From: jgunthorpe@obsidianresearch.com (Jason Gunthorpe)
To: linux-security-module@vger.kernel.org
Subject: [PATCH v2] tpm_crb: request and relinquish locality 0
Date: Mon, 13 Mar 2017 10:34:52 -0600 [thread overview]
Message-ID: <20170313163452.GD22997@obsidianresearch.com> (raw)
In-Reply-To: <20170311130216.21419-1-jarkko.sakkinen@linux.intel.com>
On Sat, Mar 11, 2017 at 03:02:14PM +0200, Jarkko Sakkinen wrote:
> Added two new callbacks to struct tpm_class_ops:
>
> - request_locality
> - relinquish_locality
>
> These are called before sending and receiving data from the TPM. We
> update also tpm_tis_core to use these callbacks. Small modification to
> request_locality() is done so that it returns -EBUSY instead of locality
> number when check_locality() fails.
Make sense
I think you may as well do the other two drivers, even though you
can't run them the transformation looks safe enough to me.
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> drivers/char/tpm/tpm-interface.c | 9 +++++++++
> drivers/char/tpm/tpm_crb.c | 41 +++++++++++++++++++++++++++++++++++++++-
> drivers/char/tpm/tpm_tis_core.c | 12 ++++--------
> include/linux/tpm.h | 3 ++-
> 4 files changed, 55 insertions(+), 10 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index e38c792..9c56581 100644
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -407,6 +407,12 @@ ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space,
> if (chip->dev.parent)
> pm_runtime_get_sync(chip->dev.parent);
>
> + if (chip->ops->request_locality) {
> + rc = chip->ops->request_locality(chip, 0);
> + if (rc)
> + goto out;
If request_locality fails we probably shouldn't call
relinquish_locality on the unwind path..
I think you should also put a relinquish_locality inside tpm_remove ?
> + int (*request_locality)(struct tpm_chip *chip, int loc);
> + void (*relinquish_locality)(struct tpm_chip *chip, int loc,
> bool force);
Let us document what force is supposed to do...
I'm not sure why we have it?
Jason
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2017-03-13 16:34 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-11 13:02 [PATCH v2] tpm_crb: request and relinquish locality 0 Jarkko Sakkinen
2017-03-12 19:47 ` Jerry Snitselaar
2017-03-13 11:58 ` Jarkko Sakkinen
2017-03-13 16:34 ` Jason Gunthorpe [this message]
2017-03-13 20:12 ` Jarkko Sakkinen
2017-03-13 20:43 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170313163452.GD22997@obsidianresearch.com \
--to=jgunthorpe@obsidianresearch.com \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).