From: Jeff Garzik <jeff@garzik.org>
To: unlisted-recipients:; (no To-header on input)
Cc: linux-kernel@vger.kernel.org,
Mimi Zohar <zohar@linux.vnet.ibm.com>,
Andrew Morton <akpm@linux-foundation.org>,
James Morris <jmorris@namei.org>,
Christoph Hellwig <hch@infradead.org>,
Al Viro <viro@ZenIV.linux.org.uk>,
David Safford <safford@watson.ibm.com>,
Serge Hallyn <serue@linux.vnet.ibm.com>,
Rajiv Andrade <srajiv@br.ibm.com>
Subject: Re: [PATCH 1/6] integrity: TPM internel kernel interface
Date: Tue, 02 Dec 2008 17:59:05 -0500 [thread overview]
Message-ID: <4935BDB9.90806@garzik.org> (raw)
In-Reply-To: <1e02b363572908a21f67ff8abbf2b10190a4f6a6.1228253618.git.zohar@linux.vnet.ibm.com>
Mimi Zohar wrote:
> This patch adds internal kernel support for:
> - reading/extending a pcr value
> - looking up the tpm_chip for a given chip number and type
>
> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
> Signed-off-by: Rajiv Andrade <srajiv@br.ibm.com>
> ---
> diff --git a/drivers/char/tpm/tpm.c b/drivers/char/tpm/tpm.c
> index 9c47dc4..17d2849 100644
> --- a/drivers/char/tpm/tpm.c
> +++ b/drivers/char/tpm/tpm.c
> @@ -1,11 +1,12 @@
> /*
> - * Copyright (C) 2004 IBM Corporation
> + * Copyright (C) 2004,2007,2008 IBM Corporation
> *
> * Authors:
> * Leendert van Doorn <leendert@watson.ibm.com>
> * Dave Safford <safford@watson.ibm.com>
> * Reiner Sailer <sailer@watson.ibm.com>
> * Kylene Hall <kjhall@us.ibm.com>
> + * Debora Velarde <dvelarde@us.ibm.com>
> *
> * Maintained by: <tpmdd-devel@lists.sourceforge.net>
> *
> @@ -28,6 +29,14 @@
> #include <linux/spinlock.h>
> #include <linux/smp_lock.h>
>
> +#include <linux/mm.h>
> +#include <linux/slab.h>
> +#include <linux/string.h>
> +#include <linux/crypto.h>
> +#include <linux/fs.h>
> +#include <linux/scatterlist.h>
> +#include <linux/rcupdate.h>
> +#include <asm/unaligned.h>
> #include "tpm.h"
>
> enum tpm_const {
> @@ -50,6 +59,8 @@ enum tpm_duration {
> static LIST_HEAD(tpm_chip_list);
> static DEFINE_SPINLOCK(driver_lock);
> static DECLARE_BITMAP(dev_mask, TPM_NUM_DEVICES);
> +#define TPM_CHIP_NUM_MASK 0x0000ffff
> +#define TPM_CHIP_TYPE_SHIFT 16
>
> /*
> * Array with one entry per ordinal defining the maximum amount
> @@ -366,8 +377,7 @@ EXPORT_SYMBOL_GPL(tpm_calc_ordinal_duration);
> /*
> * Internal kernel interface to transmit TPM commands
> */
> -static ssize_t tpm_transmit(struct tpm_chip *chip, const char *buf,
> - size_t bufsiz)
> +ssize_t tpm_transmit(struct tpm_chip *chip, char *buf, size_t bufsiz)
> {
> ssize_t rc;
> u32 count, ordinal;
> @@ -425,6 +435,7 @@ out:
> mutex_unlock(&chip->tpm_mutex);
> return rc;
> }
> +EXPORT_SYMBOL_GPL(tpm_transmit);
>
> #define TPM_DIGEST_SIZE 20
> #define TPM_ERROR_SIZE 10
> @@ -717,6 +728,7 @@ ssize_t tpm_show_temp_deactivated(struct device * dev,
> }
> EXPORT_SYMBOL_GPL(tpm_show_temp_deactivated);
>
> +#define READ_PCR_RESULT_SIZE 30
[...]
> +#ifndef __LINUX_TPM_H__
> +#define __LINUX_TPM_H__
> +
> +#define PCI_DEVICE_ID_AMD_8111_LPC 0x7468
> +
> +/*
> + * Chip type is one of these values in the upper two bytes of chip_id
> + */
> +enum tpm_chip_type {
> + TPM_HW_TYPE = 0x0,
> + TPM_SW_TYPE = 0x1,
> + TPM_ANY_TYPE = 0xFFFF,
> +};
> +
> +/*
> + * Chip num is this value or a valid tpm idx in lower two bytes of chip_id
> + */
> +enum tpm_chip_num {
> + TPM_ANY_NUM = 0xFFFF,
> +};
> +
> +
> +#if defined(CONFIG_TCG_TPM) || defined(CONFIG_TCG_TPM_MODULE)
> +
> +extern int tpm_pcr_read(u32 chip_id, int pcr_idx, u8 *res_buf);
> +extern int tpm_pcr_extend(u32 chip_id, int pcr_idx, const u8 *hash);
> +#endif
> +#endif
Minor nits:
* this is a bit schizophrenic with regards to defining named constants;
sometimes enum is used, other times #define is used. It would be better
to just use enum, which is what the current code does (see top of
pre-patched tpm.c)
* you really shouldn't hide PCI_DEVICE_ID_xxx constants in places other
than pci_ids.h.
* furthermore, is that constant even used? used in a later patch? if
the constant is only used once, e.g. in a pci_device_list list, then
consider eliminating the constant altogether and directly using the PCI
device id hexidecimal number in the target location.
Jeff
next prev parent reply other threads:[~2008-12-02 22:59 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-12-02 21:47 [PATCH 0/6] integrity Mimi Zohar
2008-12-02 21:47 ` [PATCH 1/6] integrity: TPM internel kernel interface Mimi Zohar
2008-12-02 22:19 ` Dave Hansen
2008-12-04 20:21 ` Rajiv Andrade
2008-12-04 22:31 ` Rajiv Andrade
2008-12-02 22:59 ` Jeff Garzik [this message]
2008-12-03 17:22 ` Serge E. Hallyn
2008-12-02 21:47 ` [PATCH 2/6] integrity: Linux Integrity Module(LIM) Mimi Zohar
2008-12-02 22:43 ` Dave Hansen
2008-12-03 18:15 ` Mimi Zohar
2008-12-03 18:25 ` Dave Hansen
2008-12-03 12:30 ` Christoph Hellwig
2008-12-03 18:18 ` Mimi Zohar
2008-12-03 18:23 ` Christoph Hellwig
2008-12-03 22:17 ` Mimi Zohar
2008-12-04 13:09 ` Christoph Hellwig
2008-12-04 19:24 ` Serge E. Hallyn
2008-12-04 20:53 ` david safford
2008-12-05 1:42 ` James Morris
2008-12-05 12:56 ` david safford
2008-12-05 15:23 ` Serge E. Hallyn
2008-12-05 17:14 ` david safford
2008-12-02 21:47 ` [PATCH 3/6] integrity: IMA as an integrity service provider Mimi Zohar
2008-12-02 23:35 ` Dave Hansen
2008-12-03 13:03 ` Christoph Hellwig
2008-12-03 16:55 ` Dave Hansen
2008-12-03 17:08 ` Christoph Hellwig
2008-12-03 18:24 ` Mimi Zohar
2008-12-03 18:50 ` Dave Hansen
2008-12-04 18:26 ` Mimi Zohar
2008-12-03 18:17 ` Mimi Zohar
2008-12-03 18:31 ` Dave Hansen
2008-12-05 22:33 ` Al Viro
2008-12-03 19:01 ` Len Brown
2008-12-04 15:57 ` Mimi Zohar
2008-12-03 21:10 ` Dave Hansen
2008-12-02 21:47 ` [PATCH 4/6] integrity: IMA display Mimi Zohar
2008-12-02 21:47 ` [PATCH 5/6] integrity: IMA policy Mimi Zohar
2008-12-02 21:48 ` [PATCH 6/6] integrity: replace task uid with cred uid Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4935BDB9.90806@garzik.org \
--to=jeff@garzik.org \
--cc=akpm@linux-foundation.org \
--cc=hch@infradead.org \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=safford@watson.ibm.com \
--cc=serue@linux.vnet.ibm.com \
--cc=srajiv@br.ibm.com \
--cc=viro@ZenIV.linux.org.uk \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox