From: Jeff Garzik <jeff@garzik.org>
To: unlisted-recipients:; (no To-header on input)
Cc: linux-kernel@vger.kernel.org,
Mimi Zohar <zohar@linux.vnet.ibm.com>,
Andrew Morton <akpm@linux-foundation.org>,
James Morris <jmorris@namei.org>,
Christoph Hellwig <hch@infradead.org>,
Al Viro <viro@ZenIV.linux.org.uk>,
David Safford <safford@watson.ibm.com>,
Serge Hallyn <serue@linux.vnet.ibm.com>,
Rajiv Andrade <srajiv@br.ibm.com>
Subject: Re: [PATCH 1/6] integrity: TPM internel kernel interface
Date: Tue, 02 Dec 2008 17:59:05 -0500 [thread overview]
Message-ID: <4935BDB9.90806@garzik.org> (raw)
In-Reply-To: <1e02b363572908a21f67ff8abbf2b10190a4f6a6.1228253618.git.zohar@linux.vnet.ibm.com>
Mimi Zohar wrote:
> This patch adds internal kernel support for:
> - reading/extending a pcr value
> - looking up the tpm_chip for a given chip number and type
>
> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
> Signed-off-by: Rajiv Andrade <srajiv@br.ibm.com>
> ---
> diff --git a/drivers/char/tpm/tpm.c b/drivers/char/tpm/tpm.c
> index 9c47dc4..17d2849 100644
> --- a/drivers/char/tpm/tpm.c
> +++ b/drivers/char/tpm/tpm.c
> @@ -1,11 +1,12 @@
> /*
> - * Copyright (C) 2004 IBM Corporation
> + * Copyright (C) 2004,2007,2008 IBM Corporation
> *
> * Authors:
> * Leendert van Doorn <leendert@watson.ibm.com>
> * Dave Safford <safford@watson.ibm.com>
> * Reiner Sailer <sailer@watson.ibm.com>
> * Kylene Hall <kjhall@us.ibm.com>
> + * Debora Velarde <dvelarde@us.ibm.com>
> *
> * Maintained by: <tpmdd-devel@lists.sourceforge.net>
> *
> @@ -28,6 +29,14 @@
> #include <linux/spinlock.h>
> #include <linux/smp_lock.h>
>
> +#include <linux/mm.h>
> +#include <linux/slab.h>
> +#include <linux/string.h>
> +#include <linux/crypto.h>
> +#include <linux/fs.h>
> +#include <linux/scatterlist.h>
> +#include <linux/rcupdate.h>
> +#include <asm/unaligned.h>
> #include "tpm.h"
>
> enum tpm_const {
> @@ -50,6 +59,8 @@ enum tpm_duration {
> static LIST_HEAD(tpm_chip_list);
> static DEFINE_SPINLOCK(driver_lock);
> static DECLARE_BITMAP(dev_mask, TPM_NUM_DEVICES);
> +#define TPM_CHIP_NUM_MASK 0x0000ffff
> +#define TPM_CHIP_TYPE_SHIFT 16
>
> /*
> * Array with one entry per ordinal defining the maximum amount
> @@ -366,8 +377,7 @@ EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
> /*
> * Internal kernel interface to transmit TPM commands
> */
> -static ssize_t tpm_transmit(struct tpm_chip *chip, const char *buf,
> - size_t bufsiz)
> +ssize_t tpm_transmit(struct tpm_chip *chip, char *buf, size_t bufsiz)
> {
> ssize_t rc;
> u32 count, ordinal;
> @@ -425,6 +435,7 @@ out:
> mutex_unlock(&chip->tpm_mutex);
> return rc;
> }
> +EXPORT_SYMBOL_GPL(tpm_transmit);
>
> #define TPM_DIGEST_SIZE 20
> #define TPM_ERROR_SIZE 10
> @@ -717,6 +728,7 @@ ssize_t tpm_show_temp_deactivated(struct device * dev,
> }
> EXPORT_SYMBOL_GPL(tpm_show_temp_deactivated);
>
> +#define READ_PCR_RESULT_SIZE 30
[...]
> +#ifndef __LINUX_TPM_H__
> +#define __LINUX_TPM_H__
> +
> +#define PCI_DEVICE_ID_AMD_8111_LPC 0x7468
> +
> +/*
> + * Chip type is one of these values in the upper two bytes of chip_id
> + */
> +enum tpm_chip_type {
> + TPM_HW_TYPE = 0x0,
> + TPM_SW_TYPE = 0x1,
> + TPM_ANY_TYPE = 0xFFFF,
> +};
> +
> +/*
> + * Chip num is this value or a valid tpm idx in lower two bytes of chip_id
> + */
> +enum tpm_chip_num {
> + TPM_ANY_NUM = 0xFFFF,
> +};
> +
> +
> +#if defined(CONFIG_TCG_TPM) || defined(CONFIG_TCG_TPM_MODULE)
> +
> +extern int tpm_pcr_read(u32 chip_id, int pcr_idx, u8 *res_buf);
> +extern int tpm_pcr_extend(u32 chip_id, int pcr_idx, const u8 *hash);
> +#endif
> +#endif
Minor nits:
* this is a bit schizophrenic with regards to defining named constants;
sometimes enum is used, other times #define is used. It would be better
to just use enum, which is what the current code does (see top of
pre-patched tpm.c)
* you really shouldn't hide PCI_DEVICE_ID_xxx constants in places other
than pci_ids.h.
* furthermore, is that constant even used? used in a later patch? if
the constant is only used once, e.g. in a pci_device_list list, then
consider eliminating the constant altogether and directly using the PCI
device id hexidecimal number in the target location.
Jeff
next prev parent reply other threads:[~2008-12-02 22:59 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-02 21:47 [PATCH 0/6] integrity Mimi Zohar
2008-12-02 21:47 ` [PATCH 1/6] integrity: TPM internel kernel interface Mimi Zohar
2008-12-02 22:19 ` Dave Hansen
2008-12-04 20:21 ` Rajiv Andrade
2008-12-04 22:31 ` Rajiv Andrade
2008-12-02 22:59 ` Jeff Garzik [this message]
2008-12-03 17:22 ` Serge E. Hallyn
2008-12-02 21:47 ` [PATCH 2/6] integrity: Linux Integrity Module(LIM) Mimi Zohar
2008-12-02 22:43 ` Dave Hansen
2008-12-03 18:15 ` Mimi Zohar
2008-12-03 18:25 ` Dave Hansen
2008-12-03 12:30 ` Christoph Hellwig
2008-12-03 18:18 ` Mimi Zohar
2008-12-03 18:23 ` Christoph Hellwig
2008-12-03 22:17 ` Mimi Zohar
2008-12-04 13:09 ` Christoph Hellwig
2008-12-04 19:24 ` Serge E. Hallyn
2008-12-04 20:53 ` david safford
2008-12-05 1:42 ` James Morris
2008-12-05 12:56 ` david safford
2008-12-05 15:23 ` Serge E. Hallyn
2008-12-05 17:14 ` david safford
2008-12-02 21:47 ` [PATCH 3/6] integrity: IMA as an integrity service provider Mimi Zohar
2008-12-02 23:35 ` Dave Hansen
2008-12-03 13:03 ` Christoph Hellwig
2008-12-03 16:55 ` Dave Hansen
2008-12-03 17:08 ` Christoph Hellwig
2008-12-03 18:24 ` Mimi Zohar
2008-12-03 18:50 ` Dave Hansen
2008-12-04 18:26 ` Mimi Zohar
2008-12-03 18:17 ` Mimi Zohar
2008-12-03 18:31 ` Dave Hansen
2008-12-05 22:33 ` Al Viro
2008-12-03 19:01 ` Len Brown
2008-12-04 15:57 ` Mimi Zohar
2008-12-03 21:10 ` Dave Hansen
2008-12-02 21:47 ` [PATCH 4/6] integrity: IMA display Mimi Zohar
2008-12-02 21:47 ` [PATCH 5/6] integrity: IMA policy Mimi Zohar
2008-12-02 21:48 ` [PATCH 6/6] integrity: replace task uid with cred uid Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4935BDB9.90806@garzik.org \
--to=jeff@garzik.org \
--cc=akpm@linux-foundation.org \
--cc=hch@infradead.org \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=safford@watson.ibm.com \
--cc=serue@linux.vnet.ibm.com \
--cc=srajiv@br.ibm.com \
--cc=viro@ZenIV.linux.org.uk \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.