From: "Stefan Berger" <stefanb-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
To: Jason Gunthorpe
<jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
Cc: dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org,
dwmw2-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org
Subject: Re: [RFC PATCH 3/4] Implement driver for supporting multiple emulated TPMs
Date: Thu, 21 Jan 2016 14:02:17 -0500 [thread overview]
Message-ID: <201601211912.u0LJCTxv029932@d03av04.boulder.ibm.com> (raw)
In-Reply-To: <20160121174243.GD3064-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
[-- Attachment #1.1: Type: text/plain, Size: 4099 bytes --]
Jason Gunthorpe <jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org> wrote on 01/21/2016
12:42:43 PM:
>
> On Wed, Jan 20, 2016 at 10:56:21PM -0500, Stefan Berger wrote:
> > The IMA namespace is created as part of clone(). You cannot pass
> anything via
> > clone(). So you either have to do it before or immediately after.
> If after is
> > too later for whatever reason, you have to do it before.
>
> Follow the pattern of something like the net ns.
>
> clone creates an 'empty' IMA namespace. After clone the child waits
> for the parent to complete its work.
>
> The parent creates a new vtpm /dev/tpm1 in it's namespace
>
> The parent does a kernel call to make tpm1 visiable in the child's
> IMA namespace as tpm0. (eg look at the 'ip link set .. netns ..' kind
> of scheme for inspiration)
What is IMA namespace in relation to a device's name? The method is to
read the major/minor numbers on the host and created /dev/tpm0 with the
same major/minor numbers in the container's filesystem. The name doesn't
matter I guess, but major/minor are important.
>
> Hook the tpm core's id to struct tpm_chip code into the IMA namespace
> so that /dev/tpm0 and all other places actually access tpm1 when used
> in the child's IMA namespace
>
> The parent signals the child to continue to run. The child has a
> /dev/tpm0 that is actually routed to /dev/tpm1. The child is prevented
> from accessing other tpms.
The problem I have run into in particular with Docker and golang is that
Docker invokes the golang function to run an external program. The golang
function does a clone(), a whole lot of other stuff after it, and in the
end the execve().
The code is here:
https://golang.org/src/syscall/exec_linux.go
Look at the function forkAndExecInChild on line 56++.
The problem with that is that the execve() will trigger IMA measurements.
IMA will refuse being hooked up with a vTPM driver if it couldn't put its
first measurement(s) into a vTPM. I don't think we should queue PCR
extensions until a device may eventually become available. So, the
conclusion is, to accomodate golang (for example) we can create the device
pair, sit the vTPM on top of the master, and reserve the device pair befor
the next clone() so that IMA finds it and can hook up to it.
What is wrong with this scheme? The ioctl for 'reservation' before the
clone()?
>
>
> > > Then just return the fd like I said.
> >
> > Any driver that can be used as an example ?
>
> The stuff in include/linux/anon_inodes.h is used to do this, eg
> a sequence of anon_inode_getfile, get_unused_fd_flags, fd_install
> will create a file descriptor in the calling process associated with a
> struct file_operations
>
So let me show how things work currently.
fd = open("/dev/vtpmx", ...);
ioctl(fd, 'create device pair; TPM will be a TPM 2 version device')
/* conveying that the device is a TPM 2 or 1.2 is important so that the
kernel sends the right commands to the device and possibly also for sysfs
handling */
/* at this point /dev/vtpmc0 and /dev/vtpms0 have been created */
clientfd = open("/dev/vtpmc0",...)
serverfd = open("/dev/vtpms0",...);
...
close(serverfd); /* /dev/vtpmc0 and /dev/vtpms0 disappeared */
Should it work like this?
serverfd = open("/dev/vtpmx", ...);
/* at this point /dev/vtpmc0 has been created and serverfd is used for the
server side */
ioctl(fd, 'TPM will be a TPM 2 version device') /* setting flags on the
chip->flags 'late' should be possible */
...
close(serverfd); /* /dev/vtpmc0 disappeared */
Regards,
Stefan
> > > auto-delete a master char dev on close is a very strange API, don't
do
> > > that.
> >
> > What I called cleanup can be trigger by the vTPM closing /dev/
> vtpms%d, so the
> > server-side. What is the master for you? /dev/vtpmx where we run
> the ioctls on?
>
> Sorry, master/slave is the ptx nomenclature for this scheme. Master
> would be your server side I think.
>
> Jason
>
[-- Attachment #1.2: Type: text/html, Size: 5484 bytes --]
[-- Attachment #2: Type: text/plain, Size: 413 bytes --]
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
[-- Attachment #3: Type: text/plain, Size: 192 bytes --]
_______________________________________________
tpmdd-devel mailing list
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
next prev parent reply other threads:[~2016-01-21 19:02 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-01-14 16:01 [RFC PATCH 0/4] Multi-instance vTPM driver Stefan Berger
[not found] ` <1452787318-29610-1-git-send-email-stefanb-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2016-01-14 16:01 ` [RFC PATCH 1/4] New flags for TPM chip avoiding filesystem registrations Stefan Berger
[not found] ` <1452787318-29610-2-git-send-email-stefanb-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2016-01-21 8:07 ` Jarkko Sakkinen
2016-01-14 16:01 ` [RFC PATCH 2/4] Allow to provide a name pattern of the device Stefan Berger
2016-01-14 16:01 ` [RFC PATCH 3/4] Implement driver for supporting multiple emulated TPMs Stefan Berger
[not found] ` <1452787318-29610-4-git-send-email-stefanb-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
2016-01-19 23:51 ` Jason Gunthorpe
[not found] ` <20160119235107.GA4307-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-20 14:39 ` Stefan Berger
[not found] ` <201601201439.u0KEdGB9031710-YREtIfBy6dDImUpY6SP3GEEOCMrvLtNR@public.gmane.org>
2016-01-27 2:36 ` Jarkko Sakkinen
[not found] ` <20160127023603.GA23863-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-27 12:17 ` Stefan Berger
[not found] ` <201601271217.u0RCHQIX004914@d03av02.boulder.ibm.com>
[not found] ` <201601271217.u0RCHQIX004914-nNA/7dmquNI+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 14:22 ` Jarkko Sakkinen
[not found] ` <20160127142239.GA3756-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-27 18:24 ` Jason Gunthorpe
[not found] ` <20160127182448.GA31680-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-27 21:13 ` Jarkko Sakkinen
2016-01-27 22:38 ` Stefan Berger
[not found] ` <201601271217.u0RCHQkf003637@d03av03.boulder.ibm.com>
[not found] ` <201601271217.u0RCHQkf003637-MijUUJkLaQs+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 17:35 ` Jason Gunthorpe
[not found] ` <201601201439.u0KEdFao027907@d03av05.boulder.ibm.com>
[not found] ` <201601201439.u0KEdFao027907-3MP/CPU4Muo+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-21 1:17 ` Jason Gunthorpe
[not found] ` <20160121011701.GA20361-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-21 3:01 ` Stefan Berger
[not found] ` <201601210301.u0L31hLD018933-nNA/7dmquNI+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 2:50 ` Jarkko Sakkinen
[not found] ` <20160127025057.GB23863-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-27 12:20 ` Stefan Berger
[not found] ` <201601271220.u0RCKpEG016626@d03av02.boulder.ibm.com>
[not found] ` <201601271220.u0RCKpEG016626-nNA/7dmquNI+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 14:23 ` Jarkko Sakkinen
[not found] ` <201601210301.u0L31h5r012187@d03av03.boulder.ibm.com>
[not found] ` <201601210301.u0L31h5r012187-MijUUJkLaQs+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-21 3:21 ` Jason Gunthorpe
[not found] ` <20160121032115.GA26266-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-21 3:56 ` Stefan Berger
[not found] ` <201601210356.u0L3uP1n029818@d03av05.boulder.ibm.com>
[not found] ` <201601210356.u0L3uP1n029818-3MP/CPU4Muo+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-21 17:42 ` Jason Gunthorpe
[not found] ` <20160121174243.GD3064-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-21 19:02 ` Stefan Berger [this message]
[not found] ` <201601211902.u0LJ2LbL001130@d03av01.boulder.ibm.com>
[not found] ` <201601211902.u0LJ2LbL001130-Rn83F4s8Lwc+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-21 19:30 ` Jason Gunthorpe
[not found] ` <20160121193049.GA31938-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-21 21:51 ` Stefan Berger
[not found] ` <201601212151.u0LLpC93021986@d03av03.boulder.ibm.com>
[not found] ` <201601212151.u0LLpC93021986-MijUUJkLaQs+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-21 22:10 ` Jason Gunthorpe
[not found] ` <20160121221040.GA1630-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-22 12:01 ` Jarkko Sakkinen
2016-01-22 15:09 ` Stefan Berger
[not found] ` <56A2461C.7030607-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-01-25 18:10 ` Jason Gunthorpe
[not found] ` <20160125181046.GB28108-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-26 1:05 ` Stefan Berger
2016-01-26 1:46 ` Jarkko Sakkinen
[not found] ` <20160126014652.GB10732-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-26 3:19 ` Jason Gunthorpe
[not found] ` <20160126031919.GA24217-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-26 13:56 ` Jarkko Sakkinen
[not found] ` <20160126135658.GA6813-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-26 17:58 ` Jason Gunthorpe
[not found] ` <20160126175816.GA17937-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-27 2:06 ` Jarkko Sakkinen
[not found] ` <20160127020617.GB22703-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-27 19:48 ` Jarkko Sakkinen
[not found] ` <201601260105.u0Q15IWW028777@d03av04.boulder.ibm.com>
[not found] ` <201601260105.u0Q15IWW028777-2xHzGjyANq4+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-26 3:46 ` Jason Gunthorpe
[not found] ` <20160126034632.GB24217-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-26 14:21 ` Stefan Berger
2016-02-02 19:22 ` Stefan Berger
[not found] ` <201601261421.u0QELnI3002626@d01av02.pok.ibm.com>
[not found] ` <201601261421.u0QELnI3002626-prK0F/7GlgzImUpY6SP3GEEOCMrvLtNR@public.gmane.org>
2016-01-26 18:22 ` Jason Gunthorpe
[not found] ` <20160126182248.GB17937-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-26 23:22 ` Stefan Berger
[not found] ` <201601262322.u0QNMo1r022303@d03av03.boulder.ibm.com>
[not found] ` <201601262322.u0QNMo1r022303-MijUUJkLaQs+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 18:21 ` Jason Gunthorpe
2016-01-27 3:13 ` Jarkko Sakkinen
[not found] ` <20160127031320.GC23863-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-27 12:42 ` Stefan Berger
[not found] ` <201601271242.u0RCgM0E031875@d03av05.boulder.ibm.com>
[not found] ` <201601271242.u0RCgM0E031875-3MP/CPU4Muo+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 17:58 ` Jason Gunthorpe
[not found] ` <20160127175839.GA31038-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-27 21:58 ` Stefan Berger
[not found] ` <201601272158.u0RLwvIK005533@d01av01.pok.ibm.com>
[not found] ` <201601272158.u0RLwvIK005533-4ZtxiNBBw+3ImUpY6SP3GEEOCMrvLtNR@public.gmane.org>
2016-01-27 22:25 ` Jason Gunthorpe
[not found] ` <20160127222534.GB5520-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-27 22:55 ` Stefan Berger
[not found] ` <201601272255.u0RMtuqY014120@d03av02.boulder.ibm.com>
[not found] ` <201601272255.u0RMtuqY014120-nNA/7dmquNI+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-27 23:33 ` Jason Gunthorpe
2016-01-14 16:01 ` [RFC PATCH 4/4] A test program for vTPM device creation Stefan Berger
2016-01-15 10:11 ` [RFC PATCH 0/4] Multi-instance vTPM driver Jarkko Sakkinen
[not found] ` <20160115101146.GA11987-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-15 13:02 ` Stefan Berger
[not found] ` <201601151302.u0FD2wGG003518@d03av03.boulder.ibm.com>
[not found] ` <201601151302.u0FD2wGG003518-MijUUJkLaQs+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-25 23:15 ` Jarkko Sakkinen
[not found] ` <20160125231532.GA10732-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-01-26 0:28 ` Stefan Berger
2016-01-26 0:29 ` Jarkko Sakkinen
[not found] ` <201601260029.u0Q0T7Ek004865@d03av04.boulder.ibm.com>
[not found] ` <201601260029.u0Q0T7Ek004865-2xHzGjyANq4+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-26 1:48 ` Jarkko Sakkinen
2016-01-19 17:44 ` Jason Gunthorpe
[not found] ` <20160119174400.GA7616-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-19 17:53 ` Stefan Berger
2016-01-19 22:59 ` Jarkko Sakkinen
[not found] ` <201601191753.u0JHrku2031608@d01av01.pok.ibm.com>
[not found] ` <201601191753.u0JHrku2031608-4ZtxiNBBw+3ImUpY6SP3GEEOCMrvLtNR@public.gmane.org>
2016-01-19 18:08 ` Jason Gunthorpe
[not found] ` <20160119180802.GA8038-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-19 18:18 ` Stefan Berger
2016-01-19 22:14 ` Mimi Zohar
[not found] ` <1453241668.2673.31.camel-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-01-19 22:48 ` Jason Gunthorpe
[not found] ` <20160119224851.GA31745-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-19 23:05 ` Stefan Berger
[not found] ` <201601191818.u0JIIExQ010843@d03av04.boulder.ibm.com>
[not found] ` <201601191818.u0JIIExQ010843-2xHzGjyANq4+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-19 23:04 ` Jason Gunthorpe
[not found] ` <20160119230456.GB31745-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-01-19 23:15 ` Stefan Berger
[not found] ` <201601192315.u0JNFFG6030371-Rn83F4s8Lwc+UXBhvPuGgqsjOiXwFzmk@public.gmane.org>
2016-01-20 15:40 ` Ken Goldman
[not found] ` <201601192315.u0JNFGkm029862@d01av04.pok.ibm.com>
[not found] ` <201601192315.u0JNFGkm029862-YREtIfBy6dDImUpY6SP3GEEOCMrvLtNR@public.gmane.org>
2016-01-19 23:42 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201601211912.u0LJCTxv029932@d03av04.boulder.ibm.com \
--to=stefanb-r/jw6+rmf7hqt0dzr+alfa@public.gmane.org \
--cc=dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=dwmw2-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
--cc=jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org \
--cc=tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).