tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend()

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

In preparation of the modifications to tpm_pcr_extend(), which will
allow callers to supply a digest for each PCR bank of a TPM 2.0,
the TPM 1.2 specific code has been moved to tpm1_pcr_extend().

tpm1_pcr_extend() uses tpm_buf_init() to prepare the command buffer,
which offers protection against buffer overflow. It is called by
tpm_pcr_extend() and tpm_pm_suspend().

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

authored by

Roberto Sassu and committed by

Jarkko Sakkinen 8 years ago 175d5b2a a69faebf

+24 -17

1 changed file

expand all

drivers

char

tpm

tpm-interface.c

+24 -17

drivers/char/tpm/tpm-interface.c

··· 847 847 .ordinal = cpu_to_be32(TPM_ORD_PCR_EXTEND) 848 848 }; 849 849 850 + static int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash, 851 + char *log_msg) 852 + { 853 + struct tpm_buf buf; 854 + int rc; 855 + 856 + rc = tpm_buf_init(&buf, TPM_TAG_RQU_COMMAND, TPM_ORD_PCR_EXTEND); 857 + if (rc) 858 + return rc; 859 + 860 + tpm_buf_append_u32(&buf, pcr_idx); 861 + tpm_buf_append(&buf, hash, TPM_DIGEST_SIZE); 862 + 863 + rc = tpm_transmit_cmd(chip, NULL, buf.data, EXTEND_PCR_RESULT_SIZE, 864 + EXTEND_PCR_RESULT_BODY_SIZE, 0, log_msg); 865 + tpm_buf_destroy(&buf); 866 + return rc; 867 + } 868 + 850 869 /** 851 870 * tpm_pcr_extend - extend pcr value with hash 852 871 * @chip_num: tpm idx # or AN& ··· 878 859 */ 879 860 int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash) 880 861 { 881 - struct tpm_cmd_t cmd; 882 862 int rc; 883 863 struct tpm_chip *chip; 884 864 struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)]; ··· 903 885 return rc; 904 886 } 905 887 906 - cmd.header.in = pcrextend_header; 907 - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx); 908 - memcpy(cmd.params.pcrextend_in.hash, hash, TPM_DIGEST_SIZE); 909 - rc = tpm_transmit_cmd(chip, NULL, &cmd, EXTEND_PCR_RESULT_SIZE, 910 - EXTEND_PCR_RESULT_BODY_SIZE, 0, 911 - "attempting extend a PCR value"); 912 - 888 + rc = tpm1_pcr_extend(chip, pcr_idx, hash, 889 + "attempting extend a PCR value"); 913 890 tpm_put_ops(chip); 914 891 return rc; 915 892 } ··· 1103 1090 } 1104 1091 1105 1092 /* for buggy tpm, flush pcrs with extend to selected dummy */ 1106 - if (tpm_suspend_pcr) { 1107 - cmd.header.in = pcrextend_header; 1108 - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(tpm_suspend_pcr); 1109 - memcpy(cmd.params.pcrextend_in.hash, dummy_hash, 1110 - TPM_DIGEST_SIZE); 1111 - rc = tpm_transmit_cmd(chip, NULL, &cmd, EXTEND_PCR_RESULT_SIZE, 1112 - EXTEND_PCR_RESULT_BODY_SIZE, 0, 1113 - "extending dummy pcr before suspend"); 1114 - } 1093 + if (tpm_suspend_pcr) 1094 + rc = tpm1_pcr_extend(chip, tpm_suspend_pcr, dummy_hash, 1095 + "extending dummy pcr before suspend"); 1115 1096 1116 1097 /* now do the actual savestate */ 1117 1098 for (try = 0; try < TPM_RETRY; try++) {