From: Nayna <nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
To: Jarkko Sakkinen
<jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
Cc: tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Subject: Re: [PATCH v4 3/8] tpm: validate event log access before tpm_bios_log_setup
Date: Fri, 14 Oct 2016 00:21:11 +0530 [thread overview]
Message-ID: <57FFD79F.7080405@linux.vnet.ibm.com> (raw)
In-Reply-To: <20161001120125.GC8664-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
On 10/01/2016 05:31 PM, Jarkko Sakkinen wrote:
> On Wed, Sep 28, 2016 at 04:34:37AM -0400, Nayna Jain wrote:
>> Currently, the securityfs pseudo files for obtaining the firmware
>> event log are created whether the event log properties exist or not.
>> This patch creates ascii and bios measurements pseudo files
>> only if read_log() is successful.
>
> Re-reviewing this. The commit message should mention about preventing
> a race condition.
>
> I think Jason was right. It makes code much more manageable with a
> small price of memory consumption.
>
>> Suggested-by: Jason Gunthorpe <jgunthorpe-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
>> Signed-off-by: Nayna Jain <nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
>> ---
>> drivers/char/tpm/tpm.h | 6 +++++
>> drivers/char/tpm/tpm_acpi.c | 12 +++++++---
>> drivers/char/tpm/tpm_eventlog.c | 53 +++++++++++++++++++----------------------
>> drivers/char/tpm/tpm_eventlog.h | 7 +++++-
>> drivers/char/tpm/tpm_of.c | 4 +++-
>> 5 files changed, 48 insertions(+), 34 deletions(-)
>>
>> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
>> index b5866bb..68630cd 100644
>> --- a/drivers/char/tpm/tpm.h
>> +++ b/drivers/char/tpm/tpm.h
>> @@ -35,6 +35,8 @@
>> #include <linux/cdev.h>
>> #include <linux/highmem.h>
>>
>> +#include "tpm_eventlog.h"
>> +
>> enum tpm_const {
>> TPM_MINOR = 224, /* officially assigned */
>> TPM_BUFSIZE = 4096,
>> @@ -156,6 +158,10 @@ struct tpm_chip {
>> struct rw_semaphore ops_sem;
>> const struct tpm_class_ops *ops;
>>
>> + struct tpm_bios_log log;
>
> struct tpm_bios_log should be renamed as struct tpm_event_log in some
> commit of this patch set as tpm_bios_log is a misleading name.
My understanding is that other event log functions are also named in
consistent with tpm_bios_log naming.. for eg..
tpm_bios_log_setup(/teardown), tpm_bios_measurements_open,etc. So,
wanted to understand if idea is only to change the struct name to
tpm_event_log ?
Thanks & Regards,
- Nayna
>
>> + struct tpm_securityfs_data bin_sfs_data;
>> + struct tpm_securityfs_data ascii_sfs_data;
>
> I think this is otherwise right but the struct name is very clunky.
> First of all it doesn't own the data and IMHO now it kind of implies
> of owning.
>
> Maybe something like tpm_event_log_fd would a better name. It's a
> description of the event log file essentially.
>
>> +
>> unsigned int flags;
>>
>> int dev_num; /* /dev/tpm# */
>> diff --git a/drivers/char/tpm/tpm_acpi.c b/drivers/char/tpm/tpm_acpi.c
>> index 565a947..4d6c2d7 100644
>> --- a/drivers/char/tpm/tpm_acpi.c
>> +++ b/drivers/char/tpm/tpm_acpi.c
>> @@ -45,13 +45,15 @@ struct acpi_tcpa {
>> };
>>
>> /* read binary bios log */
>> -int read_log(struct tpm_bios_log *log)
>> +int read_log(struct tpm_chip *chip)
>> {
>> struct acpi_tcpa *buff;
>> acpi_status status;
>> void __iomem *virt;
>> u64 len, start;
>> + struct tpm_bios_log *log;
>>
>> + log = &chip->log;
>> if (log->bios_event_log != NULL) {
>> printk(KERN_ERR
>> "%s: ERROR - Eventlog already initialized\n",
>> @@ -97,13 +99,17 @@ int read_log(struct tpm_bios_log *log)
>>
>> virt = acpi_os_map_iomem(start, len);
>> if (!virt) {
>> - kfree(log->bios_event_log);
>> printk("%s: ERROR - Unable to map memory\n", __func__);
>> - return -EIO;
>> + goto err;
>> }
>>
>> memcpy_fromio(log->bios_event_log, virt, len);
>>
>> acpi_os_unmap_iomem(virt, len);
>> return 0;
>> +
>> +err:
>> + kfree(log->bios_event_log);
>> + return -EIO;
>> +
>> }
>> diff --git a/drivers/char/tpm/tpm_eventlog.c b/drivers/char/tpm/tpm_eventlog.c
>> index f1df782..a8cd4a1 100644
>> --- a/drivers/char/tpm/tpm_eventlog.c
>> +++ b/drivers/char/tpm/tpm_eventlog.c
>> @@ -261,14 +261,6 @@ static int tpm_binary_bios_measurements_show(struct seq_file *m, void *v)
>> static int tpm_bios_measurements_release(struct inode *inode,
>> struct file *file)
>> {
>> - struct seq_file *seq = file->private_data;
>> - struct tpm_bios_log *log = seq->private;
>> -
>> - if (log) {
>> - kfree(log->bios_event_log);
>> - kfree(log);
>> - }
>> -
>> return seq_release(inode, file);
>> }
>>
>> @@ -323,34 +315,19 @@ static int tpm_bios_measurements_open(struct inode *inode,
>> struct file *file)
>> {
>> int err;
>> - struct tpm_bios_log *log;
>> struct seq_file *seq;
>> - const struct seq_operations *seqops =
>> - (const struct seq_operations *)inode->i_private;
>> -
>> - log = kzalloc(sizeof(struct tpm_bios_log), GFP_KERNEL);
>> - if (!log)
>> - return -ENOMEM;
>> -
>> - err = read_log(log);
>> - if (err)
>> - goto out_free;
>> + const struct tpm_securityfs_data *sfs_data =
>> + (const struct tpm_securityfs_data *)inode->i_private;
>> + const struct seq_operations *seqops = sfs_data->seqops;
>>
>> /* now register seq file */
>> err = seq_open(file, seqops);
>> if (!err) {
>> seq = file->private_data;
>> - seq->private = log;
>> - } else {
>> - goto out_free;
>> + seq->private = sfs_data->log;
>> }
>>
>> -out:
>> return err;
>> -out_free:
>> - kfree(log->bios_event_log);
>> - kfree(log);
>> - goto out;
>> }
>>
>> static const struct file_operations tpm_bios_measurements_ops = {
>> @@ -372,6 +349,18 @@ static int is_bad(void *p)
>> int tpm_bios_log_setup(struct tpm_chip *chip)
>> {
>> const char *name = dev_name(&chip->dev);
>> + int rc = 0;
>> +
>> + rc = read_log(chip);
>> + /*
>> + * read_log failure means event log is not supported except for ENOMEM
>> + */
>> + if (rc < 0) {
>> + if (rc == -ENOMEM)
>> + return rc;
>> + else
>> + return 0;
>> + }
>>
>> chip->bios_dir_count = 0;
>> chip->bios_dir[chip->bios_dir_count] =
>> @@ -380,19 +369,24 @@ int tpm_bios_log_setup(struct tpm_chip *chip)
>> goto err;
>> chip->bios_dir_count++;
>>
>> + chip->bin_sfs_data.log = &chip->log;
>> + chip->bin_sfs_data.seqops = &tpm_binary_b_measurments_seqops;
>> +
>> chip->bios_dir[chip->bios_dir_count] =
>> securityfs_create_file("binary_bios_measurements",
>> S_IRUSR | S_IRGRP, chip->bios_dir[0],
>> - (void *)&tpm_binary_b_measurments_seqops,
>> + (void *)&chip->bin_sfs_data,
>> &tpm_bios_measurements_ops);
>> if (is_bad(chip->bios_dir[chip->bios_dir_count]))
>> goto err;
>> chip->bios_dir_count++;
>>
>> + chip->ascii_sfs_data.log = &chip->log;
>> + chip->ascii_sfs_data.seqops = &tpm_ascii_b_measurments_seqops;
>> chip->bios_dir[chip->bios_dir_count] =
>> securityfs_create_file("ascii_bios_measurements",
>> S_IRUSR | S_IRGRP, chip->bios_dir[0],
>> - (void *)&tpm_ascii_b_measurments_seqops,
>> + (void *)&chip->ascii_sfs_data,
>> &tpm_bios_measurements_ops);
>> if (is_bad(chip->bios_dir[chip->bios_dir_count]))
>> goto err;
>> @@ -413,4 +407,5 @@ void tpm_bios_log_teardown(struct tpm_chip *chip)
>> securityfs_remove(chip->bios_dir[i-1]);
>> chip->bios_dir_count = i;
>>
>> + kfree(chip->log.bios_event_log);
>> }
>> diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h
>> index fd3357e..7ea066c 100644
>> --- a/drivers/char/tpm/tpm_eventlog.h
>> +++ b/drivers/char/tpm/tpm_eventlog.h
>> @@ -22,6 +22,11 @@ struct tpm_bios_log {
>> void *bios_event_log_end;
>> };
>>
>> +struct tpm_securityfs_data {
>> + struct tpm_bios_log *log;
>> + const struct seq_operations *seqops;
>> +};
>> +
>> struct tcpa_event {
>> u32 pcr_index;
>> u32 event_type;
>> @@ -73,7 +78,7 @@ enum tcpa_pc_event_ids {
>> HOST_TABLE_OF_DEVICES,
>> };
>>
>> -int read_log(struct tpm_bios_log *log);
>> +int read_log(struct tpm_chip *chip);
>>
>> #if defined(CONFIG_TCG_IBMVTPM) || defined(CONFIG_TCG_IBMVTPM_MODULE) || \
>> defined(CONFIG_ACPI)
>> diff --git a/drivers/char/tpm/tpm_of.c b/drivers/char/tpm/tpm_of.c
>> index 570f30c..68d891a 100644
>> --- a/drivers/char/tpm/tpm_of.c
>> +++ b/drivers/char/tpm/tpm_of.c
>> @@ -20,12 +20,14 @@
>> #include "tpm.h"
>> #include "tpm_eventlog.h"
>>
>> -int read_log(struct tpm_bios_log *log)
>> +int read_log(struct tpm_chip *chip)
>> {
>> struct device_node *np;
>> const u32 *sizep;
>> const u64 *basep;
>> + struct tpm_bios_log *log;
>>
>> + log = &chip->log;
>> if (log->bios_event_log != NULL) {
>> pr_err("%s: ERROR - Eventlog already initialized\n", __func__);
>> return -EFAULT;
>> --
>> 2.5.0
>>
>
> /Jarkko
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
next prev parent reply other threads:[~2016-10-13 18:51 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-28 8:34 [PATCH v4 0/8] tpm: add the securityfs pseudo files support for TPM 2.0 firmware event log Nayna Jain
[not found] ` <1475051682-23060-1-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-09-28 8:34 ` [PATCH v4 1/8] tpm: define a generic open() method for ascii & bios measurements Nayna Jain
2016-09-28 8:34 ` [PATCH v4 2/8] tpm: replace dynamically allocated bios_dir with dentry array Nayna Jain
[not found] ` <1475051682-23060-3-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-09-30 18:27 ` Jarkko Sakkinen
[not found] ` <20160930182703.GA9595-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-09-30 18:30 ` Jason Gunthorpe
[not found] ` <20160930183026.GC1867-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-09-30 19:48 ` Jarkko Sakkinen
[not found] ` <20160930194825.GB12710-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-09-30 20:31 ` Jason Gunthorpe
[not found] ` <20160930203147.GB5722-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-01 12:06 ` Jarkko Sakkinen
2016-10-01 12:27 ` Jarkko Sakkinen
2016-09-28 8:34 ` [PATCH v4 3/8] tpm: validate event log access before tpm_bios_log_setup Nayna Jain
[not found] ` <1475051682-23060-4-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-09-30 18:57 ` Jarkko Sakkinen
[not found] ` <20160930185742.GB9595-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-09-30 19:11 ` Jason Gunthorpe
[not found] ` <20160930191112.GA5722-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-09-30 19:45 ` Jarkko Sakkinen
[not found] ` <20160930194538.GA12710-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-01 2:42 ` Jason Gunthorpe
[not found] ` <20161001024213.GA13028-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-01 11:35 ` Jarkko Sakkinen
2016-10-01 12:01 ` Jarkko Sakkinen
[not found] ` <20161001120125.GC8664-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-01 14:28 ` Jarkko Sakkinen
2016-10-01 16:54 ` Jason Gunthorpe
[not found] ` <20161001165436.GB13462-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-01 19:32 ` Jarkko Sakkinen
[not found] ` <20161001193239.GA3862-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-01 23:19 ` Jarkko Sakkinen
2016-10-02 21:25 ` Jason Gunthorpe
[not found] ` <20161002212551.GB25872-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-03 12:20 ` Jarkko Sakkinen
[not found] ` <20161003122013.GA9990-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-03 12:35 ` Jarkko Sakkinen
[not found] ` <20161003123523.GC9990-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-03 16:35 ` Jason Gunthorpe
[not found] ` <20161003163516.GB6801-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-03 20:22 ` Jarkko Sakkinen
[not found] ` <20161003202230.GA14624-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-03 21:11 ` Jason Gunthorpe
[not found] ` <20161003211129.GA26880-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-04 5:26 ` Jarkko Sakkinen
[not found] ` <20161004052651.GB10572-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-04 17:12 ` Jason Gunthorpe
[not found] ` <20161004171231.GB17149-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-05 8:10 ` Jarkko Sakkinen
2016-10-06 20:11 ` Nayna
[not found] ` <57F6AFF1.4000103-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-06 20:17 ` Jason Gunthorpe
2016-10-06 19:58 ` Nayna
[not found] ` <57F6ACF7.6000408-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-06 20:12 ` Jason Gunthorpe
2016-10-06 19:56 ` Nayna
[not found] ` <57F6AC7D.9070507-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-06 20:10 ` Jason Gunthorpe
[not found] ` <20161006201047.GA12085-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-06 20:53 ` Nayna
2016-10-13 18:51 ` Nayna [this message]
[not found] ` <57FFD79F.7080405-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-19 2:10 ` Nayna
2016-10-03 17:14 ` Jason Gunthorpe
[not found] ` <20161003171419.GE6801-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-09 4:17 ` Nayna
[not found] ` <57F9C4C4.2070508-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-09 23:25 ` Jason Gunthorpe
[not found] ` <20161009232544.GC24139-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-10 1:53 ` Nayna
[not found] ` <57FAF49D.7040009-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-10 3:21 ` Jason Gunthorpe
[not found] ` <20161010032113.GA26363-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-10 4:13 ` Nayna
[not found] ` <57FB1551.9000806-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-11 16:51 ` Jason Gunthorpe
[not found] ` <20161011165143.GA6881-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-11 19:11 ` Nayna
[not found] ` <57FD3949.9050302-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-11 20:15 ` Jason Gunthorpe
[not found] ` <20161011201558.GB21656-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-12 5:16 ` Nayna
2016-10-13 18:53 ` Nayna
2016-09-28 8:34 ` [PATCH v4 4/8] tpm: redefine read_log() to handle ACPI/OF at runtime Nayna Jain
[not found] ` <1475051682-23060-5-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-09-30 19:05 ` Jarkko Sakkinen
[not found] ` <20160930190511.GC9595-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-06 20:38 ` Nayna
[not found] ` <57F6B647.1070206-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-09 11:29 ` Nayna
[not found] ` <57FA2A0B.7060404-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-09 12:05 ` Jarkko Sakkinen
[not found] ` <20161009120553.GA6224-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-10 3:24 ` Jason Gunthorpe
2016-09-28 8:34 ` [PATCH v4 5/8] tpm: replace of_find_node_by_name() with dev of_node property Nayna Jain
[not found] ` <1475051682-23060-6-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-09-30 19:12 ` Jarkko Sakkinen
2016-09-28 8:34 ` [PATCH v4 6/8] tpm: remove printk error messages Nayna Jain
[not found] ` <1475051682-23060-7-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-09 1:55 ` Nayna
[not found] ` <57F9A392.7050302-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-09 23:22 ` Jason Gunthorpe
[not found] ` <20161009232208.GB24139-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2016-10-12 12:55 ` Nayna
2016-09-28 8:34 ` [PATCH v4 7/8] tpm: move event log init functions to tpm_eventlog_init.c Nayna Jain
2016-09-28 8:34 ` [PATCH v4 8/8] tpm: add securityfs support for TPM 2.0 firmware event log Nayna Jain
[not found] ` <1475051682-23060-9-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-09-30 19:24 ` Jarkko Sakkinen
2016-10-01 11:51 ` Jarkko Sakkinen
[not found] ` <20161001115154.GB8664-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-09 2:02 ` Nayna
[not found] ` <57F9A52C.7050405-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2016-10-09 9:14 ` Jarkko Sakkinen
[not found] ` <20161009091409.GD31891-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2016-10-10 18:54 ` Nayna
2016-09-28 9:43 ` [PATCH v4 0/8] tpm: add the securityfs pseudo files " Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=57FFD79F.7080405@linux.vnet.ibm.com \
--to=nayna-23vcf4htsmix0ybbhkvfkdbpr1lh4cv8@public.gmane.org \
--cc=jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org \
--cc=tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).