This patch set implements my ideas on how to extend struct tpm_buf to support TPM2 sized buffers (TPM2B). See Section 10.4 in TPM2 Structures specification for more information. The goal is to do initial groundwork for smoother landing of integrity protection patches by James Bottomley. I tested the patch set with: https://github.com/jarkkojs/buildroot-tpmdd/tree/linux-6.5.y Compilation: make qemu_x86_64_defconfig make 2>&1 | tee build.txt; TPM1 startup: output/images/start-qemu.sh --use-system-swtpm --rtc --tpm1 TPM2 startup: output/images/start-qemu.sh --use-system-swtpm --rtc For TPM2 I executed the following as the smoke test for these patches: /usr/lib/kselftests/run_kselftest.sh tpm2_createprimary --hierarchy o -G rsa2048 -c key.ctxt tpm2_evictcontrol -c key.ctxt 0x81000001 keyctl add trusted kmk "new 32 keyhandle=0x81000001" @u keyctl add encrypted 1000100010001000 "new ecryptfs trusted:kmk 64" @u For TPM1 I tried: keyctl add trusted kmk "new 32" @u This caused TPM error 18, which AFAIK means that there is not SRK (?), which is probably an issue in my swtpm configuration, which is visible in board/qemu/start-qemu.sh.in. Link: https://lore.kernel.org/linux-integrity/CT5OE5VZA7D7.3B7C6CK27JIK1@suppilovahvero/ Link: https://lore.kernel.org/linux-integrity/20230403214003.32093-1-James.Bottomley@xxxxxxxxxxxxxxxxxxxxx/ Cc: James Bottomley <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> Cc: William Roberts <bill.c.roberts@xxxxxxxxx> Cc: Stefan Berger <stefanb@xxxxxxxxxxxxx> Cc: David Howells <dhowells@xxxxxxxxxx> Cc: Jason Gunthorpe <jgg@xxxxxxxx> Cc: Mimi Zohar <zohar@xxxxxxxxxxxxx> James Bottomley (1): tpm: Move buffer handling from static inlines to real functions Jarkko Sakkinen (5): tpm: Store TPM buffer length tpm: Detach tpm_buf_reset() from tpm_buf_init() tpm: Support TPM2 sized buffers (TPM2B) tpm: Add tpm_buf_read_{u8,u16,u32} KEYS: trusted: tpm2: Use struct tpm_buf for sized buffers drivers/char/tpm/Makefile | 1 + drivers/char/tpm/tpm-buf.c | 195 ++++++++++++++++++++++ drivers/char/tpm/tpm-interface.c | 18 +- drivers/char/tpm/tpm-sysfs.c | 3 +- drivers/char/tpm/tpm1-cmd.c | 26 ++- drivers/char/tpm/tpm2-cmd.c | 36 ++-- drivers/char/tpm/tpm2-space.c | 7 +- drivers/char/tpm/tpm_vtpm_proxy.c | 13 +- include/linux/tpm.h | 96 ++--------- security/keys/trusted-keys/trusted_tpm1.c | 12 +- security/keys/trusted-keys/trusted_tpm2.c | 60 ++++--- 11 files changed, 325 insertions(+), 142 deletions(-) create mode 100644 drivers/char/tpm/tpm-buf.c -- 2.39.2
