From mboxrd@z Thu Jan 1 00:00:00 1970 From: jsnitsel@redhat.com (Jerry Snitselaar) Date: Fri, 24 Mar 2017 11:25:57 -0700 Subject: [PATCH v4] tpm_crb: request and relinquish locality 0 In-Reply-To: <20170324101032.13496-1-jarkko.sakkinen@iki.fi> References: <20170324101032.13496-1-jarkko.sakkinen@iki.fi> Message-ID: <87lgru7cqy.fsf@redhat.com> To: linux-security-module@vger.kernel.org List-Id: linux-security-module.vger.kernel.org Jarkko Sakkinen @ 2017-03-24 10:10 GMT: > This commit adds support for requesting and relinquishing locality 0 in > tpm_crb for the course of command transmission. > > In order to achieve this, two new callbacks are added to struct > tpm_class_ops: > > - request_locality > - relinquish_locality > > With CRB interface you first set either requestAccess or relinquish bit > from TPM_LOC_CTRL_x register and then wait for locAssigned and > tpmRegValidSts bits to be set in the TPM_LOC_STATE_x register. > > The reason why were are doing this is to make sure that the driver > will work properly with Intel TXT that uses locality 2. There's no > explicit guarantee that it would relinquish this locality. In more > general sense this commit enables tpm_crb to be a well behaving > citizen in a multi locality environment. > > Signed-off-by: Jarkko Sakkinen Reviewed-by: Jerry Snitselaar Tested-by: Jerry Snitselaar Tested on kabylake system that was hitting issues with earlier iteration. Still don't have platform to test it dealing with multi-locality enviroment. -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jerry Snitselaar Subject: Re: [PATCH v4] tpm_crb: request and relinquish locality 0 Date: Fri, 24 Mar 2017 11:25:57 -0700 Message-ID: <87lgru7cqy.fsf@redhat.com> References: <20170324101032.13496-1-jarkko.sakkinen@iki.fi> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-reply-to: <20170324101032.13496-1-jarkko.sakkinen-X3B1VOXEql0@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tpmdd-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org To: Jarkko Sakkinen Cc: open list , linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org, gang.wei-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org List-Id: tpmdd-devel@lists.sourceforge.net Jarkko Sakkinen @ 2017-03-24 10:10 GMT: > This commit adds support for requesting and relinquishing locality 0 in > tpm_crb for the course of command transmission. > > In order to achieve this, two new callbacks are added to struct > tpm_class_ops: > > - request_locality > - relinquish_locality > > With CRB interface you first set either requestAccess or relinquish bit > from TPM_LOC_CTRL_x register and then wait for locAssigned and > tpmRegValidSts bits to be set in the TPM_LOC_STATE_x register. > > The reason why were are doing this is to make sure that the driver > will work properly with Intel TXT that uses locality 2. There's no > explicit guarantee that it would relinquish this locality. In more > general sense this commit enables tpm_crb to be a well behaving > citizen in a multi locality environment. > > Signed-off-by: Jarkko Sakkinen Reviewed-by: Jerry Snitselaar Tested-by: Jerry Snitselaar Tested on kabylake system that was hitting issues with earlier iteration. Still don't have platform to test it dealing with multi-locality enviroment. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932900AbdCXS00 (ORCPT ); Fri, 24 Mar 2017 14:26:26 -0400 Received: from mx1.redhat.com ([209.132.183.28]:47054 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755617AbdCXS0E (ORCPT ); Fri, 24 Mar 2017 14:26:04 -0400 DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 101F4C05AA40 Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; dmarc=none (p=none dis=none) header.from=redhat.com Authentication-Results: ext-mx08.extmail.prod.ext.phx2.redhat.com; spf=pass smtp.mailfrom=jsnitsel@redhat.com DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 101F4C05AA40 References: <20170324101032.13496-1-jarkko.sakkinen@iki.fi> User-agent: mu4e 0.9.19; emacs 25.1.1 From: Jerry Snitselaar To: Jarkko Sakkinen Cc: tpmdd-devel@lists.sourceforge.net, linux-security-module@vger.kernel.org, gang.wei@intel.com, Jarkko Sakkinen , Peter Huewe , Marcel Selhorst , Jason Gunthorpe , open list Subject: Re: [PATCH v4] tpm_crb: request and relinquish locality 0 In-reply-to: <20170324101032.13496-1-jarkko.sakkinen@iki.fi> Date: Fri, 24 Mar 2017 11:25:57 -0700 Message-ID: <87lgru7cqy.fsf@redhat.com> MIME-Version: 1.0 Content-Type: text/plain X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.32]); Fri, 24 Mar 2017 18:25:59 +0000 (UTC) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Jarkko Sakkinen @ 2017-03-24 10:10 GMT: > This commit adds support for requesting and relinquishing locality 0 in > tpm_crb for the course of command transmission. > > In order to achieve this, two new callbacks are added to struct > tpm_class_ops: > > - request_locality > - relinquish_locality > > With CRB interface you first set either requestAccess or relinquish bit > from TPM_LOC_CTRL_x register and then wait for locAssigned and > tpmRegValidSts bits to be set in the TPM_LOC_STATE_x register. > > The reason why were are doing this is to make sure that the driver > will work properly with Intel TXT that uses locality 2. There's no > explicit guarantee that it would relinquish this locality. In more > general sense this commit enables tpm_crb to be a well behaving > citizen in a multi locality environment. > > Signed-off-by: Jarkko Sakkinen Reviewed-by: Jerry Snitselaar Tested-by: Jerry Snitselaar Tested on kabylake system that was hitting issues with earlier iteration. Still don't have platform to test it dealing with multi-locality enviroment.