This patch set extends struct tpm_buf to support TPM2 sized buffers, and adds reader functions for parsing more complex response data. It is implemented to support smooth landing of [2]. Sealing of the TPM2 trusted keys is updated to utilize the new functionality, and thus provides a legit test case for it. TPM2 sized buffer, i.e. the buffers in TPM2 format, are defined in the section 10.4 of the TPM2 Structures [1] specification. Here's the smoke test that I've run for TPM2: /usr/lib/kselftests/run_kselftest.sh tpm2_createprimary --hierarchy o -G rsa2048 -c key.ctxt tpm2_evictcontrol -c key.ctxt 0x81000001 keyctl add trusted kmk "new 32 keyhandle=0x81000001" @u keyctl add encrypted 1000100010001000 "new ecryptfs trusted:kmk 64" @u [1] https://trustedcomputinggroup.org/resource/tpm-library-specification/ [2] https://lore.kernel.org/linux-integrity/20230403214003.32093-1-James.Bottomley@xxxxxxxxxxxxxxxxxxxxx/ v6: - 7/8: fixed off-by-one error in the boundary check v5: - Fixed glitch in tpm_buf_read() reported by James Bottomley to the v4. Was forgotten from v4. - Remove a spurious memset() call introduced in v4. - Allow command buffer tag to be initially set to zero (caused spurious warnings). v4: - Cleaned up the bit too spread code changes based on the v3 review. - For testing instructions see the previous cover letter, and use linux-v6.6.y branch: https://lore.kernel.org/linux-integrity/20231024011531.442587-1-jarkko@xxxxxxxxxx/ v3: - Resend with rebase to the latest upstream. Cc: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> Cc: William Roberts <bill.c.roberts@xxxxxxxxx> Cc: Stefan Berger <stefanb@xxxxxxxxxxxxx> Cc: David Howells <dhowells@xxxxxxxxxx> Cc: Jason Gunthorpe <jgg@xxxxxxxx> Cc: Mimi Zohar <zohar@xxxxxxxxxxxxx> Cc: Mario Limonciello <mario.limonciello@xxxxxxx> Cc: Jerry Snitselaar <jsnitsel@xxxxxxxxxx> James Bottomley (1): tpm: Move buffer handling from static inlines to real functions Jarkko Sakkinen (7): tpm: Remove unused tpm_buf_tag() tpm: Remove tpm_send() tpm: Update struct tpm_buf documentation comments tpm: Store the length of the tpm_buf data separately. tpm: TPM2B formatted buffers tpm: Add tpm_buf_read_{u8,u16,u32} KEYS: trusted: tpm2: Use struct tpm_buf for sized buffers drivers/char/tpm/Makefile | 1 + drivers/char/tpm/tpm-buf.c | 222 ++++++++++++++++++++++ drivers/char/tpm/tpm-interface.c | 26 +-- include/keys/trusted_tpm.h | 2 - include/linux/tpm.h | 112 +++-------- security/keys/trusted-keys/trusted_tpm1.c | 23 ++- security/keys/trusted-keys/trusted_tpm2.c | 54 +++--- 7 files changed, 295 insertions(+), 145 deletions(-) create mode 100644 drivers/char/tpm/tpm-buf.c -- 2.43.0
