
+ *
+ * @return: pointer to parameters area
+ */
+u8 *tpm_buf_parameters(struct tpm_buf *buf)
+{
+ int offset = TPM_HEADER_SIZE;
+
+ if (tpm_buf_tag(buf) == TPM2_ST_SESSIONS)
+ offset += 4;
+
+ return &buf->data[offset];
+}
diff --git a/include/linux/tpm.h b/include/linux/tpm.h
index e8172f81c562..6be263509e81 100644
--- a/include/linux/tpm.h
+++ b/include/linux/tpm.h
@@ -344,6 +344,8 @@ u8 tpm_buf_read_u8(struct tpm_buf *buf, off_t *offset);
u16 tpm_buf_read_u16(struct tpm_buf *buf, off_t *offset);
u32 tpm_buf_read_u32(struct tpm_buf *buf, off_t *offset);
+u8 *tpm_buf_parameters(struct tpm_buf *buf);
+
/*
* Check if TPM device is in the firmware upgrade mode.
*/
--
2.35.3
next prev parent reply other threads:[~2024-01-02 17:11 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-02 17:03 [PATCH v6 00/20] add integrity and security to TPM2 transactions James Bottomley
2024-01-02 17:03 ` [PATCH v6 01/20] tpm: Remove unused tpm_buf_tag() James Bottomley
2024-01-02 17:03 ` [PATCH v6 02/20] tpm: Remove tpm_send() James Bottomley
2024-01-02 17:03 ` [PATCH v6 03/20] tpm: Move buffer handling from static inlines to real functions James Bottomley
2024-01-02 17:03 ` [PATCH v6 04/20] tpm: Update struct tpm_buf documentation comments James Bottomley
2024-01-02 17:03 ` [PATCH v6 05/20] tpm: Store the length of the tpm_buf data separately James Bottomley
2024-01-02 17:03 ` [PATCH v6 06/20] tpm: TPM2B formatted buffers James Bottomley
2024-01-02 17:03 ` [PATCH v6 07/20] tpm: Add tpm_buf_read_{u8,u16,u32} James Bottomley
2024-01-02 17:03 ` [PATCH v6 08/20] KEYS: trusted: tpm2: Use struct tpm_buf for sized buffers James Bottomley
2024-01-02 17:03 ` [PATCH v6 09/20] crypto: lib - implement library version of AES in CFB mode James Bottomley
2024-01-03 14:59 ` Jarkko Sakkinen
2024-01-02 17:03 ` James Bottomley [this message]
2024-01-03 15:00 ` [PATCH v6 10/20] tpm: add buffer function to point to returned parameters Jarkko Sakkinen
2024-01-02 17:03 ` [PATCH v6 11/20] tpm: export the context save and load commands James Bottomley
2024-01-03 15:01 ` Jarkko Sakkinen
2024-01-02 17:04 ` [PATCH v6 12/20] tpm: Add NULL primary creation James Bottomley
2024-01-03 15:11 ` Jarkko Sakkinen
2024-01-03 15:25 ` James Bottomley
2024-01-04 17:56 ` Jarkko Sakkinen
2024-01-02 17:04 ` [PATCH v6 13/20] tpm: Add HMAC session start and end functions James Bottomley
2024-01-03 15:18 ` Jarkko Sakkinen
2024-01-03 15:31 ` James Bottomley
2024-01-04 18:09 ` Jarkko Sakkinen
2024-01-04 22:25 ` James Bottomley
2024-01-05 15:36 ` Jarkko Sakkinen
2024-01-02 17:04 ` [PATCH v6 14/20] tpm: Add HMAC session name/handle append James Bottomley
2024-01-03 15:19 ` Jarkko Sakkinen
2024-01-02 17:04 ` [PATCH v6 15/20] tpm: Add the rest of the session HMAC API James Bottomley
2024-01-03 15:20 ` Jarkko Sakkinen
2024-01-02 17:04 ` [PATCH v6 16/20] tpm: add hmac checks to tpm2_pcr_extend() James Bottomley
2024-01-03 15:21 ` Jarkko Sakkinen
2024-01-02 17:04 ` [PATCH v6 17/20] tpm: add session encryption protection to tpm2_get_random() James Bottomley
2024-01-03 15:21 ` Jarkko Sakkinen
2024-01-02 17:04 ` [PATCH v6 18/20] KEYS: trusted: Add session encryption protection to the seal/unseal path James Bottomley
2024-01-03 15:22 ` Jarkko Sakkinen
2024-01-02 17:04 ` [PATCH v6 19/20] tpm: add the null key name as a sysfs export James Bottomley
2024-01-03 15:22 ` Jarkko Sakkinen
2024-01-02 17:04 ` [PATCH v6 20/20] Documentation: add tpm-security.rst James Bottomley
2024-01-03 15:24 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240102170408.21969-11-James.Bottomley@HansenPartnership.com \
--to=james.bottomley@hansenpartnership.com \
--cc=ardb@kernel.org \
--cc=jarkko@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.