lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 Jan 2017 15:35:40 -0500 From: Stefan Berger <stefanb@...ux.vnet.ibm.com> To: Nayna Jain <nayna@...ux.vnet.ibm.com>, tpmdd-devel@...ts.sourceforge.net Cc: linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org Subject: Re: [tpmdd-devel] [PATCH v8 2/2] tpm: add securityfs support for TPM 2.0 firmware event log On 01/13/2017 01:09 PM, Stefan Berger wrote: > On 01/11/2017 02:54 AM, Nayna Jain wrote: >> Unlike the device driver support for TPM 1.2, the TPM 2.0 does >> not support the securityfs pseudo files for displaying the >> firmware event log. >> >> This patch enables support for providing the TPM 2.0 event log in >> binary form. TPM 2.0 event log supports a crypto agile format that >> records multiple digests, which is different from TPM 1.2. This >> patch enables the tpm_bios_log_setup for TPM 2.0 and adds the >> event log parser which understand the TPM 2.0 crypto agile format. >> >> Signed-off-by: Nayna Jain <nayna@...ux.vnet.ibm.com> >> --- >> drivers/char/tpm/Makefile | 2 +- >> .../char/tpm/{tpm_eventlog.c => tpm1_eventlog.c} | 35 ++-- >> drivers/char/tpm/tpm2_eventlog.c | 203 >> +++++++++++++++++++++ >> drivers/char/tpm/tpm_acpi.c | 3 + >> drivers/char/tpm/tpm_eventlog.h | 63 +++++++ >> 5 files changed, 291 insertions(+), 15 deletions(-) >> rename drivers/char/tpm/{tpm_eventlog.c => tpm1_eventlog.c} (95%) >> create mode 100644 drivers/char/tpm/tpm2_eventlog.c >> >> >> diff --git a/drivers/char/tpm/tpm_acpi.c b/drivers/char/tpm/tpm_acpi.c >> index b7718c9..169edf3 100644 >> --- a/drivers/char/tpm/tpm_acpi.c >> +++ b/drivers/char/tpm/tpm_acpi.c >> @@ -54,6 +54,9 @@ int tpm_read_log_acpi(struct tpm_chip *chip) >> u64 len, start; >> struct tpm_bios_log *log; >> >> + if (chip->flags & TPM_CHIP_FLAG_TPM2) >> + return -ENODEV; >> + > > > Works with SeaBIOS when this check is disabled. > -> Tested-by: Stefan Berger <stefanb@...ux.vnet.ibm.com>
Powered by blists - more mailing lists