1. 25 4月, 2017 1 次提交
  2. 04 4月, 2017 4 次提交
    • J
      tpm_crb: request and relinquish locality 0 · 877c57d0
      Jarkko Sakkinen 提交于
      This commit adds support for requesting and relinquishing locality 0 in
      tpm_crb for the course of command transmission.
      
      In order to achieve this, two new callbacks are added to struct
      tpm_class_ops:
      
      - request_locality
      - relinquish_locality
      
      With CRB interface you first set either requestAccess or relinquish bit
      from TPM_LOC_CTRL_x register and then wait for locAssigned and
      tpmRegValidSts bits to be set in the TPM_LOC_STATE_x register.
      
      The reason why were are doing this is to make sure that the driver
      will work properly with Intel TXT that uses locality 2. There's no
      explicit guarantee that it would relinquish this locality. In more
      general sense this commit enables tpm_crb to be a well behaving
      citizen in a multi locality environment.
      Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      Reviewed-by: NJerry Snitselaar <jsnitsel@redhat.com>
      Tested-by: NJerry Snitselaar <jsnitsel@redhat.com>
      877c57d0
    • J
      tpm2: add session handle context saving and restoring to the space code · 4d57856a
      James Bottomley 提交于
      Sessions are different from transient objects in that their handles
      may not be virtualized (because they're used for some hmac
      calculations).  Additionally when a session is context saved, a
      vestigial memory remains in the TPM and if it is also flushed, that
      will be lost and the session context will refuse to load next time, so
      the code is updated to flush only transient objects after a context
      save.  Add a separate array (chip->session_tbl) to save and restore
      sessions by handle.  Use the failure of a context save or load to
      signal that the session has been flushed from the TPM and we can
      remove its memory from chip->session_tbl.
      
      Sessions are also isolated during each instance of a tpm space.  This
      means that spaces shouldn't be able to see each other's sessions and
      is enforced by ensuring that a space user may only refer to sessions
      handles that are present in their own chip->session_tbl.  Finally when
      a space is closed, all the sessions belonging to it should be flushed
      so the handles may be re-used by other spaces.
      
      Note that if we get a session save or load error, all sessions are
      effectively flushed.  Even though we restore the session buffer, all
      the old sessions will refuse to load after the flush and they'll be
      purged from our session memory.  This means that while transient
      context handling is still soft in the face of errors, session handling
      is hard (any failure of the model means all sessions are lost).
      
      Fixes-from: Colin Ian King <colin.king@canonical.com>
      Signed-off-by: NJames Bottomley <James.Bottomley@HansenPartnership.com>
      Tested-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      Reviewed-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      4d57856a
    • J
      tpm: expose spaces via a device link /dev/tpmrm<n> · fdc915f7
      James Bottomley 提交于
      Currently the tpm spaces are not exposed to userspace.  Make this
      exposure via a separate device, which can now be opened multiple times
      because each read/write transaction goes separately via the space.
      
      Concurrency is protected by the chip->tpm_mutex for each read/write
      transaction separately.  The TPM is cleared of all transient objects
      by the time the mutex is dropped, so there should be no interference
      between the kernel and userspace.
      Signed-off-by: NJames Bottomley <James.Bottomley@HansenPartnership.com>
      Tested-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      Reviewed-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      fdc915f7
    • J
      tpm: infrastructure for TPM spaces · 745b361e
      Jarkko Sakkinen 提交于
      Added an ability to virtualize TPM commands into an isolated context
      that we call a TPM space because the word context is already heavily
      used in the TPM specification. Both the handle areas and bodies (where
      necessary) are virtualized.
      
      The mechanism works by adding a new parameter struct tpm_space to the
      tpm_transmit() function. This new structure contains the list of virtual
      handles and a buffer of page size (currently) for backing storage.
      
      When tpm_transmit() is called with a struct tpm_space instance it will
      execute the following sequence:
      
      1. Take locks.
      2. Load transient objects from the backing storage by using ContextLoad
         and map virtual handles to physical handles.
      3. Perform the transaction.
      4. Save transient objects to backing storage by using ContextSave and
         map resulting physical handle to virtual handle if there is such.
      
      This commit does not implement virtualization support for hmac and
      policy sessions.
      Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      Tested-by: NJames Bottomley <James.Bottomley@HansenPartnership.com>
      Reviewed-by: NJames Bottomley <James.Bottomley@HansenPartnership.com>
      745b361e
  3. 24 1月, 2017 1 次提交
  4. 15 12月, 2016 1 次提交
  5. 28 11月, 2016 5 次提交
  6. 19 7月, 2016 2 次提交
  7. 25 6月, 2016 10 次提交
  8. 20 2月, 2016 1 次提交
  9. 10 2月, 2016 2 次提交
  10. 09 11月, 2015 2 次提交
  11. 19 10月, 2015 1 次提交
  12. 14 7月, 2015 1 次提交
  13. 19 3月, 2015 1 次提交
    • J
      tpm: fix: sanitized code paths in tpm_chip_register() · 34d47b63
      Jarkko Sakkinen 提交于
      I started to work with PPI interface so that it would be available
      under character device sysfs directory and realized that chip
      registeration was still too messy.
      
      In TPM 1.x in some rare scenarios (errors that almost never occur)
      wrong order in deinitialization steps was taken in teardown. I
      reproduced these scenarios by manually inserting error codes in the
      place of the corresponding function calls.
      
      The key problem is that the teardown is messy with two separate code
      paths (this was inherited when moving code from tpm-interface.c).
      
      Moved TPM 1.x specific register/unregister functionality to own helper
      functions and added single code path for teardown in tpm_chip_register().
      Now the code paths have been fixed and it should be easier to review
      later on this part of the code.
      
      Cc: <stable@vger.kernel.org>
      Fixes: 7a1d7e6d ("tpm: TPM 2.0 baseline support")
      Signed-off-by: NJarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
      Tested-by: NScot Doyle <lkml14@scotdoyle.com>
      Reviewed-by: NPeter Huewe <peterhuewe@gmx.de>
      Signed-off-by: NPeter Huewe <peterhuewe@gmx.de>
      34d47b63
  14. 07 3月, 2015 1 次提交
  15. 06 3月, 2015 1 次提交
  16. 21 1月, 2015 1 次提交
  17. 17 1月, 2015 5 次提交