keys-ecryptfs.txt was missing from 00-INDEX.
Signed-off-by: Jarkko Sakkinen
---
Documentation/security/00-INDEX |2 ++
1 file changed, 2 insertions(+)
diff --git a/Documentation/security/00-INDEX b/Documentation/security/00-INDEX
index eeed1de..414235c 100644
--- a/Documentation/security
On Sat, Oct 27, 2012 at 08:34:14PM -0200, Cesar Eduardo Barros wrote:
> The function which gets called very early is setup_real_mode(). The
> set_real_mode_permissions() function is the arch_initcall.
>
> Cc: Jarkko Sakkinen
> Cc: Thomas Gleixner
> Cc: Ingo Molnar
>
SMACK_MAGIC moved to a proper place for easy user space access
(i.e. libsmack).
Signed-off-by: Jarkko Sakkinen
---
include/uapi/linux/magic.h |1 +
security/smack/smack.h |5 -
2 files changed, 1 insertion(+), 5 deletions(-)
diff --git a/include/uapi/linux/magic.h b/include
On Tue, Nov 6, 2012 at 11:59 PM, Casey Schaufler wrote:
>
> On 11/6/2012 12:17 AM, Jarkko Sakkinen wrote:
> > SMACK_MAGIC moved to a proper place for easy user space access
> > (i.e. libsmack).
> >
> > Signed-off-by: Jarkko Sakkinen
> > ---
> > include
gt; On Thu, Nov 8, 2012 at 5:43 AM, Jarkko Sakkinen
> wrote:
>> On Tue, Nov 6, 2012 at 11:59 PM, Casey Schaufler
>> wrote:
>>>
>>> On 11/6/2012 12:17 AM, Jarkko Sakkinen wrote:
>>> > SMACK_MAGIC moved to a proper place for easy user space access
>&
y, up to casey)
>
> I should think it should go in smack.h
Yeah, that's probably best place for it. I'll add the include there.
>
>> On Thu, Nov 8, 2012 at 5:43 AM, Jarkko Sakkinen
>> wrote:
>>> On Tue, Nov 6, 2012 at 11:59 PM, Casey Schaufler
SMACK_MAGIC moved to a proper place for easy user space access
(i.e. libsmack).
Signed-off-by: Jarkko Sakkinen
---
include/uapi/linux/magic.h |1 +
security/smack/smack.h |6 +-
security/smack/smack_lsm.c |1 -
3 files changed, 2 insertions(+), 6 deletions(-)
diff --git a
> > this would worth the effort since this bug is somehow critical.
> > > > > >
> > > > > > Best regards, Jonas
> > > > >
> > > > > I'll put together a debug patch unless I can trick Rafael into
> > > >
Hi Eric,
Peter talked to me about this BPF work to prevent JIT spraying attacks
in the beginning of this week and I took a look at your patch.
Some comments:
* Meta-comment about patch structure: why this was a one patch and not
two patches? It changes two things that are orthogonal to each o
On Thu, Aug 09, 2012 at 05:46:38PM -0700, Casey Schaufler wrote:
> On 12/20/2011 11:20 PM, Jarkko Sakkinen wrote:
> > Allow SIGCHLD to be passed to child process without
> > explicit policy. This will help to keep the access
> > control policy simple and easily maintain
On Tue, Jul 19, 2016 at 02:27:41PM -0600, Jason Gunthorpe wrote:
> On Tue, Jul 19, 2016 at 04:32:47PM +0300, Jarkko Sakkinen wrote:
> > Return error code from tpm_gen_interrupt() and fail tpm_tis family of
> > drivers on a system error. It doesn't make sense to continue if we
&
On Tue, Jul 19, 2016 at 11:31:47PM +0300, Jarkko Sakkinen wrote:
> On Tue, Jul 19, 2016 at 02:27:41PM -0600, Jason Gunthorpe wrote:
> > On Tue, Jul 19, 2016 at 04:32:47PM +0300, Jarkko Sakkinen wrote:
> > > Return error code from tpm_gen_interrupt() and fail tpm_tis family of
On Tue, Jul 19, 2016 at 11:36:34PM +0300, Jarkko Sakkinen wrote:
> On Tue, Jul 19, 2016 at 11:31:47PM +0300, Jarkko Sakkinen wrote:
> > On Tue, Jul 19, 2016 at 02:27:41PM -0600, Jason Gunthorpe wrote:
> > > On Tue, Jul 19, 2016 at 04:32:47PM +0300, Jarkko Sakkinen wrote:
> &g
On Tue, Jul 19, 2016 at 02:40:27PM -0600, Jason Gunthorpe wrote:
> On Tue, Jul 19, 2016 at 11:36:34PM +0300, Jarkko Sakkinen wrote:
> > If Christophe could submit a fix for st33, I could include it to this
> > series and make one more revision. Thank you for reviewing this!
>
Removed unnecessary externs from tpm.h.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm.h | 36 ++--
1 file changed, 18 insertions(+), 18 deletions(-)
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 3e32d5b..8b864dd 100644
--- a
Since tpm_gen_interrupt() is only used in tpm_tis_core.c this commit
replaces it with an internal tpm_tis_gen_interrupt(). The semantics
also changed in a way that on a system error the driver initialization
is failed.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-interface.c | 15
Instead of a ad-hoc protocol message construction it is better to
call tpm_pcr_read_dev().
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-interface.c | 7 ++-
1 file changed, 2 insertions(+), 5 deletions(-)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm
It is better to tpm_transmit_cmd() in tpm2_probe() in order to get
consistent command handling throughout the subsystem.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm2-cmd.c | 4 +---
1 file changed, 1 insertion(+), 3 deletions(-)
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers
, so let us just delete this useless call.
Signed-off-by: Jason Gunthorpe
Reviewed-by: Jarkko Sakkinen
---
drivers/char/tpm/st33zp24/st33zp24.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/drivers/char/tpm/st33zp24/st33zp24.c
b/drivers/char/tpm/st33zp24/st33zp24.c
index c2ee304..6f060c7
patch set.
v2: Added commit that drops externs from all function declarations in
tpm.h as suggested by Jason Gunthorpe.
Jarkko Sakkinen (4):
tpm: remove unnecessary externs from tpm.h
tpm: replace tpm_gen_interrupt() with tpm_tis_gen_interrupt()
tpm: use tpm_transmit_cmd() in tpm2_probe()
tpm
Unseal and load operations should be done as an atomic unit. This
commit fixes the issue by moving TPM mutex handling to tpm_try_get_ops()
and tpm_put_ops(), which is probably more logical place for it anyway.
Fixes: 954650efb79f ("tpm: seal/unseal for TPM 2.0")
Signed-off-by: Jarkk
On Tue, Jul 19, 2016 at 07:34:18PM -0700, Andrey Pronin wrote:
> This patchset introduces an optional maximum transfer size that can
> be specified by a tpm driver. Setting the max_xfer_size helps to catch
> the cases when burstcnt is incorrectly reported by the device (e.g. >64
> for spi - happene
On Wed, Jul 20, 2016 at 10:48:18AM -0600, Jason Gunthorpe wrote:
> On Wed, Jul 20, 2016 at 03:16:32AM +0300, Jarkko Sakkinen wrote:
> > Unseal and load operations should be done as an atomic unit. This
> > commit fixes the issue by moving TPM mutex handling to tpm_try_get_ops()
>
On Wed, Jul 20, 2016 at 11:06:24AM -0600, Jason Gunthorpe wrote:
> On Wed, Jul 20, 2016 at 02:44:58AM +0300, Jarkko Sakkinen wrote:
> > Since tpm_gen_interrupt() is only used in tpm_tis_core.c this commit
> > replaces it with an internal tpm_tis_gen_interrupt(). The semantics
> &
On Wed, Jul 20, 2016 at 11:54:10PM +0300, Jarkko Sakkinen wrote:
> On Wed, Jul 20, 2016 at 11:06:24AM -0600, Jason Gunthorpe wrote:
> > On Wed, Jul 20, 2016 at 02:44:58AM +0300, Jarkko Sakkinen wrote:
> > > Since tpm_gen_interrupt() is only used in tpm_tis_core.c this commit
>
On Wed, Jul 20, 2016 at 03:13:32PM -0600, Jason Gunthorpe wrote:
> On Wed, Jul 20, 2016 at 11:53:14PM +0300, Jarkko Sakkinen wrote:
>
> > The only use cases I see at the moment for it work this way:
> >
> > 1. Call tpm_try_get_ops.
> > 2. Send a TPM command.
>
Sparse reports "bad constant expression" for the use of cpu_to_be32
inside enums tpm_capabilities and tpm_sub_capabilities. Even though it
is probably expanded to a constant expression, it is probably cleaner not
to use it there.
Signed-off-by: Jarkko Sakkinen
---
drivers/ch
From: Ed Swierk
Call tpm_getcap() from tpm_get_timeouts() to eliminate redundant
code. Return all errors to the caller rather than swallowing them
(e.g. when tpm_transmit_cmd() returns nonzero).
Signed-off-by: Ed Swierk
Reviewed-by: Jarkko Sakkinen
Signed-off-by: Jarkko Sakkinen
---
drivers
Even though the cpu_to_be32() is open coded it is not a good convention
to call it in the enum definitions. This will also sparse errors about
invalid constant expressions.
Ed Swierk (1):
tpm: Clean up reading of timeout and duration capabilities
Jarkko Sakkinen (1):
tpm: fix bad constant
On Tue, Sep 20, 2016 at 07:08:40AM +, Winkler, Tomas wrote:
>
> > -Original Message-
> > From: Jarkko Sakkinen [mailto:jarkko.sakki...@linux.intel.com]
> > Sent: Monday, September 19, 2016 23:22
> > To: Peter Huewe
> > Cc: moder
On Tue, Sep 20, 2016 at 09:57:48AM +, Winkler, Tomas wrote:
>
> > On Tue, Sep 20, 2016 at 07:08:40AM +, Winkler, Tomas wrote:
> > >
> > > > -Original Message-
> > > > From: Jarkko Sakkinen [mailto:jarkko.sakki...@linux.intel.com]
>
On Mon, Jun 20, 2016 at 01:13:45PM +1000, Stephen Rothwell wrote:
> Hi Jarkko,
>
> Today's linux-next merge of the tpmdd tree got a conflict in:
>
> Documentation/devicetree/bindings/vendor-prefixes.txt
>
> between commit:
>
> 7aa5d38cfb77 ("of: Add Inforce Computing to vendor prefix list")
ling of TPMs that report milliseconds instead of
> microseconds.
>
> Signed-off-by: Ed Swierk
Reviewed-by: Jarkko Sakkinen
/Jarkko
> ---
> drivers/char/tpm/tpm-interface.c | 143
> +--
> drivers/char/tpm/tpm_tis.c | 35
On Mon, Jun 20, 2016 at 06:54:02PM -0700, Ed Swierk wrote:
> The STMicro ST19NP18-TPM sometimes takes much longer to execute
> commands than it reports in its capabilities. For example, command 186
> (TPM_FlushSpecific) has been observed to take 14560 msec to complete,
> far longer than the 3000 ms
On Mon, Jun 20, 2016 at 06:54:00PM -0700, Ed Swierk wrote:
> Call tpm_getcap() from tpm_get_timeouts() to eliminate redundant
> code. Return all errors to the caller rather than swallowing them
> (e.g. when tpm_transmit_cmd() returns nonzero).
>
> Signed-off-by: Ed Swierk
Revi
crb: implement tpm crb idle state" (2016-09-27 12:02:13 +0300)
tpmdd reverts for Linux 4.9
--------
Jarkko Sakkinen (4):
Revert "tmp/tpm_crb: implement runtime
On Thu, Sep 15, 2016 at 09:23:29AM +0300, Jarkko Sakkinen wrote:
> On Mon, Sep 12, 2016 at 04:04:19PM +0300, Tomas Winkler wrote:
> > There is a HW bug in Skylake, and Broxton PCH Intel PTT device, where
> > most of the registers in the control area except START, REQUEST, CANCEL,
&
On Fri, Sep 02, 2016 at 10:34:16PM +0300, Jarkko Sakkinen wrote:
> A set of small fixes and clean ups for tpm_crb.
I will apply these fixes tomorrow because they are no brainers
basically. Tomas, I guess you can gives these tested-by since
you've tested runtime PM code on top of these?
On Thu, Sep 08, 2016 at 01:27:59PM +0300, Jarkko Sakkinen wrote:
> On Fri, Sep 02, 2016 at 10:34:16PM +0300, Jarkko Sakkinen wrote:
> > A set of small fixes and clean ups for tpm_crb.
>
> I will apply these fixes tomorrow because they are no brainers
> basically. Tomas, I g
On Wed, Sep 14, 2016 at 06:28:03AM +, Winkler, Tomas wrote:
> On Mon, 2016-09-12 at 16:04 +0300, Tomas Winkler wrote:
> > Te overall platform ability to enter a low power state is also
> > conditioned on the ability of a tpm device to go to idle state.
> > This series should provide this featur
On Wed, Sep 14, 2016 at 07:06:02PM +0300, Jarkko Sakkinen wrote:
> On Wed, Sep 14, 2016 at 06:28:03AM +, Winkler, Tomas wrote:
> > On Mon, 2016-09-12 at 16:04 +0300, Tomas Winkler wrote:
> > > Te overall platform ability to enter a low power state is also
> > > cond
On Wed, Sep 14, 2016 at 07:06:52PM +0300, Jarkko Sakkinen wrote:
> On Wed, Sep 14, 2016 at 07:06:02PM +0300, Jarkko Sakkinen wrote:
> > On Wed, Sep 14, 2016 at 06:28:03AM +, Winkler, Tomas wrote:
> > > On Mon, 2016-09-12 at 16:04 +0300, Tomas Winkler wrote:
> > > &g
t; bits and the idle state management is not exposed to the host SW.
> Thus, this functionality only is enabled only for a CRB start (MMIO)
> based devices.
>
> Based on Jarkko Sakkinen
> oringal patch:
> 'tpm_crb: implement power tpm crb power management'
>
>
&
; we need to bring the device to ready state before accessing the other
> registers. The fix brings device to ready state before trying to read
> command and response buffer addresses in order to remap the for access.
>
> Signed-off-by: Tomas Winkler
Tested-by: Jarkko Sakkinen
Revi
On Mon, Sep 12, 2016 at 04:04:20PM +0300, Tomas Winkler wrote:
> This is preparation step for implementing tpm crb
> runtime pm. We need to have tpm chip allocated
> and populated before we access the runtime handlers.
>
> Signed-off-by: Tomas Winkler
Use pm_runtime_put().
Te
> Thus, this functionality only is enabled only for a CRB start (MMIO)
> > > based devices.
> > >
> > > Based on Jarkko Sakkinen oringal
> > > patch:
> > > 'tpm_crb: implement power tpm crb power management'
> > >
> > >
>
t; bits and the idle state management is not exposed to the host SW.
> Thus, this functionality only is enabled only for a CRB start (MMIO)
> based devices.
>
> Based on Jarkko Sakkinen
> original patch:
> 'tpm_crb: implement power tpm crb power management'
>
> To
s do not support
> > > > > these bits and the idle state management is not exposed to the host
> > SW.
> > > > > Thus, this functionality only is enabled only for a CRB start
> > > > > (MMIO) based devices.
> > > > >
> > > > >
6-09-15 16:04:21
+0300)
--------
Jarkko Sakkinen (11):
tpm: invalid self test error message
tpm: fix a race condition in tpm2_unseal_trusted()
tpm: remove unnecessary externs from tpm.h
tpm: replace tpm_gen_interr
The driver emits invalid self test error message even though the init
succeeds.
Signed-off-by: Jarkko Sakkinen
Fixes: cae8b441fc20 ("tpm: Factor out common startup code")
---
drivers/char/tpm/tpm2-cmd.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/drivers/cha
for Linux 4.8
--------
Jarkko Sakkinen (1):
tpm: invalid self test error message
drivers/char/tpm/tpm2-cmd.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
1:29 +0300)
tpmdd fixes for Linux 4.8
--------
Jarkko Sakkinen (1):
tpm: invalid self test error message
drivers/char/tpm/tpm2-cmd.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
Renamed CRB protocol specific constants to match the TCG PC Client
Platform TPM Profile (PTP) Specification and driver status constants
to be explicit that they are driver specific.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm_crb.c | 22 +++---
1 file changed, 11
t;)
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm_crb.c | 7 +--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/drivers/char/tpm/tpm_crb.c b/drivers/char/tpm/tpm_crb.c
index 018c3825..1801f38 100644
--- a/drivers/char/tpm/tpm_crb.c
+++ b/drivers/char/tpm/tpm_crb.c
wmb()'s are not needed as iowrite32() is used.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm_crb.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/drivers/char/tpm/tpm_crb.c b/drivers/char/tpm/tpm_crb.c
index 1801f38..358c475 100644
--- a/drivers/char/tpm/tpm_crb.c
+++ b/dr
CRB_CTRL_CMD_READY and CRB_CTRL_GO_IDLE have incorrect values.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm_crb.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/char/tpm/tpm_crb.c b/drivers/char/tpm/tpm_crb.c
index c8b0d91..7f602dc 100644
--- a
A set of small fixes and clean ups for tpm_crb.
Jarkko Sakkinen (4):
tpm_crb: fix crb_req_canceled behavior
tpm_crb: remove wmb()'s
tpm_crb: refine the naming of constants
tpm_crb: fix incorrect values of cmdReady and goIdle bits
drivers/char/tpm/tpm_crb.c
On Fri, Sep 02, 2016 at 10:34:20PM +0300, Jarkko Sakkinen wrote:
> CRB_CTRL_CMD_READY and CRB_CTRL_GO_IDLE have incorrect values.
>
> Signed-off-by: Jarkko Sakkinen
Fixes: 30fc8d138e91 ("tpm: TPM 2.0 CRB Interface")
Cc: sta...@vger.kernel.org
/Jarkko
The struct tpm_class_ops is not used outside the TPM driver. Thus,
it can be safely move to drivers/char/tpm/tpm.h.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm.h | 13 +
include/linux/tpm.h| 14 --
2 files changed, 13 insertions(+), 14 deletions(-)
diff
On Fri, Sep 02, 2016 at 04:11:22PM -0600, Jason Gunthorpe wrote:
> On Sat, Sep 03, 2016 at 12:48:03AM +0300, Jarkko Sakkinen wrote:
> > The struct tpm_class_ops is not used outside the TPM driver. Thus,
> > it can be safely move to drivers/char/tpm/tpm.h.
>
> No, this i
On Tue, Aug 02, 2016 at 06:41:29PM +0800, Baole Ni wrote:
> I find that the developers often just specified the numeric value
> when calling a macro which is defined with a parameter for access permission.
> As we know, these numeric value for access permission have had the
> corresponding macro,
: 4d970e733b09
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-interface.c | 1 +
drivers/char/tpm/tpm2-cmd.c | 1 +
2 files changed, 2 insertions(+)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index ef5ad80..43ef0ef 100644
--- a/drivers/char/tpm/tpm
As the fix is quite trivial I already pushed this fixup on tip of my
master branch in order to make testing easy.
/Jarkko
On Mon, Aug 08, 2016 at 11:25:26PM +0300, Jarkko Sakkinen wrote:
> tpm_getcap and tpm2_get_tpm_pt were not properly exported. This commit
> adds the exports. The build
trol issues and wrong values returned on read
> from TPM_STS). Without catching, causes the physical layer to reject xfer.
>
> Signed-off-by: Andrey Pronin
Reviewed-by: Jarkko Sakkinen
I don't have hardware to test this. Someone should validate that it
does not break anything. C
64 bytes of data in a transaction.
> >
> > Signed-off-by: Andrey Pronin
>
> Reviewed-by: Dmitry Torokhov
Reviewed-by: Jarkko Sakkinen
/Jarkko
> > ---
> > drivers/char/tpm/tpm_tis_spi.c | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --
03a1 ("keys, trusted: seal/unseal with TPM 2.0 chips")
CC: sta...@vger.kernel.org
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-interface.c | 16 +---
drivers/char/tpm/tpm.h | 25 +
drivers/char/tpm/tpm2-cmd.c | 12
Jason, I guess this should be now less intrusive than the original one?
The main goal was to make it as backportable as possible.
/Jarkko
On Tue, Aug 23, 2016 at 08:57:22PM -0400, Jarkko Sakkinen wrote:
> Unseal and load operations should be done as an atomic operation. This
> commit intr
On Thu, Aug 25, 2016 at 12:30:59PM -0600, Jason Gunthorpe wrote:
> On Tue, Aug 23, 2016 at 08:57:22PM -0400, Jarkko Sakkinen wrote:
>
> > + if (flags & TPM_TRANSMIT_LOCK)
> > + mutex_lock(&chip->tpm_mutex);
>
> I think I would invert this. UNLOC
.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-sysfs.c | 87
drivers/char/tpm/tpm.h | 13 ---
2 files changed, 48 insertions(+), 52 deletions(-)
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index eedb8e47bde2
This patch set cleans up clutter and cruft from EK sysfs code and fixes
a kernel memory leak.
Jarkko Sakkinen (2):
tpm: fix a kernel memory leak in tpm-sysfs.c
tpm: migrate pubek_show to struct tpm_buf
drivers/char/tpm/tpm-sysfs.c | 86
drivers
("TPM: sysfs functions consolidation")
Reported-by: Jason Gunthorpe
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-sysfs.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index 4bd0997cfa2d..eedb8e47b
e static?"
>
> Signed-off-by: Colin Ian King
Thanks Colin.
Reviewed-by: Jarkko Sakkinen
/Jarkko
> ---
> drivers/char/tpm/tpm_tis.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
>
Consolidated all the "manual" TPM startup code to a single function
in order to make code flows a bit cleaner and migrate to tpm_buf.
Signed-off-by: Jarkko Sakkinen
---
drivers/char/tpm/tpm-interface.c | 67 +---
drivers/char/tpm/tpm.h
On Tue, Jun 20, 2017 at 01:31:52PM -0600, Jason Gunthorpe wrote:
> On Tue, Jun 20, 2017 at 08:13:34PM +0200, Jarkko Sakkinen wrote:
> > Consolidated all the "manual" TPM startup code to a single function
> > in order to make code flows a bit cleaner and migrate to tpm_bu
On Tue, Jun 20, 2017 at 05:25:57PM -0400, Stefan Berger wrote:
> On 06/20/2017 04:55 PM, Jarkko Sakkinen wrote:
> > On Tue, Jun 20, 2017 at 01:31:52PM -0600, Jason Gunthorpe wrote:
> > > On Tue, Jun 20, 2017 at 08:13:34PM +0200, Jarkko Sakkinen wrote:
> > > > Con
On Tue, Jun 20, 2017 at 11:32:41PM +0200, Jarkko Sakkinen wrote:
> On Tue, Jun 20, 2017 at 05:25:57PM -0400, Stefan Berger wrote:
> > On 06/20/2017 04:55 PM, Jarkko Sakkinen wrote:
> > > On Tue, Jun 20, 2017 at 01:31:52PM -0600, Jason Gunthorpe wrote:
> > > > On T
On Tue, Jun 20, 2017 at 10:55:29PM +0200, Jarkko Sakkinen wrote:
> On Tue, Jun 20, 2017 at 01:31:52PM -0600, Jason Gunthorpe wrote:
> > On Tue, Jun 20, 2017 at 08:13:34PM +0200, Jarkko Sakkinen wrote:
> > > Consolidated all the "manual" TPM startup code to a single fun
Consolidated all the "manual" TPM startup code to a single function
in order to make code flows a bit cleaner and migrate to tpm_buf.
Signed-off-by: Jarkko Sakkinen
---
v2: startup type is u16 (not u32)
drivers/char/tpm/tpm-interface.c | 67 +---
dr
On Wed, Jun 21, 2017 at 07:04:53AM -0400, Stefan Berger wrote:
> On 06/21/2017 03:31 AM, Jarkko Sakkinen wrote:
> > Consolidated all the "manual" TPM startup code to a single function
> > in order to make code flows a bit cleaner and migrate to tpm_buf.
> >
>
On Wed, Jun 21, 2017 at 04:29:36PM +0200, Roberto Sassu wrote:
> tpm2_pcr_read() now uses tpm_buf functions to build the TPM command
> to read a PCR. Those functions are preferred to passing a tpm2_cmd
> structure, as they provide protection against buffer overflow.
>
> Also, tpm2_pcr_read() code
On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote:
> On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote:
> > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:
> >
> > > The way I've agreed with James Morris to have my tree is to be rooted to
>
On Fri, Oct 13, 2017 at 10:47:46PM +0300, Jarkko Sakkinen wrote:
> On Thu, Oct 12, 2017 at 05:03:38PM +0200, Javier Martinez Canillas wrote:
> > On Thu, Oct 12, 2017 at 1:38 PM, Jarkko Sakkinen
> > wrote:
> >
> > [snip]
> >
> > >
> > > Now all
else
> +ret = key_seal(new_p, new_o);
> if (ret < 0) {
> pr_info("trusted_key: key_seal failed (%d)\n", ret);
> kzfree(new_p);
> --
> 2.10.1
>
>
>
Reviewed-by: Jarkko Sakkinen
The sealing code for TPM 1.2 should be moved to driver/char/tpm (has
been in my backlog for couple of years now).
/Jarkko
On Mon, Oct 16, 2017 at 02:28:33PM +0300, Jarkko Sakkinen wrote:
> On Wed, Oct 11, 2017 at 02:52:54PM +0300, Jarkko Sakkinen wrote:
> > On Wed, Oct 11, 2017 at 12:54:26PM +1100, James Morris wrote:
> > > On Tue, 10 Oct 2017, Jarkko Sakkinen wrote:
> > >
> > &
On Mon, Oct 16, 2017 at 07:30:13PM +0200, SF Markus Elfring wrote:
> From: Markus Elfring
> Date: Mon, 16 Oct 2017 19:12:34 +0200
>
> A few update suggestions were taken into account
> from static source code analysis.
>
> Markus Elfring (4):
> Delete an error message for a failed memory alloc
On Mon, Oct 16, 2017 at 09:31:39PM +0300, Jarkko Sakkinen wrote:
> On Mon, Oct 16, 2017 at 07:30:13PM +0200, SF Markus Elfring wrote:
> > From: Markus Elfring
> > Date: Mon, 16 Oct 2017 19:12:34 +0200
> >
> > A few update suggestions were taken into account
> >
Signed-off-by: Jarkko Sakkinen
---
MAINTAINERS | 5 +
1 file changed, 5 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index 2d3d750b19c0..30a4b7f97a93 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -14932,6 +14932,11 @@ L: linux...@kvack.org
S: Maintained
F: mm/zswap.c
sgx in not enabled.
* Removed cruft rdmsr-calls from sgx_set_pubkeyhash_msrs().
* return -ENOMEM in sgx_alloc_page() when VA pages consume too much space
* removed unused global sgx_nr_pids
* moved sgx_encl_release to sgx_encl.c
* return -ERESTARTSYS instead of -EINTR in sgx_encl_init()
Haim Cohen (1):
From: Sean Christopherson
Signed-off-by: Sean Christopherson
Signed-off-by: Jarkko Sakkinen
---
arch/x86/include/asm/msr-index.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/include/asm/msr-index.h b/arch/x86/include/asm/msr-index.h
index 17f5c12e1afd..b35cb98b5d60 100644
From: Haim Cohen
These MSRs hold the SHA256 checksum of the currently configured launch
enclave public key.
Signed-off-by: Haim Cohen
Signed-off-by: Jarkko Sakkinen
---
arch/x86/include/asm/msr-index.h | 7 +++
1 file changed, 7 insertions(+)
diff --git a/arch/x86/include/asm/msr
Export create_pipe_files() and replace_fd() so that the SGX driver is
able to create stdin and stdout pipes.
Signed-off-by: Jarkko Sakkinen
---
fs/file.c | 1 +
fs/pipe.c | 1 +
2 files changed, 2 insertions(+)
diff --git a/fs/file.c b/fs/file.c
index 1fc7fbbb4510..b1fa28919b22 100644
--- a/fs
Signed-off-by: Jarkko Sakkinen
---
Documentation/index.rst | 1 +
Documentation/x86/intel_sgx.rst | 131
2 files changed, 132 insertions(+)
create mode 100644 Documentation/x86/intel_sgx.rst
diff --git a/Documentation/index.rst b/Documentation
that user space
launch daemon depends on, properietary risks (closed launch daemons on
closed platforms) and stability risks as there would be division of
semantics between user space and kernel.
Signed-off-by: Jarkko Sakkinen
---
arch/x86/include/asm/sgx.h | 233 ++
arch
Check if IA32_SGXLEPUBKEYHASH* MSRs match. If they do not match, allow
the driver initialization to continue only if they are writable. In this
case update them with the MRSIGNER of the launch enclave.
Signed-off-by: Jarkko Sakkinen
---
drivers/platform/x86/intel_sgx/sgx.h| 2
Implements a simple framework for hosting in-kernel LE by using the user
space helper framework.
Signed-off-by: Jarkko Sakkinen
---
drivers/platform/x86/intel_sgx/Kconfig | 2 +
drivers/platform/x86/intel_sgx/Makefile| 1 +
drivers/platform/x86/intel_sgx/sgx.h | 17
kernel
- have its own hand written code
Signed-off-by: Jarkko Sakkinen
---
drivers/platform/x86/intel_sgx/Kconfig | 13 +
drivers/platform/x86/intel_sgx/Makefile| 18 +
drivers/platform/x86/intel_sgx/le/Makefile | 26 +
drivers/platform/x86/intel_sgx/le/enclave
Implemented VMA callbacks in order to ptrace() debug enclaves.
Signed-off-by: Jarkko Sakkinen
---
drivers/platform/x86/intel_sgx/sgx_vma.c | 115 +++
1 file changed, 115 insertions(+)
diff --git a/drivers/platform/x86/intel_sgx/sgx_vma.c
b/drivers/platform/x86
From: Kai Huang
Signed-off-by: Kai Huang
---
arch/x86/include/asm/cpufeatures.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/include/asm/cpufeatures.h
b/arch/x86/include/asm/cpufeatures.h
index 2519c6c801c9..31a7d1c0f204 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arc
Signed-off-by: Jarkko Sakkinen
---
arch/x86/include/asm/cpufeatures.h | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/include/asm/cpufeatures.h
b/arch/x86/include/asm/cpufeatures.h
index 31a7d1c0f204..43130f3c18a1 100644
--- a/arch/x86/include/asm/cpufeatures.h
+++ b/arch/x86
On Thu, May 25, 2017 at 07:43:05AM +0200, Peter Huewe wrote:
> sparse complains that tpmrm_write can be made static, and since it is
> right we make it static.
>
> Signed-off-by: Peter Huewe
Reviewed-by: Jarkko Sakkinen
/Jarkko
> ---
> drivers/char/tpm/tpmrm-dev.c | 2 +-
1 - 100 of 5288 matches
Mail list logo
