| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAGxU2F5NSqMbA1Lep3+16GoZXR23q0OP8dFVVRJ6DG5sF20R3Q@mail.gmail.com> Date: Wed, 11 Dec 2024 16:38:29 +0100 From: Stefano Garzarella <sgarzare@...hat.com> To: Jason Gunthorpe <jgg@...pe.ca> Cc: James Bottomley <James.Bottomley@...senpartnership.com>, linux-coco@...ts.linux.dev, Borislav Petkov <bp@...en8.de>, Dave Hansen <dave.hansen@...ux.intel.com>, Peter Huewe <peterhuewe@....de>, "H. Peter Anvin" <hpa@...or.com>, linux-integrity@...r.kernel.org, x86@...nel.org, Joerg Roedel <jroedel@...e.de>, Jarkko Sakkinen <jarkko@...nel.org>, linux-kernel@...r.kernel.org, Ingo Molnar <mingo@...hat.com>, Thomas Gleixner <tglx@...utronix.de>, Claudio Carvalho <cclaudio@...ux.ibm.com>, Dov Murik <dovmurik@...ux.ibm.com>, Tom Lendacky <thomas.lendacky@....com> Subject: Re: [PATCH 3/3] x86/sev: add a SVSM vTPM platform device On Wed, Dec 11, 2024 at 4:00 PM Jason Gunthorpe <jgg@...pe.ca> wrote: > > On Wed, Dec 11, 2024 at 09:19:04AM +0100, Stefano Garzarella wrote: > > > > After that, there is no meaningful shared code here, and maybe the > > > TPM_CHIP_FLAG_IRQ hack can be avoided too. > > > > IIUC you are proposing the following steps: > > - extend tpm_class_ops to add a new send_recv() op and use it in > > tpm_try_transmit() > > Yes, that seems to be the majority of your shared code. > > > - call the code in tpm_platform_probe() directly in sev > > Yes Thanks for confirming! > > > This would remove the intermediate driver, but at this point is it > > worth keeping tpm_platform_send() and tpm_platform_recv() in a header > > or module, since these are not related to sev, but to MSSIM? > > Reuse *what* exactly? These are 10 both line funtions that just call > another function pointer. Where exactly is this common MSSIM stuff? Except for the call to pops->sendrcv(buffer) the rest depends on how the TCG TPM reference implementation [1] expects the request/response to be formatted (we refer to this protocol with MSSIM). This format doesn't depend on sev, and as James said, OpenHCL for example will have to use the same format (e.g. buffer defined by struct tpm_send_cmd_req, filled with TPM_SEND_COMMAND, etc.), so basically rewrite a similar function, because it also emulates the vTPM using the TCG TPM reference implementation. Now, I understand it's only 10 lines of code, but that code is strictly TCG TPM dependent, so it might make sense to avoid having to rewrite it for every implementation where the device is emulated by TCG TPM. > > Stated another way, by adding send_Recv() op to tpm_class_ops you have > already allowed reuse of all the code in tpm_platform_send/recv(). Partially, I mean the buffer format will always be the same for all platforms (e.g. sev, OpenHCL, etc.), but how we read/write will be different. That is why I was saying to create a header with helpers that create the request/parse the response as TCG TPM expects. Thanks, Stefano [1] https://github.com/TrustedComputingGroup/TPM
Powered by blists - more mailing lists