| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This commit adds support for requesting and relinquishing locality 0 in
tpm_crb for the course of command transmission.
In order to achieve this, two new callbacks are added to struct
tpm_class_ops:
- request_locality
- relinquish_locality
With CRB interface you first set either requestAccess or relinquish bit
from TPM_LOC_CTRL_x register and then wait for locAssigned and
tpmRegValidSts bits to be set in the TPM_LOC_STATE_x register.
The reason why were are doing this is to make sure that the driver
will work properly with Intel TXT that uses locality 2. There's no
explicit guarantee that it would relinquish this locality. In more
general sense this commit enables tpm_crb to be a well behaving
citizen in a multi locality environment.
Signed-off-by: Jarkko Sakkinen <[email protected]>
Reviewed-by: Jerry Snitselaar <[email protected]>
Tested-by: Jerry Snitselaar <[email protected]>
|
|
The TCG standard startup sequence (get timeouts, tpm startup, etc) for
TPM and TPM2 chips is being open coded in many drivers, move it into
the core code.
tpm_tis and tpm_crb are used as the basis for the core code
implementation and the easy drivers are converted. In the process
several small drivers bugs relating to error handling this flow
are fixed.
For now the flag TPM_OPS_AUTO_STARTUP is optional to allow a staged
driver roll out, but ultimately all drivers should use this flow and
the flag removed. Some drivers still do not implement the startup
sequence at all and will need to be tested with it enabled.
Signed-off-by: Jason Gunthorpe <[email protected]>
Tested-by: Andrew Zamansky <[email protected]>
Reviewed-by: Jarkko Sakkinen <[email protected]>
Signed-off-by: Jarkko Sakkinen <[email protected]>
|
|
Added tpm_trusted_seal() and tpm_trusted_unseal() API for sealing
trusted keys.
This patch implements basic sealing and unsealing functionality for
TPM 2.0:
* Seal with a parent key using a 20 byte auth value.
* Unseal with a parent key using a 20 byte auth value.
Signed-off-by: Jarkko Sakkinen <[email protected]>
Signed-off-by: Peter Huewe <[email protected]>
|
|
Some Atmel TPMs provide completely wrong timeouts from their
TPM_CAP_PROP_TIS_TIMEOUT query. This patch detects that and returns
new correct values via a DID/VID table in the TIS driver.
Tested on ARM using an AT97SC3204T FW version 37.16
Cc: <[email protected]>
[PHuewe: without this fix these 'broken' Atmel TPMs won't function on
older kernels]
Signed-off-by: "Berg, Christopher" <[email protected]>
Signed-off-by: Jason Gunthorpe <[email protected]>
Signed-off-by: Peter Huewe <[email protected]>
|
|
This replaces the static initialization of a tpm_vendor_specific
structure in the drivers with the standard Linux idiom of providing
a const structure of function pointers.
Signed-off-by: Jason Gunthorpe <[email protected]>
Reviewed-by: Joel Schopp <[email protected]>
Reviewed-by: Ashley Lai <[email protected]>
[phuewe: did apply manually due to commit
191ffc6bde3 tpm/tpm_i2c_atmel: fix coccinelle warnings]
Signed-off-by: Peter Huewe <[email protected]>
|
|
IMA requires access to TPM_DIGEST_SIZE definition. This patch
moves the definition to <linux/tpm.h>.
Signed-off-by: Mimi Zohar <[email protected]>
Signed-off-by: Kent Yoder <[email protected]>
|
|
Move the tpm_get_random api from the trusted keys code into the TPM
device driver itself so that other callers can make use of it. Also,
change the api slightly so that the number of bytes read is returned in
the call, since the TPM command can potentially return fewer bytes than
requested.
Acked-by: David Safford <[email protected]>
Reviewed-by: H. Peter Anvin <[email protected]>
Signed-off-by: Kent Yoder <[email protected]>
|
|
Add internal kernel tpm_send() command used to seal/unseal keys.
Changelog:
- replaced module_put in tpm_send() with new tpm_chip_put() wrapper
(suggested by David Howells)
- Make tpm_send() cmd argument a 'void *' (suggested by David Howells)
Signed-off-by: David Safford <[email protected]>
Signed-off-by: Mimi Zohar <[email protected]>
Acked-by: David Howells <[email protected]>
Acked-by: Serge E. Hallyn <[email protected]>
Signed-off-by: James Morris <[email protected]>
|
|
Fix build for TCG_TPM=m. Header file doesn't handle this
and incorrectly builds stubs.
drivers/char/tpm/tpm.c:720: error: redefinition of 'tpm_pcr_read'
include/linux/tpm.h:35: error:previous definition of 'tpm_pcr_read' was here
drivers/char/tpm/tpm.c:752: error: redefinition of 'tpm_pcr_extend'
include/linux/tpm.h:38: error:previous definition of 'tpm_pcr_extend' was here
Repairs linux-next's
commit d6ba452128178091dab7a04d54f7e66fdc32fb39
Author: Mimi Zohar <[email protected]>
Date: Mon Oct 26 09:26:18 2009 -0400
tpm add default function definitions
Signed-off-by: Randy Dunlap <[email protected]>
Cc: Rajiv Andrade <[email protected]>
Cc: Mimi Zohar <[email protected]>
Cc: James Morris <[email protected]>
Cc: Eric Paris <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: James Morris <[email protected]>
|
|
Add default tpm_pcr_read/extend function definitions required
by IMA/Kconfig changes.
Signed-off-by: Mimi Zohar <[email protected]>
Reviewed-by: Eric Paris <[email protected]>
Signed-off-by: James Morris <[email protected]>
|
|
This patch adds internal kernel support for:
- reading/extending a pcr value
- looking up the tpm_chip for a given chip number
Signed-off-by: Rajiv Andrade <[email protected]>
Signed-off-by: Mimi Zohar <[email protected]>
Signed-off-by: James Morris <[email protected]>
|