On Wed, Nov 22, 2023 at 12:31:12AM +0200, Jarkko Sakkinen wrote: > This patch set extends struct tpm_buf to support TPM2 sized buffers, and > adds reader functions for parsing more complex response data. It is > implemented to support smooth landing of [2]. Sealing of the TPM2 trusted > keys is updated to utilize the new functionality, and thus provides a > legit test case for it. > > TPM2 sized buffer, i.e. the buffers in TPM2 format, are defined in the > section 10.4 of the TPM2 Structures [1] specification. > > Here's the smoke test that I've run for TPM2: > > /usr/lib/kselftests/run_kselftest.sh > tpm2_createprimary --hierarchy o -G rsa2048 -c key.ctxt > tpm2_evictcontrol -c key.ctxt 0x81000001 > keyctl add trusted kmk "new 32 keyhandle=0x81000001" @u > keyctl add encrypted 1000100010001000 "new ecryptfs trusted:kmk 64" @u > > [1] https://trustedcomputinggroup.org/resource/tpm-library-specification/ > [2] https://lore.kernel.org/linux-integrity/20230403214003.32093-1-James.Bottomley@xxxxxxxxxxxxxxxxxxxxx/ > > v5: > - Fixed glitch in tpm_buf_read() reported by James Bottomley to the v4. > Was forgotten from v4. > - Remove a spurious memset() call introduced in v4. > - Allow command buffer tag to be initially set to zero (caused spurious > warnings). > v4: > - Cleaned up the bit too spread code changes based on the v3 review. > - For testing instructions see the previous cover letter, and use > linux-v6.6.y branch: > https://lore.kernel.org/linux-integrity/20231024011531.442587-1-jarkko@xxxxxxxxxx/ > v3: > - Resend with rebase to the latest upstream. > > Cc: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> > Cc: William Roberts <bill.c.roberts@xxxxxxxxx> > Cc: Stefan Berger <stefanb@xxxxxxxxxxxxx> > Cc: David Howells <dhowells@xxxxxxxxxx> > Cc: Jason Gunthorpe <jgg@xxxxxxxx> > Cc: Mimi Zohar <zohar@xxxxxxxxxxxxx> > Cc: Mario Limonciello <mario.limonciello@xxxxxxx> > Cc: Jerry Snitselaar <jsnitsel@xxxxxxxxxx> I'm not an expert in this area, but my interest is piqued when I see tpm/tpm2, so I took a pretty close look, and all looked good to me Reviewed-by: Serge Hallyn <serge@xxxxxxxxxx>
