Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
types: make TPMU_CAPABILIES vendor agnostic
Drop TPML_INTEL_PTT_PROPERTY field from TPMU_CAPABILITIES since we dont want to pollute generic data structures with vendor specific data becuase then every vendor will have to add to that union when they need data added. Additionally, it would be hard to know which parser to use when unmarshaling as all vendor properties have the same switch selector of TPM2_CAP_VENDOR_PROPERTY. To avoid this, we introduce a vendor field of type TPM2B_MAX_CAP_BUFFER and populate this with raw bytes. Note, at this time the current TPMU_CAPABILITES buffer was 1028 bytes on my machine and the TPM2B_MAX_CAP_BUFFER was 1024, thus leaving 4 bytes on the table. Once the vendor buffer is filled, vendor extensions can unmarshal it from there. It's also important to note that the Architecture Specification Part 3 Published Nov 8 2019 is vague in the interface for vendors. The table on page 349 shows: | capability property Return Type | |----------------------------------------------------------------------------| | TPM_CAP_VENDOR_PROPERTY manufacturer specific manufacturer-specific values | However the interface into TPM2_GetCap command is count, and not size and the return of the TPM2B_MAX_CAP_BUFFER is size, not counts. This could be an important consideration when attempting to retrieve vendor specific bytes is understanding how they interpret count and buffer sizes, and the limit of 1024 bytes per TPM2_GetCapability command. This also introduces the --enable-vendor and --disable-vendor configure flags. By default, vendor extensions are enabled but they can be disabled. Double negative logic is used in the header files so that non-autotools builds don't have to add CFLAGS to enable vendor extensions, they are assumed by default. Folks have to modify CFLAGS to opt out. However, if you you're using autotools and the package config system to enable CFLAGS, none of this is of concern. Additionally, we add marshaling routines for dealing with marshalling and unmarshalling TPM2B_MAX_CAP_BUFFER. Lastly, we bump soname. The intel extensions with the TPMU_CAPABILITIES union we're broken, as the marshaling routines didn't properly expand to call the specific handler and instead returned an error. Thus existing code using it could never be in place. Becuase of this, we only bump the revision number. See References below. References: - https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part3_Commands_pub.pdf - https://www.gnu.org/software/libtool/manual/libtool.html#Library-interface-versions Suggested Changelog: Added: - Tss2_MU_TPM2B_MAX_CAP_BUFFER_Marshal and Unmarshal - vendor field TPMU_CAPABILITES for vendor agnostic bytes Removed: - Drop intelPttProperty from TPMU_CAPABILITIES Fixes: #2449 Signed-off-by: William Roberts <[email protected]>
- Loading branch information