Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security (8cc748aa) · Commits · e / devices / android_kernel_fairphone_FP5

Documentation/ABI/stable/sysfs-class-tpm

+11 −11

Original line number	Original line	Diff line number	Diff line
	What: /sys/class/misc/tpmX/device/		What: /sys/class/tpm/tpmX/device/
	Date: April 2005		Date: April 2005
	KernelVersion: 2.6.12		KernelVersion: 2.6.12
	Contact: tpmdd-devel@lists.sf.net		Contact: tpmdd-devel@lists.sf.net
	@@ -6,7 +6,7 @@ Description: The device/ directory under a specific TPM instance exposes
	the properties of that TPM chip		the properties of that TPM chip


	What: /sys/class/misc/tpmX/device/active		What: /sys/class/tpm/tpmX/device/active
	Date: April 2006		Date: April 2006
	KernelVersion: 2.6.17		KernelVersion: 2.6.17
	Contact: tpmdd-devel@lists.sf.net		Contact: tpmdd-devel@lists.sf.net
	@@ -18,7 +18,7 @@ Description: The "active" property prints a '1' if the TPM chip is accepting
	section 17 for more information on which commands are		section 17 for more information on which commands are
	available.		available.

	What: /sys/class/misc/tpmX/device/cancel		What: /sys/class/tpm/tpmX/device/cancel
	Date: June 2005		Date: June 2005
	KernelVersion: 2.6.13		KernelVersion: 2.6.13
	Contact: tpmdd-devel@lists.sf.net		Contact: tpmdd-devel@lists.sf.net
	@@ -26,7 +26,7 @@ Description: The "cancel" property allows you to cancel the currently
	pending TPM command. Writing any value to cancel will call the		pending TPM command. Writing any value to cancel will call the
	TPM vendor specific cancel operation.		TPM vendor specific cancel operation.

	What: /sys/class/misc/tpmX/device/caps		What: /sys/class/tpm/tpmX/device/caps
	Date: April 2005		Date: April 2005
	KernelVersion: 2.6.12		KernelVersion: 2.6.12
	Contact: tpmdd-devel@lists.sf.net		Contact: tpmdd-devel@lists.sf.net
	@@ -43,7 +43,7 @@ Description: The "caps" property contains TPM manufacturer and version info.
	the chip supports. Firmware version is that of the chip and		the chip supports. Firmware version is that of the chip and
	is manufacturer specific.		is manufacturer specific.

	What: /sys/class/misc/tpmX/device/durations		What: /sys/class/tpm/tpmX/device/durations
	Date: March 2011		Date: March 2011
	KernelVersion: 3.1		KernelVersion: 3.1
	Contact: tpmdd-devel@lists.sf.net		Contact: tpmdd-devel@lists.sf.net
	@@ -66,7 +66,7 @@ Description: The "durations" property shows the 3 vendor-specific values
	scaled to be displayed in usecs. In this case "[adjusted]"		scaled to be displayed in usecs. In this case "[adjusted]"
	will be displayed in place of "[original]".		will be displayed in place of "[original]".

	What: /sys/class/misc/tpmX/device/enabled		What: /sys/class/tpm/tpmX/device/enabled
	Date: April 2006		Date: April 2006
	KernelVersion: 2.6.17		KernelVersion: 2.6.17
	Contact: tpmdd-devel@lists.sf.net		Contact: tpmdd-devel@lists.sf.net
	@@ -75,7 +75,7 @@ Description: The "enabled" property prints a '1' if the TPM chip is enabled,
	may be visible but produce a '0' after some operation that		may be visible but produce a '0' after some operation that
	disables the TPM.		disables the TPM.

	What: /sys/class/misc/tpmX/device/owned		What: /sys/class/tpm/tpmX/device/owned
	Date: April 2006		Date: April 2006
	KernelVersion: 2.6.17		KernelVersion: 2.6.17
	Contact: tpmdd-devel@lists.sf.net		Contact: tpmdd-devel@lists.sf.net
	@@ -83,7 +83,7 @@ Description: The "owned" property produces a '1' if the TPM_TakeOwnership
	ordinal has been executed successfully in the chip. A '0'		ordinal has been executed successfully in the chip. A '0'
	indicates that ownership hasn't been taken.		indicates that ownership hasn't been taken.

	What: /sys/class/misc/tpmX/device/pcrs		What: /sys/class/tpm/tpmX/device/pcrs
	Date: April 2005		Date: April 2005
	KernelVersion: 2.6.12		KernelVersion: 2.6.12
	Contact: tpmdd-devel@lists.sf.net		Contact: tpmdd-devel@lists.sf.net
	@@ -106,7 +106,7 @@ Description: The "pcrs" property will dump the current value of all Platform
	1.2 chips, PCRs represent SHA-1 hashes, which are 20 bytes		1.2 chips, PCRs represent SHA-1 hashes, which are 20 bytes
	long. Use the "caps" property to determine TPM version.		long. Use the "caps" property to determine TPM version.

	What: /sys/class/misc/tpmX/device/pubek		What: /sys/class/tpm/tpmX/device/pubek
	Date: April 2005		Date: April 2005
	KernelVersion: 2.6.12		KernelVersion: 2.6.12
	Contact: tpmdd-devel@lists.sf.net		Contact: tpmdd-devel@lists.sf.net
	@@ -158,7 +158,7 @@ Description: The "pubek" property will return the TPM's public endorsement
	Modulus Length: 256 (bytes)		Modulus Length: 256 (bytes)
	Modulus: The 256 byte Endorsement Key modulus		Modulus: The 256 byte Endorsement Key modulus

	What: /sys/class/misc/tpmX/device/temp_deactivated		What: /sys/class/tpm/tpmX/device/temp_deactivated
	Date: April 2006		Date: April 2006
	KernelVersion: 2.6.17		KernelVersion: 2.6.17
	Contact: tpmdd-devel@lists.sf.net		Contact: tpmdd-devel@lists.sf.net
	@@ -167,7 +167,7 @@ Description: The "temp_deactivated" property returns a '1' if the chip has
	cycle. Whether a warm boot (reboot) will clear a TPM chip		cycle. Whether a warm boot (reboot) will clear a TPM chip
	from a temp_deactivated state is platform specific.		from a temp_deactivated state is platform specific.

	What: /sys/class/misc/tpmX/device/timeouts		What: /sys/class/tpm/tpmX/device/timeouts
	Date: March 2011		Date: March 2011
	KernelVersion: 3.1		KernelVersion: 3.1
	Contact: tpmdd-devel@lists.sf.net		Contact: tpmdd-devel@lists.sf.net

Documentation/devicetree/bindings/security/tpm/st33zp24-i2c.txt

0 → 100644

+36 −0

Original line number	Original line	Diff line number	Diff line
			* STMicroelectronics SAS. ST33ZP24 TPM SoC

			Required properties:
			- compatible: Should be "st,st33zp24-i2c".
			- clock-frequency: I²C work frequency.
			- reg: address on the bus

			Optional ST33ZP24 Properties:
			- interrupt-parent: phandle for the interrupt gpio controller
			- interrupts: GPIO interrupt to which the chip is connected
			- lpcpd-gpios: Output GPIO pin used for ST33ZP24 power management D1/D2 state.
			If set, power must be present when the platform is going into sleep/hibernate mode.

			Optional SoC Specific Properties:
			- pinctrl-names: Contains only one value - "default".
			- pintctrl-0: Specifies the pin control groups used for this controller.

			Example (for ARM-based BeagleBoard xM with ST33ZP24 on I2C2):

			&i2c2 {

			status = "okay";

			st33zp24: st33zp24@13 {

			compatible = "st,st33zp24-i2c";

			reg = <0x13>;
			clock-frequency = <400000>;

			interrupt-parent = <&gpio5>;
			interrupts = <7 IRQ_TYPE_LEVEL_HIGH>;

			lpcpd-gpios = <&gpio5 15 GPIO_ACTIVE_HIGH>;
			};
			};

Documentation/security/keys.txt

+0 −2

Original line number	Original line	Diff line number	Diff line
	@@ -323,8 +323,6 @@ about the status of the key service:
	U Under construction by callback to userspace		U Under construction by callback to userspace
	N Negative key		N Negative key

	This file must be enabled at kernel configuration time as it allows anyone
	to list the keys database.

	(*) /proc/key-users		(*) /proc/key-users

MAINTAINERS

+10 −2

Original line number	Original line	Diff line number	Diff line
	@@ -4917,7 +4917,7 @@ F: drivers/ipack/

	INTEGRITY MEASUREMENT ARCHITECTURE (IMA)		INTEGRITY MEASUREMENT ARCHITECTURE (IMA)
	M: Mimi Zohar <zohar@linux.vnet.ibm.com>		M: Mimi Zohar <zohar@linux.vnet.ibm.com>
	M: Dmitry Kasatkin <d.kasatkin@samsung.com>		M: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
	L: linux-ima-devel@lists.sourceforge.net		L: linux-ima-devel@lists.sourceforge.net
	L: linux-ima-user@lists.sourceforge.net		L: linux-ima-user@lists.sourceforge.net
	L: linux-security-module@vger.kernel.org		L: linux-security-module@vger.kernel.org
	@@ -9817,13 +9817,21 @@ F: drivers/media/pci/tw68/

	TPM DEVICE DRIVER		TPM DEVICE DRIVER
	M: Peter Huewe <peterhuewe@gmx.de>		M: Peter Huewe <peterhuewe@gmx.de>
	M: Ashley Lai <ashley@ashleylai.com>
	M: Marcel Selhorst <tpmdd@selhorst.net>		M: Marcel Selhorst <tpmdd@selhorst.net>
	W: http://tpmdd.sourceforge.net		W: http://tpmdd.sourceforge.net
	L: tpmdd-devel@lists.sourceforge.net (moderated for non-subscribers)		L: tpmdd-devel@lists.sourceforge.net (moderated for non-subscribers)
			Q: git git://github.com/PeterHuewe/linux-tpmdd.git
			T: https://github.com/PeterHuewe/linux-tpmdd
	S: Maintained		S: Maintained
	F: drivers/char/tpm/		F: drivers/char/tpm/

			TPM IBM_VTPM DEVICE DRIVER
			M: Ashley Lai <ashleydlai@gmail.com>
			W: http://tpmdd.sourceforge.net
			L: tpmdd-devel@lists.sourceforge.net (moderated for non-subscribers)
			S: Maintained
			F: drivers/char/tpm/tpm_ibmvtpm*

	TRACING		TRACING
	M: Steven Rostedt <rostedt@goodmis.org>		M: Steven Rostedt <rostedt@goodmis.org>
	M: Ingo Molnar <mingo@redhat.com>		M: Ingo Molnar <mingo@redhat.com>

drivers/char/tpm/Kconfig

+12 −3

Original line number	Original line	Diff line number	Diff line
	@@ -100,15 +100,15 @@ config TCG_IBMVTPM
	will be accessible from within Linux. To compile this driver		will be accessible from within Linux. To compile this driver
	as a module, choose M here; the module will be called tpm_ibmvtpm.		as a module, choose M here; the module will be called tpm_ibmvtpm.

	config TCG_ST33_I2C		config TCG_TIS_I2C_ST33
	tristate "STMicroelectronics ST33 I2C TPM"		tristate "TPM Interface Specification 1.2 Interface (I2C - STMicroelectronics)"
	depends on I2C		depends on I2C
	depends on GPIOLIB		depends on GPIOLIB
	---help---		---help---
	If you have a TPM security chip from STMicroelectronics working with		If you have a TPM security chip from STMicroelectronics working with
	an I2C bus say Yes and it will be accessible from within Linux.		an I2C bus say Yes and it will be accessible from within Linux.
	To compile this driver as a module, choose M here; the module will be		To compile this driver as a module, choose M here; the module will be
	called tpm_stm_st33_i2c.		called tpm_i2c_stm_st33.

	config TCG_XEN		config TCG_XEN
	tristate "XEN TPM Interface"		tristate "XEN TPM Interface"
	@@ -122,4 +122,13 @@ config TCG_XEN
	To compile this driver as a module, choose M here; the module		To compile this driver as a module, choose M here; the module
	will be called xen-tpmfront.		will be called xen-tpmfront.

			config TCG_CRB
			tristate "TPM 2.0 CRB Interface"
			depends on X86 && ACPI
			---help---
			If you have a TPM security chip that is compliant with the
			TCG CRB 2.0 TPM specification say Yes and it will be accessible
			from within Linux. To compile this driver as a module, choose
			M here; the module will be called tpm_crb.

	endif # TCG_TPM		endif # TCG_TPM