From: Nayna <nayna@linux.vnet.ibm.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
tpmdd-devel@lists.sourceforge.net
Cc: dhowells@redhat.com, open list <linux-kernel@vger.kernel.org>,
James.Bottomley@HansenPartnership.com,
linux-security-module@vger.kernel.org
Subject: Re: [tpmdd-devel] [PATCH v2 6/7] tpm: expose spaces via a device link /dev/tpms<n>
Date: Fri, 24 Feb 2017 12:29:13 +0530 [thread overview]
Message-ID: <58AFD9C1.1050507@linux.vnet.ibm.com> (raw)
In-Reply-To: <20170216192529.25467-7-jarkko.sakkinen@linux.intel.com>
On 02/17/2017 12:55 AM, Jarkko Sakkinen wrote:
> From: James Bottomley <James.Bottomley@HansenPartnership.com>
>
> Currently the tpm spaces are not exposed to userspace. Make this
> exposure via a separate device, which can now be opened multiple times
> because each read/write transaction goes separately via the space.
>
> Concurrency is protected by the chip->tpm_mutex for each read/write
> transaction separately. The TPM is cleared of all transient objects
> by the time the mutex is dropped, so there should be no interference
> between the kernel and userspace.
To understand, I have two questions:
1. How would a userspace application using TPM know whether to use
/dev/tpm0 or /dev/tpms0 ?
2. How would a userspace RM know to build on top of /dev/tpm0 or
/dev/tpms0. And if it is built on top of /dev/tpms0, can there be issues
with one RM on top of other RM.
Thanks & Regards,
- Nayna
>
> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
> ---
> drivers/char/tpm/Makefile | 3 +-
> drivers/char/tpm/tpm-chip.c | 73 ++++++++++++++++++++++++++++++++++++++--
> drivers/char/tpm/tpm-interface.c | 13 +++++--
> drivers/char/tpm/tpm.h | 4 +++
> drivers/char/tpm/tpms-dev.c | 65 +++++++++++++++++++++++++++++++++++
> 5 files changed, 152 insertions(+), 6 deletions(-)
> create mode 100644 drivers/char/tpm/tpms-dev.c
>
> diff --git a/drivers/char/tpm/Makefile b/drivers/char/tpm/Makefile
> index 10e5827..bbe6531 100644
> --- a/drivers/char/tpm/Makefile
> +++ b/drivers/char/tpm/Makefile
> @@ -3,7 +3,8 @@
> #
> obj-$(CONFIG_TCG_TPM) += tpm.o
> tpm-y := tpm-interface.o tpm-dev.o tpm-sysfs.o tpm-chip.o tpm2-cmd.o \
> - tpm-dev-common.o tpm1_eventlog.o tpm2_eventlog.o tpm2-space.o
> + tpm-dev-common.o tpms-dev.o tpm1_eventlog.o tpm2_eventlog.o \
> + tpm2-space.o
> tpm-$(CONFIG_ACPI) += tpm_ppi.o tpm_acpi.o
> tpm-$(CONFIG_OF) += tpm_of.o
> obj-$(CONFIG_TCG_TIS_CORE) += tpm_tis_core.o
> diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
> index 993b9ae..c71c353 100644
> --- a/drivers/char/tpm/tpm-chip.c
> +++ b/drivers/char/tpm/tpm-chip.c
> @@ -33,6 +33,7 @@ DEFINE_IDR(dev_nums_idr);
> static DEFINE_MUTEX(idr_lock);
>
> struct class *tpm_class;
> +struct class *tpms_class;
> dev_t tpm_devt;
>
> /**
> @@ -132,6 +133,14 @@ static void tpm_dev_release(struct device *dev)
> kfree(chip);
> }
>
> +static void tpm_devs_release(struct device *dev)
> +{
> + struct tpm_chip *chip = container_of(dev, struct tpm_chip, devs);
> +
> + /* release the master device reference */
> + put_device(&chip->dev);
> +}
> +
> /**
> * tpm_chip_alloc() - allocate a new struct tpm_chip instance
> * @pdev: device to which the chip is associated
> @@ -168,27 +177,47 @@ struct tpm_chip *tpm_chip_alloc(struct device *pdev,
> chip->dev_num = rc;
>
> device_initialize(&chip->dev);
> + device_initialize(&chip->devs);
>
> chip->dev.class = tpm_class;
> chip->dev.release = tpm_dev_release;
> chip->dev.parent = pdev;
> chip->dev.groups = chip->groups;
>
> + chip->devs.parent = pdev;
> + chip->devs.class = tpms_class;
> + chip->devs.release = tpm_devs_release;
> + /* get extra reference on main device to hold on
> + * behalf of devs. This holds the chip structure
> + * while cdevs is in use. The corresponding put
> + * is in the tpm_devs_release
> + */
> + get_device(&chip->dev);
> +
> if (chip->dev_num == 0)
> chip->dev.devt = MKDEV(MISC_MAJOR, TPM_MINOR);
> else
> chip->dev.devt = MKDEV(MAJOR(tpm_devt), chip->dev_num);
>
> + chip->devs.devt =
> + MKDEV(MAJOR(tpm_devt), chip->dev_num + TPM_NUM_DEVICES);
> +
> rc = dev_set_name(&chip->dev, "tpm%d", chip->dev_num);
> if (rc)
> goto out;
> + rc = dev_set_name(&chip->devs, "tpms%d", chip->dev_num);
> + if (rc)
> + goto out;
>
> if (!pdev)
> chip->flags |= TPM_CHIP_FLAG_VIRTUAL;
>
> cdev_init(&chip->cdev, &tpm_fops);
> + cdev_init(&chip->cdevs, &tpms_fops);
> chip->cdev.owner = THIS_MODULE;
> + chip->cdevs.owner = THIS_MODULE;
> chip->cdev.kobj.parent = &chip->dev.kobj;
> + chip->cdevs.kobj.parent = &chip->devs.kobj;
>
> chip->work_space.context_buf = kzalloc(PAGE_SIZE, GFP_KERNEL);
> if (!chip->work_space.context_buf) {
> @@ -199,6 +228,7 @@ struct tpm_chip *tpm_chip_alloc(struct device *pdev,
> return chip;
>
> out:
> + put_device(&chip->devs);
> put_device(&chip->dev);
> return ERR_PTR(rc);
> }
> @@ -244,7 +274,7 @@ static int tpm_add_char_device(struct tpm_chip *chip)
> dev_name(&chip->dev), MAJOR(chip->dev.devt),
> MINOR(chip->dev.devt), rc);
>
> - return rc;
> + goto err_1;
> }
>
> rc = device_add(&chip->dev);
> @@ -254,16 +284,44 @@ static int tpm_add_char_device(struct tpm_chip *chip)
> dev_name(&chip->dev), MAJOR(chip->dev.devt),
> MINOR(chip->dev.devt), rc);
>
> - cdev_del(&chip->cdev);
> - return rc;
> + goto err_2;
> + }
> +
> + if (chip->flags & TPM_CHIP_FLAG_TPM2)
> + rc = cdev_add(&chip->cdevs, chip->devs.devt, 1);
> + if (rc) {
> + dev_err(&chip->dev,
> + "unable to cdev_add() %s, major %d, minor %d, err=%d\n",
> + dev_name(&chip->devs), MAJOR(chip->devs.devt),
> + MINOR(chip->devs.devt), rc);
> +
> + goto err_3;
> }
>
> + if (chip->flags & TPM_CHIP_FLAG_TPM2)
> + rc = device_add(&chip->devs);
> + if (rc) {
> + dev_err(&chip->dev,
> + "unable to device_register() %s, major %d, minor %d, err=%d\n",
> + dev_name(&chip->devs), MAJOR(chip->devs.devt),
> + MINOR(chip->devs.devt), rc);
> +
> + goto err_4;
> + }
> /* Make the chip available. */
> mutex_lock(&idr_lock);
> idr_replace(&dev_nums_idr, chip, chip->dev_num);
> mutex_unlock(&idr_lock);
>
> return rc;
> + err_4:
> + cdev_del(&chip->cdevs);
> + err_3:
> + device_del(&chip->dev);
> + err_2:
> + cdev_del(&chip->cdev);
> + err_1:
> + return rc;
> }
>
> static void tpm_del_char_device(struct tpm_chip *chip)
> @@ -271,6 +329,11 @@ static void tpm_del_char_device(struct tpm_chip *chip)
> cdev_del(&chip->cdev);
> device_del(&chip->dev);
>
> + if (chip->flags & TPM_CHIP_FLAG_TPM2) {
> + cdev_del(&chip->cdevs);
> + device_del(&chip->devs);
> + }
> +
> /* Make the chip unavailable. */
> mutex_lock(&idr_lock);
> idr_replace(&dev_nums_idr, NULL, chip->dev_num);
> @@ -282,6 +345,10 @@ static void tpm_del_char_device(struct tpm_chip *chip)
> tpm2_shutdown(chip, TPM2_SU_CLEAR);
> chip->ops = NULL;
> up_write(&chip->ops_sem);
> + /* will release the devs reference to the chip->dev unless
> + * something has cdevs open
> + */
> + put_device(&chip->devs);
> }
>
> static void tpm_del_legacy_sysfs(struct tpm_chip *chip)
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index db5ffe9..deb2021 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -1257,9 +1257,17 @@ static int __init tpm_init(void)
> return PTR_ERR(tpm_class);
> }
>
> - rc = alloc_chrdev_region(&tpm_devt, 0, TPM_NUM_DEVICES, "tpm");
> + tpms_class = class_create(THIS_MODULE, "tpms");
> + if (IS_ERR(tpms_class)) {
> + pr_err("couldn't create tpms class\n");
> + class_destroy(tpm_class);
> + return PTR_ERR(tpms_class);
> + }
> +
> + rc = alloc_chrdev_region(&tpm_devt, 0, 2*TPM_NUM_DEVICES, "tpm");
> if (rc < 0) {
> pr_err("tpm: failed to allocate char dev region\n");
> + class_destroy(tpms_class);
> class_destroy(tpm_class);
> return rc;
> }
> @@ -1271,7 +1279,8 @@ static void __exit tpm_exit(void)
> {
> idr_destroy(&dev_nums_idr);
> class_destroy(tpm_class);
> - unregister_chrdev_region(tpm_devt, TPM_NUM_DEVICES);
> + class_destroy(tpms_class);
> + unregister_chrdev_region(tpm_devt, 2*TPM_NUM_DEVICES);
> }
>
> subsys_initcall(tpm_init);
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index 97e48a4..822ca67 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -182,7 +182,9 @@ struct tpm_chip_seqops {
>
> struct tpm_chip {
> struct device dev;
> + struct device devs;
> struct cdev cdev;
> + struct cdev cdevs;
>
> /* A driver callback under ops cannot be run unless ops_sem is held
> * (sometimes implicitly, eg for the sysfs code). ops becomes null
> @@ -510,8 +512,10 @@ static inline void tpm_buf_append_u32(struct tpm_buf *buf, const u32 value)
> }
>
> extern struct class *tpm_class;
> +extern struct class *tpms_class;
> extern dev_t tpm_devt;
> extern const struct file_operations tpm_fops;
> +extern const struct file_operations tpms_fops;
> extern struct idr dev_nums_idr;
>
> enum tpm_transmit_flags {
> diff --git a/drivers/char/tpm/tpms-dev.c b/drivers/char/tpm/tpms-dev.c
> new file mode 100644
> index 0000000..5720885
> --- /dev/null
> +++ b/drivers/char/tpm/tpms-dev.c
> @@ -0,0 +1,65 @@
> +/*
> + * Copyright (C) 2017 James.Bottomley@HansenPartnership.com
> + *
> + * GPLv2
> + */
> +#include <linux/slab.h>
> +#include "tpm-dev.h"
> +
> +struct tpms_priv {
> + struct file_priv priv;
> + struct tpm_space space;
> +};
> +
> +static int tpms_open(struct inode *inode, struct file *file)
> +{
> + struct tpm_chip *chip;
> + struct tpms_priv *priv;
> + int rc;
> +
> + chip = container_of(inode->i_cdev, struct tpm_chip, cdevs);
> + priv = kzalloc(sizeof(*priv), GFP_KERNEL);
> + if (priv == NULL)
> + return -ENOMEM;
> +
> + rc = tpm2_init_space(&priv->space);
> + if (rc) {
> + kfree(priv);
> + return -ENOMEM;
> + }
> +
> + tpm_common_open(file, chip, &priv->priv);
> +
> + return 0;
> +}
> +
> +static int tpms_release(struct inode *inode, struct file *file)
> +{
> + struct file_priv *fpriv = file->private_data;
> + struct tpms_priv *priv = container_of(fpriv, struct tpms_priv, priv);
> +
> + tpm_common_release(file, fpriv);
> + tpm2_del_space(&priv->space);
> + kfree(priv);
> +
> + return 0;
> +}
> +
> +ssize_t tpms_write(struct file *file, const char __user *buf,
> + size_t size, loff_t *off)
> +{
> + struct file_priv *fpriv = file->private_data;
> + struct tpms_priv *priv = container_of(fpriv, struct tpms_priv, priv);
> +
> + return tpm_common_write(file, buf, size, off, &priv->space);
> +}
> +
> +const struct file_operations tpms_fops = {
> + .owner = THIS_MODULE,
> + .llseek = no_llseek,
> + .open = tpms_open,
> + .read = tpm_common_read,
> + .write = tpms_write,
> + .release = tpms_release,
> +};
> +
>
next prev parent reply other threads:[~2017-02-24 6:59 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-16 19:25 [PATCH v2 0/7] in-kernel resource manager Jarkko Sakkinen
[not found] ` <20170216192529.25467-1-jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
2017-02-16 19:25 ` [PATCH v2 1/7] tpm: move length validation to tpm_transmit() Jarkko Sakkinen
2017-02-16 19:25 ` [PATCH v2 2/7] tpm: validate TPM 2.0 commands Jarkko Sakkinen
2017-02-16 19:25 ` [PATCH v2 3/7] tpm: export tpm2_flush_context_cmd Jarkko Sakkinen
2017-02-16 19:25 ` [PATCH v2 4/7] tpm: infrastructure for TPM spaces Jarkko Sakkinen
2017-02-21 18:24 ` [tpmdd-devel] " Nayna
2017-02-22 17:39 ` James Bottomley
2017-02-22 20:56 ` Ken Goldman
[not found] ` <1487785159.2376.27.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2017-03-22 20:09 ` Ken Goldman
2017-03-23 15:56 ` [tpmdd-devel] " Jarkko Sakkinen
[not found] ` <58AC85F2.5000406-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2017-02-22 17:08 ` Ken Goldman
2017-02-22 21:08 ` Jarkko Sakkinen
2017-02-24 12:53 ` James Bottomley
2017-02-24 17:02 ` Jarkko Sakkinen
2017-02-16 19:25 ` [PATCH v2 5/7] tpm: split out tpm-dev.c into tpm-dev.c and tpm-common-dev.c Jarkko Sakkinen
[not found] ` <20170216192529.25467-6-jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
2017-02-23 9:04 ` Jarkko Sakkinen
2017-02-16 19:25 ` [PATCH v2 7/7] tpm2: add session handle context saving and restoring to the space code Jarkko Sakkinen
2017-02-23 9:04 ` Jarkko Sakkinen
2017-02-16 19:25 ` [PATCH v2 6/7] tpm: expose spaces via a device link /dev/tpms<n> Jarkko Sakkinen
2017-02-23 9:09 ` Jarkko Sakkinen
[not found] ` <20170223090917.jq7thil5ggjmagil-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-02-24 13:02 ` James Bottomley
2017-02-24 17:39 ` Jarkko Sakkinen
[not found] ` <20170224173922.qwuhfxeitbyct52o-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-02-24 18:11 ` Jason Gunthorpe
2017-02-24 20:29 ` James Bottomley
[not found] ` <1487968155.2190.14.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2017-02-24 20:52 ` Jason Gunthorpe
2017-02-24 23:01 ` [tpmdd-devel] " James Bottomley
2017-02-24 23:23 ` Jason Gunthorpe
[not found] ` <20170224232327.GA9126-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2017-02-24 23:43 ` James Bottomley
2017-02-25 0:25 ` [tpmdd-devel] " Jason Gunthorpe
[not found] ` <20170225002514.GA10605-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2017-02-25 17:04 ` James Bottomley
[not found] ` <1488042289.2250.22.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2017-02-27 17:28 ` Jason Gunthorpe
2017-02-26 11:44 ` Jarkko Sakkinen
2017-02-26 18:30 ` Dr. Greg Wettstein
[not found] ` <20170226183040.GA4272-DHO+NtfOqB5PEDpkEIzg7wC/G2K4zDHf@public.gmane.org>
2017-02-28 17:22 ` Ken Goldman
[not found] ` <20170226114440.5ksg3lx27ylekvbx-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-02-27 17:33 ` Jason Gunthorpe
2017-02-24 6:59 ` Nayna [this message]
2017-02-24 12:53 ` [tpmdd-devel] " James Bottomley
[not found] ` <1487940829.2249.15.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2017-02-27 11:46 ` Nayna
[not found] ` <58B41184.7020200-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2017-02-27 14:55 ` James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=58AFD9C1.1050507@linux.vnet.ibm.com \
--to=nayna@linux.vnet.ibm.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=dhowells@redhat.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=tpmdd-devel@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).