On Tue Nov 28, 2023 at 4:42 PM EET, Serge E. Hallyn wrote: > On Wed, Nov 22, 2023 at 12:31:12AM +0200, Jarkko Sakkinen wrote: > > This patch set extends struct tpm_buf to support TPM2 sized buffers, and > > adds reader functions for parsing more complex response data. It is > > implemented to support smooth landing of [2]. Sealing of the TPM2 trusted > > keys is updated to utilize the new functionality, and thus provides a > > legit test case for it. > > > > TPM2 sized buffer, i.e. the buffers in TPM2 format, are defined in the > > section 10.4 of the TPM2 Structures [1] specification. > > > > Here's the smoke test that I've run for TPM2: > > > > /usr/lib/kselftests/run_kselftest.sh > > tpm2_createprimary --hierarchy o -G rsa2048 -c key.ctxt > > tpm2_evictcontrol -c key.ctxt 0x81000001 > > keyctl add trusted kmk "new 32 keyhandle=0x81000001" @u > > keyctl add encrypted 1000100010001000 "new ecryptfs trusted:kmk 64" @u > > > > [1] https://trustedcomputinggroup.org/resource/tpm-library-specification/ > > [2] > > https://lore.kernel.org/linux-integrity/[email protected]/ > > > > v5: > > - Fixed glitch in tpm_buf_read() reported by James Bottomley to the v4. > > Was forgotten from v4. > > - Remove a spurious memset() call introduced in v4. > > - Allow command buffer tag to be initially set to zero (caused spurious > > warnings). > > v4: > > - Cleaned up the bit too spread code changes based on the v3 review. > > - For testing instructions see the previous cover letter, and use > > linux-v6.6.y branch: > > > > https://lore.kernel.org/linux-integrity/[email protected]/ > > v3: > > - Resend with rebase to the latest upstream. > > > > Cc: James Bottomley <[email protected]> > > Cc: William Roberts <[email protected]> > > Cc: Stefan Berger <[email protected]> > > Cc: David Howells <[email protected]> > > Cc: Jason Gunthorpe <[email protected]> > > Cc: Mimi Zohar <[email protected]> > > Cc: Mario Limonciello <[email protected]> > > Cc: Jerry Snitselaar <[email protected]> > > I'm not an expert in this area, but my interest is piqued when I see > tpm/tpm2, so I took a pretty close look, and all looked good to me > > Reviewed-by: Serge Hallyn <[email protected]>
Thanks for the review and comments! BR, Jarkko
