lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Tue, 24 Oct 2017 17:44:40 +0200
From:   Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To:     Jason Gunthorpe <jgunthorpe@...idianresearch.com>
Cc:     Stefan Berger <stefanb@...ux.vnet.ibm.com>,
        linux-integrity@...r.kernel.org,
        David Howells <dhowells@...hat.com>,
        Herbert Xu <herbert@...dor.apana.org.au>,
        "open list:INTEGRITY MEASUREMENT ARCHITECTURE IMA" 
        <linux-ima-user@...ts.sourceforge.net>,
        Dmitry Kasatkin <dmitry.kasatkin@...il.com>,
        open list <linux-kernel@...r.kernel.org>,
        linux-security-module@...r.kernel.org,
        "moderated list:TPM DEVICE DRIVER" 
        <tpmdd-devel@...ts.sourceforge.net>,
        "open list:KEYS-TRUSTED" <keyrings@...r.kernel.org>,
        "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" 
        <linux-crypto@...r.kernel.org>,
        James Morris <james.l.morris@...cle.com>,
        Matt Mackall <mpm@...enic.com>,
        "open list:INTEGRITY MEASUREMENT ARCHITECTURE IMA" 
        <linux-ima-devel@...ts.sourceforge.net>,
        David Safford <safford@...ibm.com>,
        Mimi Zohar <zohar@...ux.vnet.ibm.com>,
        "Serge E. Hallyn" <serge@...lyn.com>
Subject: Re: [tpmdd-devel] [PATCH] tpm: remove chip_num parameter from
 in-kernel API

On Mon, Oct 23, 2017 at 10:31:39AM -0600, Jason Gunthorpe wrote:
> On Mon, Oct 23, 2017 at 10:07:31AM -0400, Stefan Berger wrote:
> 
> > >-int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
> > >+int tpm_pcr_extend(int pcr_idx, const u8 *hash)
> > >  {
> > 
> > 
> > I think every kernel internal TPM driver API should be called with the
> > tpm_chip as a parameter. This is in foresight of namespacing of IMA where we
> > want to provide the flexibility of passing a dedicated vTPM to each
> > namespace and IMA would use the chip as a parameter to all of these
> > functions to talk to the right tpm_vtpm_proxy instance. From that
> > perspective this patch goes into the wrong direction.
> 
> Yes, we should ultimately try and get to there.. Someday the
> tpm_chip_find_get() will need to become namespace aware.
> 
> But this patch is along the right path, eliminating the chip_num is
> the right thing to do..
> 
> > >-	tpm2 = tpm_is_tpm2(TPM_ANY_NUM);
> > >+	tpm2 = tpm_is_tpm2();
> > >  	if (tpm2 < 0)
> > >  		return tpm2;
> > >
> > >@@ -1008,7 +1007,7 @@ static int trusted_instantiate(struct key *key,
> > >  	switch (key_cmd) {
> > >  	case Opt_load:
> > >  		if (tpm2)
> > >-			ret = tpm_unseal_trusted(TPM_ANY_NUM, payload, options);
> > >+			ret = tpm_unseal_trusted(payload, options);
> 
> Sequences like this are sketchy.
> 
> It should be
> 
> struct tpm_chip *tpm;
> 
> tpm = tpm_chip_find_get()
> tpm2 = tpm_is_tpm2(tpm);
> 
> [..]
> 
> if (tpm2)
>      ret = tpm_unseal_trusted(tpm, payload, options);
> 
> [..]
> 
> tpm_put_chip(tpm);
> 
> As hot plug could alter the 'tpm' between the two tpm calls.
> 
> Jason

This patch just removes bunch of dead code. It does not change existing
semantics. What you are saying should be done after the dead code has
been removed. This commit is first step to that direction.

/Jarkko

Powered by blists - more mailing lists