| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250228170720.144739-5-sgarzare@redhat.com>
Date: Fri, 28 Feb 2025 18:07:18 +0100
From: Stefano Garzarella <sgarzare@...hat.com>
To: Jarkko Sakkinen <jarkko@...nel.org>
Cc: Thomas Gleixner <tglx@...utronix.de>,
Claudio Carvalho <cclaudio@...ux.ibm.com>,
Peter Huewe <peterhuewe@....de>,
x86@...nel.org,
Dov Murik <dovmurik@...ux.ibm.com>,
linux-coco@...ts.linux.dev,
Dionna Glaze <dionnaglaze@...gle.com>,
James Bottomley <James.Bottomley@...senPartnership.com>,
Ingo Molnar <mingo@...hat.com>,
Joerg Roedel <jroedel@...e.de>,
Jason Gunthorpe <jgg@...pe.ca>,
linux-integrity@...r.kernel.org,
linux-kernel@...r.kernel.org,
Dave Hansen <dave.hansen@...ux.intel.com>,
Tom Lendacky <thomas.lendacky@....com>,
Borislav Petkov <bp@...en8.de>,
"H. Peter Anvin" <hpa@...or.com>,
Stefano Garzarella <sgarzare@...hat.com>
Subject: [RFC PATCH v2 4/6] tpm: add interface to interact with devices based on TCG Simulator
This is primarily designed to support an enlightened driver for the
AMD SVSM based vTPM, but it could be used by any TPM driver which
communicates with a TPM device implemented through the TCG TPM reference
implementation (https://github.com/TrustedComputingGroup/TPM)
Co-developed-by: James Bottomley <James.Bottomley@...senPartnership.com>
Signed-off-by: James Bottomley <James.Bottomley@...senPartnership.com>
Co-developed-by: Claudio Carvalho <cclaudio@...ux.ibm.com>
Signed-off-by: Claudio Carvalho <cclaudio@...ux.ibm.com>
Signed-off-by: Stefano Garzarella <sgarzare@...hat.com>
---
James, Claudio are you fine with the Cdb, Sob?
The code is based to what was in the initial RFC, but I removed the
tpm_platform module, moved some code in the header, changed some names,
etc.
For these reasons I reset the author but added C-o-b.
Please, let me know if this is okay or if I need to do anything
else (reset the author, etc.)
---
include/linux/tpm_tcgsim.h | 136 +++++++++++++++++++++++++++++++++++++
1 file changed, 136 insertions(+)
create mode 100644 include/linux/tpm_tcgsim.h
diff --git a/include/linux/tpm_tcgsim.h b/include/linux/tpm_tcgsim.h
new file mode 100644
index 000000000000..bd5b123c393b
--- /dev/null
+++ b/include/linux/tpm_tcgsim.h
@@ -0,0 +1,136 @@
+/* SPDX-License-Identifier: GPL-2.0-only */
+/*
+ * Copyright (C) 2023 James.Bottomley@...senPartnership.com
+ * Copyright (C) 2025 Red Hat, Inc. All Rights Reserved.
+ *
+ * Generic interface usable by TPM drivers interacting with devices
+ * implemented through the TCG Simulator.
+ */
+#ifndef _TPM_TCGSIM_H_
+#define _TPM_TCGSIM_H_
+
+#include <linux/errno.h>
+#include <linux/string.h>
+#include <linux/types.h>
+
+/*
+ * The current TCG Simulator TPM commands we support. The complete list is
+ * in the TcpTpmProtocol header:
+ *
+ * https://github.com/TrustedComputingGroup/TPM/blob/main/TPMCmd/Simulator/include/TpmTcpProtocol.h
+ */
+
+#define TPM_SEND_COMMAND 8
+#define TPM_SIGNAL_CANCEL_ON 9
+#define TPM_SIGNAL_CANCEL_OFF 10
+/*
+ * Any platform specific commands should be placed here and should start
+ * at 0x8000 to avoid clashes with the TCG Simulator protocol. They should
+ * follow the same self describing buffer format below.
+ */
+
+#define TPM_TCGSIM_MAX_BUFFER 4096 /* max req/resp buffer size */
+
+/**
+ * struct tpm_req - generic request header for single word command
+ *
+ * @cmd: The command to send
+ */
+struct tpm_req {
+ u32 cmd;
+} __packed;
+
+/**
+ * struct tpm_resp - generic response header
+ *
+ * @size: The response size (zero if nothing follows)
+ *
+ * Note: most TCG Simulator commands simply return zero here with no indication
+ * of success or failure.
+ */
+struct tpm_resp {
+ u32 size;
+} __packed;
+
+/**
+ * struct tpm_send_cmd_req - Structure for a TPM_SEND_COMMAND request
+ *
+ * @hdr: The request header whit the command (must be TPM_SEND_COMMAND)
+ * @locality: The locality
+ * @inbuf_size: The size of the input buffer following
+ * @inbuf: A buffer of size inbuf_size
+ *
+ * Note that TCG Simulator expects @inbuf_size to be equal to the size of the
+ * specific TPM command, otherwise an TPM_RC_COMMAND_SIZE error is
+ * returned.
+ */
+struct tpm_send_cmd_req {
+ struct tpm_req hdr;
+ u8 locality;
+ u32 inbuf_size;
+ u8 inbuf[];
+} __packed;
+
+/**
+ * struct tpm_send_cmd_req - Structure for a TPM_SEND_COMMAND response
+ *
+ * @hdr: The response header whit the following size
+ * @outbuf: A buffer of size hdr.size
+ */
+struct tpm_send_cmd_resp {
+ struct tpm_resp hdr;
+ u8 outbuf[];
+} __packed;
+
+/**
+ * tpm_tcgsim_fill_send_cmd() - fill a struct tpm_send_cmd_req to be sent to the
+ * TCG Simulator.
+ * @req: The struct tpm_send_cmd_req to fill
+ * @locality: The locality
+ * @buf: The buffer from where to copy the payload of the command
+ * @len: The size of the buffer
+ *
+ * Return: 0 on success, negative error code on failure.
+ */
+static inline int
+tpm_tcgsim_fill_send_cmd(struct tpm_send_cmd_req *req, u8 locality,
+ const u8 *buf, size_t len)
+{
+ if (len > TPM_TCGSIM_MAX_BUFFER - sizeof(*req))
+ return -EINVAL;
+
+ req->hdr.cmd = TPM_SEND_COMMAND;
+ req->locality = locality;
+ req->inbuf_size = len;
+
+ memcpy(req->inbuf, buf, len);
+
+ return 0;
+}
+
+/**
+ * tpm_tcgsim_parse_send_cmd() - Parse a struct tpm_send_cmd_resp received from
+ * the TCG Simulator
+ * @resp: The struct tpm_send_cmd_resp to parse
+ * @buf: The buffer where to copy the response
+ * @len: The size of the buffer
+ *
+ * Return: buffer size filled with the response on success, negative error
+ * code on failure.
+ */
+static inline int
+tpm_tcgsim_parse_send_cmd(const struct tpm_send_cmd_resp *resp, u8 *buf,
+ size_t len)
+{
+ if (len < resp->hdr.size)
+ return -E2BIG;
+
+ if (resp->hdr.size > TPM_TCGSIM_MAX_BUFFER - sizeof(*resp))
+ return -EINVAL; // Invalid response from the platform TPM
+
+ memcpy(buf, resp->outbuf, resp->hdr.size);
+
+ return resp->hdr.size;
+}
+
+#endif /* _TPM_TCGSIM_H_ */
--
2.48.1
Powered by blists - more mailing lists