On Wed, Nov 22, 2023 at 12:31:12AM +0200, Jarkko Sakkinen wrote: > This patch set extends struct tpm_buf to support TPM2 sized buffers, and > adds reader functions for parsing more complex response data. It is > implemented to support smooth landing of [2]. Sealing of the TPM2 trusted > keys is updated to utilize the new functionality, and thus provides a > legit test case for it. > > TPM2 sized buffer, i.e. the buffers in TPM2 format, are defined in the > section 10.4 of the TPM2 Structures [1] specification. > > Here's the smoke test that I've run for TPM2: > > /usr/lib/kselftests/run_kselftest.sh > tpm2_createprimary --hierarchy o -G rsa2048 -c key.ctxt > tpm2_evictcontrol -c key.ctxt 0x81000001 > keyctl add trusted kmk "new 32 keyhandle=0x81000001" @u > keyctl add encrypted 1000100010001000 "new ecryptfs trusted:kmk 64" @u > > [1] https://trustedcomputinggroup.org/resource/tpm-library-specification/ > [2] > https://lore.kernel.org/linux-integrity/[email protected]/ > > v5: > - Fixed glitch in tpm_buf_read() reported by James Bottomley to the v4. > Was forgotten from v4. > - Remove a spurious memset() call introduced in v4. > - Allow command buffer tag to be initially set to zero (caused spurious > warnings). > v4: > - Cleaned up the bit too spread code changes based on the v3 review. > - For testing instructions see the previous cover letter, and use > linux-v6.6.y branch: > > https://lore.kernel.org/linux-integrity/[email protected]/ > v3: > - Resend with rebase to the latest upstream. > > Cc: James Bottomley <[email protected]> > Cc: William Roberts <[email protected]> > Cc: Stefan Berger <[email protected]> > Cc: David Howells <[email protected]> > Cc: Jason Gunthorpe <[email protected]> > Cc: Mimi Zohar <[email protected]> > Cc: Mario Limonciello <[email protected]> > Cc: Jerry Snitselaar <[email protected]>
I'm not an expert in this area, but my interest is piqued when I see tpm/tpm2, so I took a pretty close look, and all looked good to me Reviewed-by: Serge Hallyn <[email protected]>
