From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SIGNED_OFF_BY,SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id B05A1C433E7 for ; Tue, 13 Oct 2020 12:01:02 +0000 (UTC) Received: from merlin.infradead.org (merlin.infradead.org [205.233.59.134]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 461C42080A for ; Tue, 13 Oct 2020 12:01:02 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=lists.infradead.org header.i=@lists.infradead.org header.b="w+HaK6T0" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 461C42080A Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.intel.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=merlin.20170209; h=Sender:Content-Transfer-Encoding: Content-Type:Cc:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:In-Reply-To:MIME-Version:References:Message-ID: Subject:To:From:Date:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Owner; bh=rolQ0qg60x2ZsQcubFDololo+51DEsLUrzvu/SCOCsU=; b=w+HaK6T0k+v8FE335pJ1HFpLe SpRYvvr26K+EMhC+NKZ4hO9/MbkjVotFECpt2WQMZgkqTdCFLVOpToS72UpX/Yp3aP7CswSEK9wmm VZI3TPVVfGPt09Sok9fl3JLtybLX2USjpE/fm7e8LFizCYKcdm93sD1vM825Da981+L+Qq+wihp93 2PNRL+1qhYnnSiyqy1u6AbpN3SRATkpnsRPZNRsK63yZTaD4ly4v5fDZU+g/36rXu6/TKgD0OFMqY RV9i6binKzMpIQG1tnN7SNk9d+z58sL0jktJqdBGp7cu835zPt6gRy6dVNbnwSHBainSeyjTk8wzG ClJbKdt0Q==; Received: from localhost ([::1] helo=merlin.infradead.org) by merlin.infradead.org with esmtp (Exim 4.92.3 #3 (Red Hat Linux)) id 1kSIxn-0008Ko-MR; Tue, 13 Oct 2020 11:59:31 +0000 Received: from mga07.intel.com ([134.134.136.100]) by merlin.infradead.org with esmtps (Exim 4.92.3 #3 (Red Hat Linux)) id 1kSIxk-0008Jp-HQ for linux-arm-kernel@lists.infradead.org; Tue, 13 Oct 2020 11:59:29 +0000 IronPort-SDR: YQ9a8x5H1dQVfS1Y08X/xCwFvab7WLAjbp627yWdMukG5H1lpMovyBnLQZYw1uJfaJ538bn5u5 6y9RJW8Xd5Ag== X-IronPort-AV: E=McAfee;i="6000,8403,9772"; a="230074617" X-IronPort-AV: E=Sophos;i="5.77,370,1596524400"; d="scan'208";a="230074617" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by orsmga105.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Oct 2020 04:59:26 -0700 IronPort-SDR: +CYsTsmY3BO6jXl4YwQVqxzg7Mj0arD3Ox/RU3pLCDxWtYp6149sOP9VzZdMh63RZ3hO4rpB44 8ZJkg+6UaVKg== X-IronPort-AV: E=Sophos;i="5.77,370,1596524400"; d="scan'208";a="530368699" Received: from sobrien1-mobl1.ger.corp.intel.com (HELO localhost) ([10.249.35.215]) by orsmga005-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Oct 2020 04:59:21 -0700 Date: Tue, 13 Oct 2020 14:59:18 +0300 From: Jarkko Sakkinen To: Sumit Garg Subject: Re: [PATCH v7 1/4] KEYS: trusted: Add generic trusted keys framework Message-ID: <20201013115918.GB141833@linux.intel.com> References: <1602065268-26017-1-git-send-email-sumit.garg@linaro.org> <1602065268-26017-2-git-send-email-sumit.garg@linaro.org> <20201013014304.GC41176@linux.intel.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20201013_075928_709103_3DBE2790 X-CRM114-Status: GOOD ( 28.96 ) X-BeenThere: linux-arm-kernel@lists.infradead.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: linux-security-module@vger.kernel.org, Daniel Thompson , op-tee@lists.trustedfirmware.org, Jonathan Corbet , James Bottomley , Janne Karhunen , Linux Doc Mailing List , James Morris , Mimi Zohar , Linux Kernel Mailing List , David Howells , Luke Hinds , "open list:ASYMMETRIC KEYS" , Josh Poimboeuf , Markus Wamser , Casey Schaufler , linux-integrity@vger.kernel.org, Jens Wiklander , linux-arm-kernel , "Serge E. Hallyn" Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: "linux-arm-kernel" Errors-To: linux-arm-kernel-bounces+linux-arm-kernel=archiver.kernel.org@lists.infradead.org On Tue, Oct 13, 2020 at 04:23:36PM +0530, Sumit Garg wrote: > On Tue, 13 Oct 2020 at 07:13, Jarkko Sakkinen > wrote: > > > > On Wed, Oct 07, 2020 at 03:37:45PM +0530, Sumit Garg wrote: > > > Current trusted keys framework is tightly coupled to use TPM device as > > > an underlying implementation which makes it difficult for implementations > > > like Trusted Execution Environment (TEE) etc. to provide trusted keys > > > support in case platform doesn't posses a TPM device. > > > > > > Add a generic trusted keys framework where underlying implementations > > > can be easily plugged in. Create struct trusted_key_ops to achieve this, > > > which contains necessary functions of a backend. > > > > > > Also, add a module parameter in order to select a particular trust source > > > in case a platform support multiple trust sources. > > > > > > Suggested-by: Jarkko Sakkinen > > > Signed-off-by: Sumit Garg > > > > This is exactly kind of place where I think static_call() should be > > taken into use, which is a v5.10 feature [1]. For background and > > context, I'd read [2]. > > This looks like an interesting feature. But I am not sure about the > real benefits that it will provide in case of trusted keys. If we are > looking at it performance wise then I think the gain will be > negligible when compared with slow TPM communication interface (eg. > SPI, I2C) or when compared with context switching involved in TEE. > > Also, it requires arch specific support too which currently seems to > be limited to x86 only. Please, do not purposely add indirect calls, unless you must. Here it's not a must. static_call() is the correct kernel idiom to define what you are doing in this patch. arch's will catch up. > > The other thing that I see that does not make much else than additional > > complexity, is trusted_tpm.ko. We can do with one trusted.ko. > > > > Current implementation only builds a single trusted.ko module. There > isn't any trusted_tpm.ko. > -Sumit You're right, I'm sorry. I misread this: -static void __exit cleanup_trusted(void) +static void __exit exit_tpm_trusted(void) { if (chip) { put_device(&chip->dev); @@ -1257,7 +1029,11 @@ static void __exit cleanup_trusted(void) } } -late_initcall(init_trusted); -module_exit(cleanup_trusted); - -MODULE_LICENSE("GPL"); +struct trusted_key_ops tpm_trusted_key_ops = { + .migratable = 1, /* migratable by default */ + .init = init_tpm_trusted, + .seal = tpm_trusted_seal, + .unseal = tpm_trusted_unseal, + .get_random = tpm_trusted_get_random, + .exit = exit_tpm_trusted, +}; Please remove "__init" and "__exit" for the functions as they are used as fields as members of a struct that has neither life span. That messed up my head. Please use a single convention for the function names. It would be optimal to prefix with the subsystem name because that makes easier to use tracing tools: trusted_tpm_ would work. /Jarkko _______________________________________________ linux-arm-kernel mailing list linux-arm-kernel@lists.infradead.org http://lists.infradead.org/mailman/listinfo/linux-arm-kernel