From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: Nayna Jain <nayna@linux.vnet.ibm.com>
Cc: tpmdd-devel@lists.sourceforge.net, peterhuewe@gmx.de,
tpmdd@selhorst.net, jgunthorpe@obsidianresearch.com,
linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH v6 5/9] tpm: have event log use the tpm_chip
Date: Mon, 14 Nov 2016 15:44:02 -0800 [thread overview]
Message-ID: <20161114234401.dkffb5gcvols4sgb@intel.com> (raw)
In-Reply-To: <1479117656-12403-6-git-send-email-nayna@linux.vnet.ibm.com>
On Mon, Nov 14, 2016 at 05:00:52AM -0500, Nayna Jain wrote:
> Move the backing memory for the event log into tpm_chip and push
> the tpm_chip into read_log. This optimizes read_log processing by
> only doing it once and prepares things for the next patches in the
> series which require the tpm_chip to locate the event log via
> ACPI and OF handles instead of searching.
>
> This is straightfoward except for the issue of passing a kref through
> i_private with securityfs. Since securityfs_remove does not have any
> removal fencing like sysfs we use the inode lock to safely get a
> kref on the tpm_chip.
>
> Suggested-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
> Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
/Jarkko
> ---
> drivers/char/tpm/tpm-chip.c | 3 +-
> drivers/char/tpm/tpm.h | 11 ++++++
> drivers/char/tpm/tpm_acpi.c | 15 +++++--
> drivers/char/tpm/tpm_eventlog.c | 88 ++++++++++++++++++++++++++---------------
> drivers/char/tpm/tpm_eventlog.h | 2 +-
> drivers/char/tpm/tpm_of.c | 4 +-
> 6 files changed, 85 insertions(+), 38 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
> index 250a651..3f27753 100644
> --- a/drivers/char/tpm/tpm-chip.c
> +++ b/drivers/char/tpm/tpm-chip.c
> @@ -127,6 +127,7 @@ static void tpm_dev_release(struct device *dev)
> idr_remove(&dev_nums_idr, chip->dev_num);
> mutex_unlock(&idr_lock);
>
> + kfree(chip->log.bios_event_log);
> kfree(chip);
> }
>
> @@ -345,7 +346,7 @@ int tpm_chip_register(struct tpm_chip *chip)
> tpm_sysfs_add_device(chip);
>
> rc = tpm_bios_log_setup(chip);
> - if (rc)
> + if (rc == -ENODEV)
> return rc;
>
> tpm_add_ppi(chip);
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index 9d69580..1ae9768 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -35,6 +35,8 @@
> #include <linux/cdev.h>
> #include <linux/highmem.h>
>
> +#include "tpm_eventlog.h"
> +
> enum tpm_const {
> TPM_MINOR = 224, /* officially assigned */
> TPM_BUFSIZE = 4096,
> @@ -146,6 +148,11 @@ enum tpm_chip_flags {
> TPM_CHIP_FLAG_HAVE_TIMEOUTS = BIT(4),
> };
>
> +struct tpm_chip_seqops {
> + struct tpm_chip *chip;
> + const struct seq_operations *seqops;
> +};
> +
> struct tpm_chip {
> struct device dev;
> struct cdev cdev;
> @@ -157,6 +164,10 @@ struct tpm_chip {
> struct rw_semaphore ops_sem;
> const struct tpm_class_ops *ops;
>
> + struct tpm_bios_log log;
> + struct tpm_chip_seqops bin_log_seqops;
> + struct tpm_chip_seqops ascii_log_seqops;
> +
> unsigned int flags;
>
> int dev_num; /* /dev/tpm# */
> diff --git a/drivers/char/tpm/tpm_acpi.c b/drivers/char/tpm/tpm_acpi.c
> index 565a947..01dfb35 100644
> --- a/drivers/char/tpm/tpm_acpi.c
> +++ b/drivers/char/tpm/tpm_acpi.c
> @@ -9,7 +9,7 @@
> *
> * Maintained by: <tpmdd-devel@lists.sourceforge.net>
> *
> - * Access to the eventlog extended by the TCG BIOS of PC platform
> + * Access to the event log extended by the TCG BIOS of PC platform
> *
> * This program is free software; you can redistribute it and/or
> * modify it under the terms of the GNU General Public License
> @@ -45,13 +45,15 @@ struct acpi_tcpa {
> };
>
> /* read binary bios log */
> -int read_log(struct tpm_bios_log *log)
> +int read_log(struct tpm_chip *chip)
> {
> struct acpi_tcpa *buff;
> acpi_status status;
> void __iomem *virt;
> u64 len, start;
> + struct tpm_bios_log *log;
>
> + log = &chip->log;
> if (log->bios_event_log != NULL) {
> printk(KERN_ERR
> "%s: ERROR - Eventlog already initialized\n",
> @@ -97,13 +99,18 @@ int read_log(struct tpm_bios_log *log)
>
> virt = acpi_os_map_iomem(start, len);
> if (!virt) {
> - kfree(log->bios_event_log);
> printk("%s: ERROR - Unable to map memory\n", __func__);
> - return -EIO;
> + goto err;
> }
>
> memcpy_fromio(log->bios_event_log, virt, len);
>
> acpi_os_unmap_iomem(virt, len);
> return 0;
> +
> +err:
> + kfree(log->bios_event_log);
> + log->bios_event_log = NULL;
> + return -EIO;
> +
> }
> diff --git a/drivers/char/tpm/tpm_eventlog.c b/drivers/char/tpm/tpm_eventlog.c
> index 57ac862..f8c42fe 100644
> --- a/drivers/char/tpm/tpm_eventlog.c
> +++ b/drivers/char/tpm/tpm_eventlog.c
> @@ -11,7 +11,7 @@
> *
> * Maintained by: <tpmdd-devel@lists.sourceforge.net>
> *
> - * Access to the eventlog created by a system's firmware / BIOS
> + * Access to the event log created by a system's firmware / BIOS
> *
> * This program is free software; you can redistribute it and/or
> * modify it under the terms of the GNU General Public License
> @@ -73,7 +73,8 @@ static const char* tcpa_pc_event_id_strings[] = {
> static void *tpm_bios_measurements_start(struct seq_file *m, loff_t *pos)
> {
> loff_t i;
> - struct tpm_bios_log *log = m->private;
> + struct tpm_chip *chip = m->private;
> + struct tpm_bios_log *log = &chip->log;
> void *addr = log->bios_event_log;
> void *limit = log->bios_event_log_end;
> struct tcpa_event *event;
> @@ -120,7 +121,8 @@ static void *tpm_bios_measurements_next(struct seq_file *m, void *v,
> loff_t *pos)
> {
> struct tcpa_event *event = v;
> - struct tpm_bios_log *log = m->private;
> + struct tpm_chip *chip = m->private;
> + struct tpm_bios_log *log = &chip->log;
> void *limit = log->bios_event_log_end;
> u32 converted_event_size;
> u32 converted_event_type;
> @@ -261,13 +263,10 @@ static int tpm_binary_bios_measurements_show(struct seq_file *m, void *v)
> static int tpm_bios_measurements_release(struct inode *inode,
> struct file *file)
> {
> - struct seq_file *seq = file->private_data;
> - struct tpm_bios_log *log = seq->private;
> + struct seq_file *seq = (struct seq_file *)file->private_data;
> + struct tpm_chip *chip = (struct tpm_chip *)seq->private;
>
> - if (log) {
> - kfree(log->bios_event_log);
> - kfree(log);
> - }
> + put_device(&chip->dev);
>
> return seq_release(inode, file);
> }
> @@ -323,33 +322,30 @@ static int tpm_bios_measurements_open(struct inode *inode,
> struct file *file)
> {
> int err;
> - struct tpm_bios_log *log;
> struct seq_file *seq;
> - const struct seq_operations *seqops =
> - (const struct seq_operations *)inode->i_private;
> -
> - log = kzalloc(sizeof(struct tpm_bios_log), GFP_KERNEL);
> - if (!log)
> - return -ENOMEM;
> -
> - if ((err = read_log(log)))
> - goto out_free;
> + struct tpm_chip_seqops *chip_seqops;
> + const struct seq_operations *seqops;
> + struct tpm_chip *chip;
> +
> + inode_lock(inode);
> + if (!inode->i_private) {
> + inode_unlock(inode);
> + return -ENODEV;
> + }
> + chip_seqops = (struct tpm_chip_seqops *)inode->i_private;
> + seqops = chip_seqops->seqops;
> + chip = chip_seqops->chip;
> + get_device(&chip->dev);
> + inode_unlock(inode);
>
> /* now register seq file */
> err = seq_open(file, seqops);
> if (!err) {
> seq = file->private_data;
> - seq->private = log;
> - } else {
> - goto out_free;
> + seq->private = chip;
> }
>
> -out:
> return err;
> -out_free:
> - kfree(log->bios_event_log);
> - kfree(log);
> - goto out;
> }
>
> static const struct file_operations tpm_bios_measurements_ops = {
> @@ -372,29 +368,47 @@ int tpm_bios_log_setup(struct tpm_chip *chip)
> {
> const char *name = dev_name(&chip->dev);
> unsigned int cnt;
> + int rc = 0;
>
> if (chip->flags & TPM_CHIP_FLAG_TPM2)
> return 0;
>
> + rc = read_log(chip);
> + /*
> + * read_log failure means event log is not supported except for ENOMEM.
> + */
> + if (rc < 0) {
> + if (rc == -ENOMEM)
> + return -ENODEV;
> + else
> + return rc;
> + }
> +
> cnt = 0;
> chip->bios_dir[cnt] = securityfs_create_dir(name, NULL);
> if (is_bad(chip->bios_dir[cnt]))
> goto err;
> cnt++;
>
> + chip->bin_log_seqops.chip = chip;
> + chip->bin_log_seqops.seqops = &tpm_binary_b_measurements_seqops;
> +
> chip->bios_dir[cnt] =
> securityfs_create_file("binary_bios_measurements",
> 0440, chip->bios_dir[0],
> - (void *)&tpm_binary_b_measurements_seqops,
> + (void *)&chip->bin_log_seqops,
> &tpm_bios_measurements_ops);
> if (is_bad(chip->bios_dir[cnt]))
> goto err;
> cnt++;
>
> + chip->ascii_log_seqops.chip = chip;
> + chip->ascii_log_seqops.seqops = &tpm_ascii_b_measurements_seqops;
> +
> chip->bios_dir[cnt] =
> securityfs_create_file("ascii_bios_measurements",
> 0440, chip->bios_dir[0],
> - (void *)&tpm_ascii_b_measurements_seqops,
> + (void *)&chip->ascii_log_seqops,
> &tpm_bios_measurements_ops);
> if (is_bad(chip->bios_dir[cnt]))
> goto err;
> @@ -411,7 +425,19 @@ int tpm_bios_log_setup(struct tpm_chip *chip)
> void tpm_bios_log_teardown(struct tpm_chip *chip)
> {
> int i;
> -
> - for (i = (TPM_NUM_EVENT_LOG_FILES - 1); i >= 0; i--)
> + struct inode *inode;
> +
> + /* securityfs_remove currently doesn't take care of handling sync
> + * between removal and opening of pseudo files. To handle this, a
> + * workaround is added by making i_private = NULL here during removal
> + * and to check it during open(), both within inode_lock()/unlock().
> + * This design ensures that open() either safely gets kref or fails.
> + */
> + for (i = (TPM_NUM_EVENT_LOG_FILES - 1); i >= 0; i--) {
> + inode = d_inode(chip->bios_dir[i]);
> + inode_lock(inode);
> + inode->i_private = NULL;
> + inode_unlock(inode);
> securityfs_remove(chip->bios_dir[i]);
> + }
> }
> diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h
> index fd3357e..6df2f8e 100644
> --- a/drivers/char/tpm/tpm_eventlog.h
> +++ b/drivers/char/tpm/tpm_eventlog.h
> @@ -73,7 +73,7 @@ enum tcpa_pc_event_ids {
> HOST_TABLE_OF_DEVICES,
> };
>
> -int read_log(struct tpm_bios_log *log);
> +int read_log(struct tpm_chip *chip);
>
> #if defined(CONFIG_TCG_IBMVTPM) || defined(CONFIG_TCG_IBMVTPM_MODULE) || \
> defined(CONFIG_ACPI)
> diff --git a/drivers/char/tpm/tpm_of.c b/drivers/char/tpm/tpm_of.c
> index 570f30c..68d891a 100644
> --- a/drivers/char/tpm/tpm_of.c
> +++ b/drivers/char/tpm/tpm_of.c
> @@ -20,12 +20,14 @@
> #include "tpm.h"
> #include "tpm_eventlog.h"
>
> -int read_log(struct tpm_bios_log *log)
> +int read_log(struct tpm_chip *chip)
> {
> struct device_node *np;
> const u32 *sizep;
> const u64 *basep;
> + struct tpm_bios_log *log;
>
> + log = &chip->log;
> if (log->bios_event_log != NULL) {
> pr_err("%s: ERROR - Eventlog already initialized\n", __func__);
> return -EFAULT;
> --
> 2.5.0
>
next prev parent reply other threads:[~2016-11-14 23:44 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-14 10:00 [PATCH v6 0/9] tpm: cleanup/fixes in existing event log support Nayna Jain
2016-11-14 10:00 ` [PATCH v6 2/9] tpm: replace symbolic permission with octal for securityfs files Nayna Jain
[not found] ` <1479117656-12403-3-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-11-14 22:18 ` Jarkko Sakkinen
2016-11-14 22:18 ` Jarkko Sakkinen
2016-11-14 22:21 ` Jarkko Sakkinen
2016-11-14 22:21 ` Jarkko Sakkinen
[not found] ` <20161114222114.wtk2nypib2o4zfvk-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-11-15 0:11 ` Jarkko Sakkinen
2016-11-15 0:11 ` [tpmdd-devel] " Jarkko Sakkinen
[not found] ` <1479117656-12403-1-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-11-14 10:00 ` [PATCH v6 1/9] tpm: define a generic open() method for ascii & bios measurements Nayna Jain
2016-11-14 10:00 ` Nayna Jain
2016-11-14 10:00 ` [PATCH v6 3/9] tpm: replace dynamically allocated bios_dir with a static array Nayna Jain
2016-11-14 10:00 ` Nayna Jain
2016-11-22 11:23 ` Jarkko Sakkinen
[not found] ` <20161122112333.7ootyrbssd6pkrjb-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-11-22 16:58 ` Jason Gunthorpe
2016-11-22 16:58 ` Jason Gunthorpe
[not found] ` <20161122165856.GD3956-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-11-24 13:57 ` Jarkko Sakkinen
2016-11-24 13:57 ` Jarkko Sakkinen
[not found] ` <20161124135723.kfafipftppjyr5ip-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-11-24 16:53 ` Jason Gunthorpe
2016-11-24 16:53 ` Jason Gunthorpe
[not found] ` <20161124165313.GB4930-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-11-25 8:08 ` Jarkko Sakkinen
2016-11-25 8:08 ` Jarkko Sakkinen
2016-11-25 19:38 ` Jason Gunthorpe
2016-11-26 12:54 ` Jarkko Sakkinen
2016-11-22 19:26 ` Nayna
2016-11-24 14:01 ` Jarkko Sakkinen
2016-11-14 10:00 ` [PATCH v6 4/9] tpm: drop tpm1_chip_register(/unregister) Nayna Jain
2016-11-14 10:00 ` Nayna Jain
2016-11-22 11:22 ` Jarkko Sakkinen
[not found] ` <20161122112200.55khdxtctt5rel4j-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-11-22 16:42 ` Jason Gunthorpe
2016-11-22 16:42 ` Jason Gunthorpe
[not found] ` <20161122164240.GC3956-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-11-23 18:33 ` Nayna
2016-11-23 18:33 ` Nayna
2016-11-24 11:52 ` Jarkko Sakkinen
2016-11-24 11:51 ` Jarkko Sakkinen
2016-11-24 11:51 ` Jarkko Sakkinen
2016-11-14 10:00 ` [PATCH v6 5/9] tpm: have event log use the tpm_chip Nayna Jain
2016-11-14 10:00 ` Nayna Jain
2016-11-14 23:44 ` Jarkko Sakkinen [this message]
[not found] ` <20161114234401.dkffb5gcvols4sgb-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-11-15 0:12 ` Jarkko Sakkinen
2016-11-15 0:12 ` Jarkko Sakkinen
2016-11-14 10:00 ` [PATCH v6 6/9] tpm: fix the missing .owner in tpm_bios_measurements_ops Nayna Jain
2016-11-14 10:00 ` Nayna Jain
2016-11-14 22:22 ` Jarkko Sakkinen
2016-11-15 0:13 ` Jarkko Sakkinen
2016-11-14 10:00 ` [PATCH v6 7/9] tpm: redefine read_log() to handle ACPI/OF at runtime Nayna Jain
2016-11-14 10:00 ` Nayna Jain
2016-11-15 0:14 ` Jarkko Sakkinen
2016-11-14 10:00 ` [PATCH v6 8/9] tpm: replace of_find_node_by_name() with dev of_node property Nayna Jain
2016-11-14 10:00 ` Nayna Jain
2016-11-14 10:00 ` [PATCH v6 9/9] tpm: cleanup of printk error messages Nayna Jain
2016-11-14 10:00 ` Nayna Jain
[not found] ` <1479117656-12403-10-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-11-14 22:24 ` Jarkko Sakkinen
2016-11-14 22:24 ` Jarkko Sakkinen
2016-11-15 0:15 ` Jarkko Sakkinen
2016-11-14 22:33 ` [PATCH v6 0/9] tpm: cleanup/fixes in existing event log support Jarkko Sakkinen
2016-11-14 22:33 ` Jarkko Sakkinen
2016-11-15 0:25 ` Jarkko Sakkinen
[not found] ` <20161115002514.qhweuyzg5mgebusq-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-11-15 0:30 ` Jarkko Sakkinen
2016-11-15 0:30 ` Jarkko Sakkinen
2016-11-15 2:15 ` Jarkko Sakkinen
[not found] ` <20161115021543.d4wgjqid7fut4y4c-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-11-15 5:35 ` Nayna
2016-11-15 5:35 ` Nayna
2016-11-15 17:40 ` Jarkko Sakkinen
2016-11-15 18:06 ` Jason Gunthorpe
2016-11-15 18:54 ` Jarkko Sakkinen
[not found] ` <20161115185453.e52miq2em7gj4qyi-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-11-19 18:36 ` Jason Gunthorpe
2016-11-19 18:36 ` Jason Gunthorpe
2016-11-20 9:58 ` Jarkko Sakkinen
2016-11-21 18:25 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161114234401.dkffb5gcvols4sgb@intel.com \
--to=jarkko.sakkinen@linux.intel.com \
--cc=jgunthorpe@obsidianresearch.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=nayna@linux.vnet.ibm.com \
--cc=peterhuewe@gmx.de \
--cc=tpmdd-devel@lists.sourceforge.net \
--cc=tpmdd@selhorst.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.