tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'tpmdd-next-6.15-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd

Pull tpm fixes from Jarkko Sakkinen:
"A few last minute fixes for v6.15"

* tag 'tpmdd-next-6.15-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd:
tpm: tis: Double the timeout B to 4s
char: tpm: tpm-buf: Add sanity check fallback in read helpers
tpm: Mask TPM RC in tpm2_start_auth_session()

Linus Torvalds 546bce57 74a63255

+30 -19
+3 -3
drivers/char/tpm/tpm-buf.c
··· 201 201 */ 202 202 u8 tpm_buf_read_u8(struct tpm_buf *buf, off_t *offset) 203 203 { 204 - u8 value; 204 + u8 value = 0; 205 205 206 206 tpm_buf_read(buf, offset, sizeof(value), &value); 207 207 ··· 218 218 */ 219 219 u16 tpm_buf_read_u16(struct tpm_buf *buf, off_t *offset) 220 220 { 221 - u16 value; 221 + u16 value = 0; 222 222 223 223 tpm_buf_read(buf, offset, sizeof(value), &value); 224 224 ··· 235 235 */ 236 236 u32 tpm_buf_read_u32(struct tpm_buf *buf, off_t *offset) 237 237 { 238 - u32 value; 238 + u32 value = 0; 239 239 240 240 tpm_buf_read(buf, offset, sizeof(value), &value); 241 241
+6 -14
drivers/char/tpm/tpm2-sessions.c
··· 40 40 * 41 41 * These are the usage functions: 42 42 * 43 - * tpm2_start_auth_session() which allocates the opaque auth structure 44 - * and gets a session from the TPM. This must be called before 45 - * any of the following functions. The session is protected by a 46 - * session_key which is derived from a random salt value 47 - * encrypted to the NULL seed. 48 43 * tpm2_end_auth_session() kills the session and frees the resources. 49 44 * Under normal operation this function is done by 50 45 * tpm_buf_check_hmac_response(), so this is only to be used on ··· 958 963 } 959 964 960 965 /** 961 - * tpm2_start_auth_session() - create a HMAC authentication session with the TPM 962 - * @chip: the TPM chip structure to create the session with 966 + * tpm2_start_auth_session() - Create an a HMAC authentication session 967 + * @chip: A TPM chip 963 968 * 964 - * This function loads the NULL seed from its saved context and starts 965 - * an authentication session on the null seed, fills in the 966 - * @chip->auth structure to contain all the session details necessary 967 - * for performing the HMAC, encrypt and decrypt operations and 968 - * returns. The NULL seed is flushed before this function returns. 969 + * Loads the ephemeral key (null seed), and starts an HMAC authenticated 970 + * session. The null seed is flushed before the return. 969 971 * 970 - * Return: zero on success or actual error encountered. 972 + * Returns zero on success, or a POSIX error code. 971 973 */ 972 974 int tpm2_start_auth_session(struct tpm_chip *chip) 973 975 { ··· 1016 1024 /* hash algorithm for session */ 1017 1025 tpm_buf_append_u16(&buf, TPM_ALG_SHA256); 1018 1026 1019 - rc = tpm_transmit_cmd(chip, &buf, 0, "start auth session"); 1027 + rc = tpm_ret_to_err(tpm_transmit_cmd(chip, &buf, 0, "StartAuthSession")); 1020 1028 tpm2_flush_context(chip, null_key); 1021 1029 1022 1030 if (rc == TPM2_RC_SUCCESS)
+1 -1
drivers/char/tpm/tpm_tis_core.h
··· 54 54 enum tis_defaults { 55 55 TIS_MEM_LEN = 0x5000, 56 56 TIS_SHORT_TIMEOUT = 750, /* ms */ 57 - TIS_LONG_TIMEOUT = 2000, /* 2 sec */ 57 + TIS_LONG_TIMEOUT = 4000, /* 4 secs */ 58 58 TIS_TIMEOUT_MIN_ATML = 14700, /* usecs */ 59 59 TIS_TIMEOUT_MAX_ATML = 15000, /* usecs */ 60 60 };
+20 -1
include/linux/tpm.h
··· 224 224 225 225 enum tpm2_timeouts { 226 226 TPM2_TIMEOUT_A = 750, 227 - TPM2_TIMEOUT_B = 2000, 227 + TPM2_TIMEOUT_B = 4000, 228 228 TPM2_TIMEOUT_C = 200, 229 229 TPM2_TIMEOUT_D = 30, 230 230 TPM2_DURATION_SHORT = 20, ··· 257 257 TPM2_RC_TESTING = 0x090A, /* RC_WARN */ 258 258 TPM2_RC_REFERENCE_H0 = 0x0910, 259 259 TPM2_RC_RETRY = 0x0922, 260 + TPM2_RC_SESSION_MEMORY = 0x0903, 260 261 }; 261 262 262 263 enum tpm2_command_codes { ··· 436 435 static inline u32 tpm2_rc_value(u32 rc) 437 436 { 438 437 return (rc & BIT(7)) ? rc & 0xbf : rc; 438 + } 439 + 440 + /* 441 + * Convert a return value from tpm_transmit_cmd() to POSIX error code. 442 + */ 443 + static inline ssize_t tpm_ret_to_err(ssize_t ret) 444 + { 445 + if (ret < 0) 446 + return ret; 447 + 448 + switch (tpm2_rc_value(ret)) { 449 + case TPM2_RC_SUCCESS: 450 + return 0; 451 + case TPM2_RC_SESSION_MEMORY: 452 + return -ENOMEM; 453 + default: 454 + return -EFAULT; 455 + } 439 456 } 440 457 441 458 #if defined(CONFIG_TCG_TPM) || defined(CONFIG_TCG_TPM_MODULE)