[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v17 10/20] tpm2: Add TPM Software Stack (TSS)
From: |
Daniel Kiper |
Subject: |
Re: [PATCH v17 10/20] tpm2: Add TPM Software Stack (TSS) |
Date: |
Tue, 18 Jun 2024 17:41:13 +0200 |
On Fri, Jun 14, 2024 at 02:45:43PM +0800, Gary Lin wrote:
> From: Hernan Gatta <hegatta@linux.microsoft.com>
>
> A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to
> compose and submit TPM commands and parse reponses.
>
> A limited number of TPM commands may be accessed via the EFI TCG2
> protocol. This protocol exposes functionality that is primarily geared
> toward TPM usage within the context of Secure Boot. For all other TPM
> commands, however, such as sealing and unsealing, this protocol does not
> provide any help, with the exception of passthrough command submission.
>
> The SubmitCommand method allows a caller to send raw commands to the
> system's TPM and to receive the corresponding response. These
> command/response pairs are formatted using the TPM wire protocol. To
> construct commands in this way, and to parse the TPM's response, it is
> necessary to, first, possess knowledge of the various TPM structures, and,
> second, of the TPM wire protocol itself.
>
> As such, this patch includes a set of header files that define the
> necessary TPM structures and TSS functions, implementations of various
> TPM2_* functions (inventoried below), and logic to write and read command
> and response buffers, respectively, using the TPM wire protocol.
>
> Functions: TPM2_Create, TPM2_CreatePrimary, TPM2_EvictControl,
> TPM2_FlushContext, TPM2_Load, TPM2_PCR_Read, TPM2_PolicyGetDigest,
> TPM2_PolicyPCR, TPM2_ReadPublic, TPM2_StartAuthSession, TPM2_Unseal,
> TPM2_LoadExternal, TPM2_Hash, TPM2_VerifySignature,
> TPM2_PolicyAuthorize, TPM2_TestParms
>
> Signed-off-by: Hernan Gatta <hegatta@linux.microsoft.com>
> Signed-off-by: Gary Lin <glin@suse.com>
> Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
> ---
> grub-core/tpm2/buffer.c | 145 +++
> grub-core/tpm2/mu.c | 1168 ++++++++++++++++++++++++
> grub-core/tpm2/tcg2.c | 143 +++
> grub-core/tpm2/tpm2.c | 1048 +++++++++++++++++++++
> include/grub/tpm2/buffer.h | 65 ++
> include/grub/tpm2/internal/functions.h | 156 ++++
> include/grub/tpm2/internal/structs.h | 768 ++++++++++++++++
> include/grub/tpm2/internal/types.h | 403 ++++++++
> include/grub/tpm2/mu.h | 396 ++++++++
> include/grub/tpm2/tcg2.h | 34 +
> include/grub/tpm2/tpm2.h | 34 +
> 11 files changed, 4360 insertions(+)
> create mode 100644 grub-core/tpm2/buffer.c
> create mode 100644 grub-core/tpm2/mu.c
> create mode 100644 grub-core/tpm2/tcg2.c
> create mode 100644 grub-core/tpm2/tpm2.c
> create mode 100644 include/grub/tpm2/buffer.h
> create mode 100644 include/grub/tpm2/internal/functions.h
> create mode 100644 include/grub/tpm2/internal/structs.h
> create mode 100644 include/grub/tpm2/internal/types.h
> create mode 100644 include/grub/tpm2/mu.h
> create mode 100644 include/grub/tpm2/tcg2.h
> create mode 100644 include/grub/tpm2/tpm2.h
And I think this patch can be broken up to smaller parts...
Daniel
- Re: [PATCH v17 08/20] libtasn1: Add the documentation, (continued)
Re: [PATCH v17 10/20] tpm2: Add TPM Software Stack (TSS),
Daniel Kiper <=
[PATCH v17 11/20] key_protector: Add TPM2 Key Protector, Gary Lin, 2024/06/14
[PATCH v17 12/20] cryptodisk: Support key protectors, Gary Lin, 2024/06/14
[PATCH v17 13/20] util/grub-protect: Add new tool, Gary Lin, 2024/06/14
[PATCH v17 14/20] tpm2: Support authorized policy, Gary Lin, 2024/06/14
[PATCH v17 15/20] tpm2: Implement NV index, Gary Lin, 2024/06/14