[PATCH 0/3] Remaining fixes for v4.5 (post tpmdd-next-20160120)

[PATCH 0/3] Remaining fixes for v4.5 (post tpmdd-next-20160120)

[Jarkko Sakkinen]

Fixes remaining after tpmdd-next-20160120 has been pulled and API change
so that session object stays intact after a successful unseal operation.

Harald Hoyer (1):
  tpm_eventlog.c: fix binary_bios_measurements

Jarkko Sakkinen (2):
  tpm: fix: keep auth session intact after unseal operation
  tpm: fix: return rc when devm_add_action() fails

 drivers/char/tpm/tpm-chip.c     |  7 ++++++-
 drivers/char/tpm/tpm2-cmd.c     | 10 +++++++---
 drivers/char/tpm/tpm_eventlog.c | 10 ++++++++--
 3 files changed, 21 insertions(+), 6 deletions(-)

-- 
2.7.0


------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140

[PATCH 1/3] tpm: fix: keep auth session intact after unseal operation

[Jarkko Sakkinen]

The behavior of policy based unseal operation is not consistent:

* When there is an error in TPM2_Unseal operation, the session object
  stays in the TPM transient memory.
* When the unseal is successful, the TPM automatically removes the
  session object.

This patch sets the continueSession attribute to keep the session intact
after a successful unseal operation thus making the behavior consistent.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
Fixes: 5beb0c435b ("keys, trusted: seal with a TPM2 authorization policy")
---
 drivers/char/tpm/tpm2-cmd.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 66e04b4..b28e4da 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -20,7 +20,11 @@
 #include <keys/trusted-type.h>
 
 enum tpm2_object_attributes {
-	TPM2_ATTR_USER_WITH_AUTH	= BIT(6),
+	TPM2_OA_USER_WITH_AUTH		= BIT(6),
+};
+
+enum tpm2_session_attributes {
+	TPM2_SA_CONTINUE_SESSION	= BIT(0),
 };
 
 struct tpm2_startup_in {
@@ -489,7 +493,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
 		tpm_buf_append(&buf, options->policydigest,
 			       options->policydigest_len);
 	} else {
-		tpm_buf_append_u32(&buf, TPM2_ATTR_USER_WITH_AUTH);
+		tpm_buf_append_u32(&buf, TPM2_OA_USER_WITH_AUTH);
 		tpm_buf_append_u16(&buf, 0);
 	}
 
@@ -627,7 +631,7 @@ static int tpm2_unseal(struct tpm_chip *chip,
 			     options->policyhandle ?
 			     options->policyhandle : TPM2_RS_PW,
 			     NULL /* nonce */, 0,
-			     0 /* session_attributes */,
+			     TPM2_SA_CONTINUE_SESSION,
 			     options->blobauth /* hmac */,
 			     TPM_DIGEST_SIZE);
 
-- 
2.7.0


------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140

[PATCH 2/3] tpm: fix: return rc when devm_add_action() fails

[Jarkko Sakkinen]

Call put_device() and return error code if devm_add_action() fails.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
Reported-by: Jason Gunthorpe <jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
Fixes: 8e0ee3c9faed ("tpm: fix the cleanup of struct tpm_chip")
---
 drivers/char/tpm/tpm-chip.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
index 2521425..274dd01 100644
--- a/drivers/char/tpm/tpm-chip.c
+++ b/drivers/char/tpm/tpm-chip.c
@@ -88,6 +88,7 @@ struct tpm_chip *tpmm_chip_alloc(struct device *dev,
 				 const struct tpm_class_ops *ops)
 {
 	struct tpm_chip *chip;
+	int rc;
 
 	chip = kzalloc(sizeof(*chip), GFP_KERNEL);
 	if (chip == NULL)
@@ -136,7 +137,11 @@ struct tpm_chip *tpmm_chip_alloc(struct device *dev,
 	chip->cdev.owner = chip->pdev->driver->owner;
 	chip->cdev.kobj.parent = &chip->dev.kobj;
 
-	devm_add_action(dev, (void (*)(void *)) put_device, &chip->dev);
+	rc = devm_add_action(dev, (void (*)(void *)) put_device, &chip->dev);
+	if (rc) {
+		put_device(&chip->dev);
+		return ERR_PTR(rc);
+	}
 
 	return chip;
 }
-- 
2.7.0


------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140

[PATCH 3/3] tpm_eventlog.c: fix binary_bios_measurements

[Jarkko Sakkinen]

From: Harald Hoyer <harald-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>

The commit 0cc698af36ff ("vTPM: support little endian guests") copied
the event, but without the event data, did an endian conversion on the
size and tried to output the event data from the copied version, which
has only have one byte of the data, resulting in garbage event data.

Signed-off-by: Harald Hoyer <harald-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Fixes: 0cc698af36ff ("vTPM: support little endian guests")
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
cc: stable-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
---
 drivers/char/tpm/tpm_eventlog.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/drivers/char/tpm/tpm_eventlog.c b/drivers/char/tpm/tpm_eventlog.c
index bd72fb0..27fc887 100644
--- a/drivers/char/tpm/tpm_eventlog.c
+++ b/drivers/char/tpm/tpm_eventlog.c
@@ -242,9 +242,15 @@ static int tpm_binary_bios_measurements_show(struct seq_file *m, void *v)
 	temp_event.event_type = do_endian_conversion(event->event_type);
 	temp_event.event_size = do_endian_conversion(event->event_size);
 
-	tempPtr = (char *)&temp_event;
+	tempPtr = (char *) &temp_event;
 
-	for (i = 0; i < sizeof(struct tcpa_event) + temp_event.event_size; i++)
+	for (i = 0; i < (sizeof(struct tcpa_event) - 1) ; i++)
+		seq_putc(m, tempPtr[i]);
+
+	tempPtr = (char *) v;
+
+	for (i = (sizeof(struct tcpa_event) - 1);
+	     i < (sizeof(struct tcpa_event) + temp_event.event_size); i++)
 		seq_putc(m, tempPtr[i]);
 
 	return 0;
-- 
2.7.0


------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140

[PATCH 0/3] Remaining fixes for v4.5 (post tpmdd-next-20160120)

[Jarkko Sakkinen]

Fixes remaining after tpmdd-next-20160120 has been pulled and API change
so that session object stays intact after a successful unseal operation.

Harald Hoyer (1):
  tpm_eventlog.c: fix binary_bios_measurements

Jarkko Sakkinen (2):
  tpm: fix: keep auth session intact after unseal operation
  tpm: fix: return rc when devm_add_action() fails

 drivers/char/tpm/tpm-chip.c     |  7 ++++++-
 drivers/char/tpm/tpm2-cmd.c     | 10 +++++++---
 drivers/char/tpm/tpm_eventlog.c | 10 ++++++++--
 3 files changed, 21 insertions(+), 6 deletions(-)

-- 
2.7.0


------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140

Re: [PATCH 0/3] Remaining fixes for v4.5 (post tpmdd-next-20160120)

[Jarkko Sakkinen]

On Wed, Mar 23, 2016 at 07:09:24AM +0200, Jarkko Sakkinen wrote:
> Fixes remaining after tpmdd-next-20160120 has been pulled and API change
> so that session object stays intact after a successful unseal operation.

Oops. Please ignore this, did a mistake with git send-email. Sorry about
this.

/Jarkko

> Harald Hoyer (1):
>   tpm_eventlog.c: fix binary_bios_measurements
> 
> Jarkko Sakkinen (2):
>   tpm: fix: keep auth session intact after unseal operation
>   tpm: fix: return rc when devm_add_action() fails
> 
>  drivers/char/tpm/tpm-chip.c     |  7 ++++++-
>  drivers/char/tpm/tpm2-cmd.c     | 10 +++++++---
>  drivers/char/tpm/tpm_eventlog.c | 10 ++++++++--
>  3 files changed, 21 insertions(+), 6 deletions(-)
> 
> -- 
> 2.7.0
> 

------------------------------------------------------------------------------
Transform Data into Opportunity.
Accelerate data analysis in your applications with
Intel Data Analytics Acceleration Library.
Click to learn more.
http://pubads.g.doubleclick.net/gampad/clk?id=278785351&iu=/4140