[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CANc+2y4TbkfPT3d_sBd0MbE7ZJ4F7Sfsfvdv9V6=63=tRpWn4A@mail.gmail.com>
Date: Tue, 24 Oct 2017 21:21:15 +0530
From: PrasannaKumar Muralidharan <prasannatsmkumar@...il.com>
To: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
Cc: Jason Gunthorpe <jgunthorpe@...idianresearch.com>,
Stefan Berger <stefanb@...ux.vnet.ibm.com>,
linux-integrity@...r.kernel.org,
David Howells <dhowells@...hat.com>,
Herbert Xu <herbert@...dor.apana.org.au>,
"open list:INTEGRITY MEASUREMENT ARCHITECTURE IMA"
<linux-ima-user@...ts.sourceforge.net>,
Dmitry Kasatkin <dmitry.kasatkin@...il.com>,
open list <linux-kernel@...r.kernel.org>,
linux-security-module@...r.kernel.org,
"moderated list:TPM DEVICE DRIVER"
<tpmdd-devel@...ts.sourceforge.net>,
"open list:KEYS-TRUSTED" <keyrings@...r.kernel.org>,
"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
<linux-crypto@...r.kernel.org>,
James Morris <james.l.morris@...cle.com>,
Matt Mackall <mpm@...enic.com>,
"open list:INTEGRITY MEASUREMENT ARCHITECTURE IMA"
<linux-ima-devel@...ts.sourceforge.net>,
David Safford <safford@...ibm.com>,
Mimi Zohar <zohar@...ux.vnet.ibm.com>,
"Serge E. Hallyn" <serge@...lyn.com>
Subject: Re: [tpmdd-devel] [PATCH] tpm: remove chip_num parameter from
in-kernel API
On 24 October 2017 at 21:14, Jarkko Sakkinen
<jarkko.sakkinen@...ux.intel.com> wrote:
> On Mon, Oct 23, 2017 at 10:31:39AM -0600, Jason Gunthorpe wrote:
>> On Mon, Oct 23, 2017 at 10:07:31AM -0400, Stefan Berger wrote:
>>
>> > >-int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
>> > >+int tpm_pcr_extend(int pcr_idx, const u8 *hash)
>> > > {
>> >
>> >
>> > I think every kernel internal TPM driver API should be called with the
>> > tpm_chip as a parameter. This is in foresight of namespacing of IMA where we
>> > want to provide the flexibility of passing a dedicated vTPM to each
>> > namespace and IMA would use the chip as a parameter to all of these
>> > functions to talk to the right tpm_vtpm_proxy instance. From that
>> > perspective this patch goes into the wrong direction.
>>
>> Yes, we should ultimately try and get to there.. Someday the
>> tpm_chip_find_get() will need to become namespace aware.
>>
>> But this patch is along the right path, eliminating the chip_num is
>> the right thing to do..
>>
>> > >- tpm2 = tpm_is_tpm2(TPM_ANY_NUM);
>> > >+ tpm2 = tpm_is_tpm2();
>> > > if (tpm2 < 0)
>> > > return tpm2;
>> > >
>> > >@@ -1008,7 +1007,7 @@ static int trusted_instantiate(struct key *key,
>> > > switch (key_cmd) {
>> > > case Opt_load:
>> > > if (tpm2)
>> > >- ret = tpm_unseal_trusted(TPM_ANY_NUM, payload, options);
>> > >+ ret = tpm_unseal_trusted(payload, options);
>>
>> Sequences like this are sketchy.
>>
>> It should be
>>
>> struct tpm_chip *tpm;
>>
>> tpm = tpm_chip_find_get()
>> tpm2 = tpm_is_tpm2(tpm);
>>
>> [..]
>>
>> if (tpm2)
>> ret = tpm_unseal_trusted(tpm, payload, options);
>>
>> [..]
>>
>> tpm_put_chip(tpm);
>>
>> As hot plug could alter the 'tpm' between the two tpm calls.
>>
>> Jason
>
> This patch just removes bunch of dead code. It does not change existing
> semantics. What you are saying should be done after the dead code has
> been removed. This commit is first step to that direction.
>
> /Jarkko
Please check the RFC [1]. It does use chip id. The rfc has issues and
has to be fixed but still there could be users of the API.
1. https://www.spinics.net/lists/linux-crypto/msg28282.html
Regards,
PrasannaKumar
Powered by blists - more mailing lists