On Wed, 2010-12-01 at 17:48 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > +static int TSS_sha1(const unsigned char *data, const unsigned int datalen,
> > + unsigned char *digest)
>
> You seem to have made a bunch of integer length parameters 'const'. Why? I
> was suggesti
On Tue, 2010-11-30 at 14:32 +, David Howells wrote:
> Serge Hallyn wrote:
>
> > > +int tpm_send(u32 chip_num, void *cmd, size_t buflen)
> >
> > Hate to nit-pick, but any particular reason you're not following the
> > rest of the file and using 'struct tpm_cmd_t *cmd' here?
>
> Ummm... Some
On Wed, 2010-11-24 at 08:59 -0600, Serge Hallyn wrote:
> Quoting David Safford (saff...@watson.ibm.com):
> > On Tue, 2010-11-23 at 20:32 -0600, Serge Hallyn wrote:
> > > Quoting Mimi Zohar (zo...@linux.vnet.ibm.com):
> > > > Add internal kernel tpm_send() co
On Tue, 2010-11-23 at 20:32 -0600, Serge Hallyn wrote:
> Quoting Mimi Zohar (zo...@linux.vnet.ibm.com):
> > Add internal kernel tpm_send() command used to seal/unseal keys.
...
> > +int tpm_send(u32 chip_num, void *cmd, size_t buflen)
>
> Hate to nit-pick, but any particular reason you're not fol
On Fri, 2010-11-19 at 16:23 +, David Howells wrote:
> Mimi Zohar wrote:
thanks for the review! - getting closer...
> > +keyctl print returns an ascii hex copy of the sealed key, which is in
> > standard
>
> I'd quote 'keyctl print' just so it's obvious where the command ends and the
> desc
On Fri, 2010-11-19 at 15:45 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > +int tpm_send(u32 chip_num, void *cmd, int buflen)
>
> I'd recommend size_t for buflen; apart from that:
>
> Acked-by: David Howells
right - that would be better.
Currently transmit_command() in tpm.c expects a
On Fri, 2010-11-12 at 19:24 -0200, Rajiv Andrade wrote:
>
> Hi Dave,
>
> On 11/12/2010 12:48 PM, David Safford wrote:
>
> > On Fri, 2010-11-12 at 14:11 +, David Howells wrote:
> >> Mimi Zohar wrote:
> >>
> >>>>> + module_put(ch
On Fri, 2010-11-12 at 16:52 +, David Howells wrote:
> Mimi Zohar wrote:
Again, thanks for the detailed review!
Willdo on all suggestions with a couple of comments/questions:
> > +#define TPM_MAX_BUF_SIZE 512
> > +#define TPM_TAG_RQU_COMMAND193
> > +#define TPM_TAG_R
On Fri, 2010-11-12 at 14:11 +, David Howells wrote:
> Mimi Zohar wrote:
>
> > > > + module_put(chip->dev->driver->owner);
> > >
> > > Where's the corresponding module_get()? I suspect this should be wrapped
> > > to
> > > match tpm_chip_find_get().
> > >
> > > David
> >
> > The mod
On Thu, 2010-11-11 at 21:57 +, David Howells wrote:
> Mimi Zohar wrote:
Thanks for the helpful comments - much appreciated.
Willdo on all of them - just one question on the last comment:
> > +/*
> > + * Have the TPM seal(encrypt) the trusted key, possibly based on
> > + * Platform Configurat
On Tue, 2010-11-09 at 17:02 +0100, Roberto Sassu wrote:
> i want to inform you i've created a set of utilities for the creation of
> trusted and encrypted keys which also works with the TrustedGRUB software:
> for instance the new "trk_create" tool generates or updates a trusted key
> passing the
On Mon, 2010-11-08 at 23:40 -0700, Jason Gunthorpe wrote:
> It just seems like really odd functionality. I'm not familiar with the
> KH api, but is there any chance now (or in future) that non-root could
> access this function?
good point - we really should explicitly require CAP_SYS_ADMIN for
pcr
On Mon, 2010-11-08 at 10:09 -0700, Jason Gunthorpe wrote:
> On Mon, Nov 08, 2010 at 10:30:45AM -0500, Mimi Zohar wrote:
>
> > pcrlock=nextends the designated PCR 'n' with a random value,
> > so that a key sealed to that PCR may not be unsealed
> > again until after a
13 matches
Mail list logo