diff options
| author | Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> | 2016-11-10 20:42:07 -0800 |
|---|---|---|
| committer | Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> | 2017-04-03 22:46:01 +0300 |
| commit | 58472f5cd4f6ff02488c8da3cdbf719e9dd21e48 (patch) | |
| tree | 01f094fc452036587c1cd921fec86e0732646a89 /drivers/char/tpm/tpm.h | |
| parent | 9aa36b399a50bf8a1c9dae33c25164afae14e1e3 (diff) | |
| download | linux-58472f5cd4f6ff02488c8da3cdbf719e9dd21e48.tar.bz2 | |
tpm: validate TPM 2.0 commands
Check for every TPM 2.0 command that the command code is supported and
the command buffer has at least the length that can contain the header
and the handle area.
For ContextSave and FlushContext we mark the body to be part of the
handle area. This gives validation for these commands at zero
cost, including the body of the command.
The more important reason for this is that we can virtualize these
commands in the same way as you would virtualize the handle area of a
command.
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Reviewed-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Diffstat (limited to 'drivers/char/tpm/tpm.h')
| -rw-r--r-- | drivers/char/tpm/tpm.h | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index 08c1f61d396f..dd5f526a62b5 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -114,6 +114,7 @@ enum tpm2_command_codes { TPM2_CC_CREATE = 0x0153, TPM2_CC_LOAD = 0x0157, TPM2_CC_UNSEAL = 0x015E, + TPM2_CC_CONTEXT_SAVE = 0x0162, TPM2_CC_FLUSH_CONTEXT = 0x0165, TPM2_CC_GET_CAPABILITY = 0x017A, TPM2_CC_GET_RANDOM = 0x017B, @@ -127,15 +128,25 @@ enum tpm2_permanent_handles { }; enum tpm2_capabilities { + TPM2_CAP_COMMANDS = 2, TPM2_CAP_PCRS = 5, TPM2_CAP_TPM_PROPERTIES = 6, }; +enum tpm2_properties { + TPM_PT_TOTAL_COMMANDS = 0x0129, +}; + enum tpm2_startup_types { TPM2_SU_CLEAR = 0x0000, TPM2_SU_STATE = 0x0001, }; +enum tpm2_cc_attrs { + TPM2_CC_ATTR_CHANDLES = 25, + TPM2_CC_ATTR_RHANDLE = 28, +}; + #define TPM_VID_INTEL 0x8086 #define TPM_VID_WINBOND 0x1050 #define TPM_VID_STM 0x104A @@ -199,6 +210,9 @@ struct tpm_chip { acpi_handle acpi_dev_handle; char ppi_version[TPM_PPI_VERSION_LEN + 1]; #endif /* CONFIG_ACPI */ + + u32 nr_commands; + u32 *cc_attrs_tbl; }; #define to_tpm_chip(d) container_of(d, struct tpm_chip, dev) @@ -556,4 +570,5 @@ int tpm2_auto_startup(struct tpm_chip *chip); void tpm2_shutdown(struct tpm_chip *chip, u16 shutdown_type); unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal); int tpm2_probe(struct tpm_chip *chip); +int tpm2_find_cc(struct tpm_chip *chip, u32 cc); #endif |