From mboxrd@z Thu Jan 1 00:00:00 1970 From: James Bottomley Subject: Re: [PATCH RFC v2 5/5] tpm2: expose resource manager via a device link /dev/tpms Date: Thu, 12 Jan 2017 11:46:09 -0800 Message-ID: <1484250369.5807.11.camel@HansenPartnership.com> References: <20170112174612.9314-1-jarkko.sakkinen@linux.intel.com> <20170112174612.9314-6-jarkko.sakkinen@linux.intel.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <20170112174612.9314-6-jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tpmdd-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org To: Jarkko Sakkinen , tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org Cc: linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, open list List-Id: tpmdd-devel@lists.sourceforge.net On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote: > From: James Bottomley > > Currently the Resource Manager (RM) is not exposed to userspace. > Make > this exposure via a separate device, which can now be opened multiple > times because each read/write transaction goes separately via the RM. > > Concurrency is protected by the chip->tpm_mutex for each read/write > transaction separately. The TPM is cleared of all transient objects > by the time the mutex is dropped, so there should be no interference > between the kernel and userspace. There's a bug in this code that will crash on first command. This is the incremental fix. It must have got lost when I did the split. James --- diff --git a/drivers/char/tpm/tpms-dev.c b/drivers/char/tpm/tpms-dev.c index f4cb7a3..3eb5955 100644 --- a/drivers/char/tpm/tpms-dev.c +++ b/drivers/char/tpm/tpms-dev.c @@ -20,6 +20,11 @@ static int tpms_open(struct inode *inode, struct file *file) priv = kzalloc(sizeof(*priv), GFP_KERNEL); if (priv == NULL) return -ENOMEM; + priv->space.context_buf = kzalloc(PAGE_SIZE, GFP_KERNEL); + if (priv->space.context_buf == NULL) { + kfree(priv); + return -ENOMEM; + } tpm_common_open(file, chip, &priv->priv); ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751022AbdALT4Z (ORCPT ); Thu, 12 Jan 2017 14:56:25 -0500 Received: from bedivere.hansenpartnership.com ([66.63.167.143]:37244 "EHLO bedivere.hansenpartnership.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750819AbdALT4Y (ORCPT ); Thu, 12 Jan 2017 14:56:24 -0500 Message-ID: <1484250369.5807.11.camel@HansenPartnership.com> Subject: Re: [tpmdd-devel] [PATCH RFC v2 5/5] tpm2: expose resource manager via a device link /dev/tpms From: James Bottomley To: Jarkko Sakkinen , tpmdd-devel@lists.sourceforge.net Cc: open list , linux-security-module@vger.kernel.org Date: Thu, 12 Jan 2017 11:46:09 -0800 In-Reply-To: <20170112174612.9314-6-jarkko.sakkinen@linux.intel.com> References: <20170112174612.9314-1-jarkko.sakkinen@linux.intel.com> <20170112174612.9314-6-jarkko.sakkinen@linux.intel.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.16.5 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2017-01-12 at 19:46 +0200, Jarkko Sakkinen wrote: > From: James Bottomley > > Currently the Resource Manager (RM) is not exposed to userspace. > Make > this exposure via a separate device, which can now be opened multiple > times because each read/write transaction goes separately via the RM. > > Concurrency is protected by the chip->tpm_mutex for each read/write > transaction separately. The TPM is cleared of all transient objects > by the time the mutex is dropped, so there should be no interference > between the kernel and userspace. There's a bug in this code that will crash on first command. This is the incremental fix. It must have got lost when I did the split. James --- diff --git a/drivers/char/tpm/tpms-dev.c b/drivers/char/tpm/tpms-dev.c index f4cb7a3..3eb5955 100644 --- a/drivers/char/tpm/tpms-dev.c +++ b/drivers/char/tpm/tpms-dev.c @@ -20,6 +20,11 @@ static int tpms_open(struct inode *inode, struct file *file) priv = kzalloc(sizeof(*priv), GFP_KERNEL); if (priv == NULL) return -ENOMEM; + priv->space.context_buf = kzalloc(PAGE_SIZE, GFP_KERNEL); + if (priv->space.context_buf == NULL) { + kfree(priv); + return -ENOMEM; + } tpm_common_open(file, chip, &priv->priv);