Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security

Pull security subsystem updates from James Morris:
 "In this release:

   - PKCS#7 parser for the key management subsystem from David Howells
   - appoint Kees Cook as seccomp maintainer
   - bugfixes and general maintenance across the subsystem"

* 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: (94 commits)
  X.509: Need to export x509_request_asymmetric_key()
  netlabel: shorter names for the NetLabel catmap funcs/structs
  netlabel: fix the catmap walking functions
  netlabel: fix the horribly broken catmap functions
  netlabel: fix a problem when setting bits below the previously lowest bit
  PKCS#7: X.509 certificate issuer and subject are mandatory fields in the ASN.1
  tpm: simplify code by using %*phN specifier
  tpm: Provide a generic means to override the chip returned timeouts
  tpm: missing tpm_chip_put in tpm_get_random()
  tpm: Properly clean sysfs entries in error path
  tpm: Add missing tpm_do_selftest to ST33 I2C driver
  PKCS#7: Use x509_request_asymmetric_key()
  Revert "selinux: fix the default socket labeling in sock_graft()"
  X.509: x509_request_asymmetric_keys() doesn't need string length arguments
  PKCS#7: fix sparse non static symbol warning
  KEYS: revert encrypted key change
  ima: add support for measuring and appraising firmware
  firmware_class: perform new LSM checks
  security: introduce kernel_fw_from_file hook
  PKCS#7: Missing inclusion of linux/err.h
  ...

4 files changed, 81 insertions, 28 deletions

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 62e10fd1e1cb..6af17002a115 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -491,11 +491,10 @@ static int tpm_startup(struct tpm_chip *chip, __be16 startup_type)
 int tpm_get_timeouts(struct tpm_chip *chip)
 {
         struct tpm_cmd_t tpm_cmd;
-        struct timeout_t *timeout_cap;
+        unsigned long new_timeout[4];
+        unsigned long old_timeout[4];
         struct duration_t *duration_cap;
         ssize_t rc;
-        u32 timeout;
-        unsigned int scale = 1;
 
         tpm_cmd.header.in = tpm_getcap_header;
         tpm_cmd.params.getcap_in.cap = TPM_CAP_PROP;
@@ -529,25 +528,46 @@ int tpm_get_timeouts(struct tpm_chip *chip)
             != sizeof(tpm_cmd.header.out) + sizeof(u32) + 4 * sizeof(u32))
                 return -EINVAL;
 
-        timeout_cap = &tpm_cmd.params.getcap_out.cap.timeout;
-        /* Don't overwrite default if value is 0 */
-        timeout = be32_to_cpu(timeout_cap->a);
-        if (timeout && timeout < 1000) {
-                /* timeouts in msec rather usec */
-                scale = 1000;
-                chip->vendor.timeout_adjusted = true;
+        old_timeout[0] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.a);
+        old_timeout[1] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.b);
+        old_timeout[2] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.c);
+        old_timeout[3] = be32_to_cpu(tpm_cmd.params.getcap_out.cap.timeout.d);
+        memcpy(new_timeout, old_timeout, sizeof(new_timeout));
+
+        /*
+         * Provide ability for vendor overrides of timeout values in case
+         * of misreporting.
+         */
+        if (chip->ops->update_timeouts != NULL)
+                chip->vendor.timeout_adjusted =
+                        chip->ops->update_timeouts(chip, new_timeout);
+
+        if (!chip->vendor.timeout_adjusted) {
+                /* Don't overwrite default if value is 0 */
+                if (new_timeout[0] != 0 && new_timeout[0] < 1000) {
+                        int i;
+
+                        /* timeouts in msec rather usec */
+                        for (i = 0; i != ARRAY_SIZE(new_timeout); i++)
+                                new_timeout[i] *= 1000;
+                        chip->vendor.timeout_adjusted = true;
+                }
+        }
+
+        /* Report adjusted timeouts */
+        if (chip->vendor.timeout_adjusted) {
+                dev_info(chip->dev,
+                         HW_ERR "Adjusting reported timeouts: A %lu->%luus B %lu->%luus C %lu->%luus D %lu->%luus\n",
+                         old_timeout[0], new_timeout[0],
+                         old_timeout[1], new_timeout[1],
+                         old_timeout[2], new_timeout[2],
+                         old_timeout[3], new_timeout[3]);
         }
-        if (timeout)
-                chip->vendor.timeout_a = usecs_to_jiffies(timeout * scale);
-        timeout = be32_to_cpu(timeout_cap->b);
-        if (timeout)
-                chip->vendor.timeout_b = usecs_to_jiffies(timeout * scale);
-        timeout = be32_to_cpu(timeout_cap->c);
-        if (timeout)
-                chip->vendor.timeout_c = usecs_to_jiffies(timeout * scale);
-        timeout = be32_to_cpu(timeout_cap->d);
-        if (timeout)
-                chip->vendor.timeout_d = usecs_to_jiffies(timeout * scale);
+
+        chip->vendor.timeout_a = usecs_to_jiffies(new_timeout[0]);
+        chip->vendor.timeout_b = usecs_to_jiffies(new_timeout[1]);
+        chip->vendor.timeout_c = usecs_to_jiffies(new_timeout[2]);
+        chip->vendor.timeout_d = usecs_to_jiffies(new_timeout[3]);
 
 duration:
         tpm_cmd.header.in = tpm_getcap_header;
@@ -991,13 +1011,13 @@ int tpm_get_random(u32 chip_num, u8 *out, size_t max)
         int err, total = 0, retries = 5;
         u8 *dest = out;
 
+        if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
+                return -EINVAL;
+
         chip = tpm_chip_find_get(chip_num);
         if (chip == NULL)
                 return -ENODEV;
 
-        if (!out || !num_bytes || max > TPM_MAX_RNG_DATA)
-                return -EINVAL;
-
         do {
                 tpm_cmd.header.in = tpm_getrandom_header;
                 tpm_cmd.params.getrandom_in.num_bytes = cpu_to_be32(num_bytes);
@@ -1016,6 +1036,7 @@ int tpm_get_random(u32 chip_num, u8 *out, size_t max)
                 num_bytes -= recd;
         } while (retries-- && total < max);
 
+        tpm_chip_put(chip);
         return total ? total : -EIO;
 }
 EXPORT_SYMBOL_GPL(tpm_get_random);
@@ -1095,7 +1116,7 @@ struct tpm_chip *tpm_register_hardware(struct device *dev,
                 goto del_misc;
 
         if (tpm_add_ppi(&dev->kobj))
-                goto del_misc;
+                goto del_sysfs;
 
         chip->bios_dir = tpm_bios_log_setup(chip->devname);
 
@@ -1106,6 +1127,8 @@ struct tpm_chip *tpm_register_hardware(struct device *dev,
 
         return chip;
 
+del_sysfs:
+        tpm_sysfs_del_device(chip);
 del_misc:
         tpm_dev_del_device(chip);
 put_device:
diff --git a/drivers/char/tpm/tpm_eventlog.c b/drivers/char/tpm/tpm_eventlog.c
index 59f7cb28260b..3a56a131586c 100644
--- a/drivers/char/tpm/tpm_eventlog.c
+++ b/drivers/char/tpm/tpm_eventlog.c
@@ -235,7 +235,6 @@ static int tpm_bios_measurements_release(struct inode *inode,
 static int tpm_ascii_bios_measurements_show(struct seq_file *m, void *v)
 {
         int len = 0;
-        int i;
         char *eventname;
         struct tcpa_event *event = v;
         unsigned char *event_entry =
@@ -251,8 +250,7 @@ static int tpm_ascii_bios_measurements_show(struct seq_file *m, void *v)
         seq_printf(m, "%2d ", event->pcr_index);
 
         /* 2nd: SHA1 */
-        for (i = 0; i < 20; i++)
-                seq_printf(m, "%02x", event->pcr_value[i]);
+        seq_printf(m, "%20phN", event->pcr_value);
 
         /* 3rd: event type identifier */
         seq_printf(m, " %02x", event->event_type);
diff --git a/drivers/char/tpm/tpm_i2c_stm_st33.c b/drivers/char/tpm/tpm_i2c_stm_st33.c
index 3b7bf2162898..4669e3713428 100644
--- a/drivers/char/tpm/tpm_i2c_stm_st33.c
+++ b/drivers/char/tpm/tpm_i2c_stm_st33.c
@@ -714,6 +714,7 @@ tpm_st33_i2c_probe(struct i2c_client *client, const struct i2c_device_id *id)
         }
 
         tpm_get_timeouts(chip);
+        tpm_do_selftest(chip);
 
         dev_info(chip->dev, "TPM I2C Initialized\n");
         return 0;
diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
index a9ed2270c25d..2c46734b266d 100644
--- a/drivers/char/tpm/tpm_tis.c
+++ b/drivers/char/tpm/tpm_tis.c
@@ -373,6 +373,36 @@ out_err:
         return rc;
 }
 
+struct tis_vendor_timeout_override {
+        u32 did_vid;
+        unsigned long timeout_us[4];
+};
+
+static const struct tis_vendor_timeout_override vendor_timeout_overrides[] = {
+        /* Atmel 3204 */
+        { 0x32041114, { (TIS_SHORT_TIMEOUT*1000), (TIS_LONG_TIMEOUT*1000),
+                        (TIS_SHORT_TIMEOUT*1000), (TIS_SHORT_TIMEOUT*1000) } },
+};
+
+static bool tpm_tis_update_timeouts(struct tpm_chip *chip,
+                                    unsigned long *timeout_cap)
+{
+        int i;
+        u32 did_vid;
+
+        did_vid = ioread32(chip->vendor.iobase + TPM_DID_VID(0));
+
+        for (i = 0; i != ARRAY_SIZE(vendor_timeout_overrides); i++) {
+                if (vendor_timeout_overrides[i].did_vid != did_vid)
+                        continue;
+                memcpy(timeout_cap, vendor_timeout_overrides[i].timeout_us,
+                       sizeof(vendor_timeout_overrides[i].timeout_us));
+                return true;
+        }
+
+        return false;
+}
+
 /*
  * Early probing for iTPM with STS_DATA_EXPECT flaw.
  * Try sending command without itpm flag set and if that
@@ -437,6 +467,7 @@ static const struct tpm_class_ops tpm_tis = {
         .recv = tpm_tis_recv,
         .send = tpm_tis_send,
         .cancel = tpm_tis_ready,
+        .update_timeouts = tpm_tis_update_timeouts,
         .req_complete_mask = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
         .req_complete_val = TPM_STS_DATA_AVAIL | TPM_STS_VALID,
         .req_canceled = tpm_tis_req_canceled,