From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753623AbdAESHY (ORCPT ); Thu, 5 Jan 2017 13:07:24 -0500 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:56209 "EHLO mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1751989AbdAESGo (ORCPT ); Thu, 5 Jan 2017 13:06:44 -0500 Subject: Re: [tpmdd-devel] [PATCH RFC 0/4] RFC: in-kernel resource manager From: James Bottomley To: Jason Gunthorpe , "Fuchs, Andreas" Cc: "linux-security-module@vger.kernel.org" , "tpmdd-devel@lists.sourceforge.net" , open list Date: Thu, 05 Jan 2017 10:06:35 -0800 In-Reply-To: <20170105172726.GA11680@obsidianresearch.com> References: <20170102132213.22880-1-jarkko.sakkinen@linux.intel.com> <9F48E1A823B03B4790B7E6E69430724DC7C149F6@exch2010c.sit.fraunhofer.de> <20170105172726.GA11680@obsidianresearch.com> Content-Type: text/plain; charset="UTF-8" X-Mailer: Evolution 3.16.5 Mime-Version: 1.0 Content-Transfer-Encoding: 7bit X-TM-AS-GCONF: 00 X-Content-Scanned: Fidelis XPS MAILER x-cbid: 17010518-0016-0000-0000-00000591766B X-IBM-SpamModules-Scores: X-IBM-SpamModules-Versions: BY=3.00006379; HX=3.00000240; KW=3.00000007; PH=3.00000004; SC=3.00000199; SDB=6.00803981; UDB=6.00391189; IPR=6.00581829; BA=6.00005031; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000; ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00013834; XFM=3.00000011; UTC=2017-01-05 18:06:41 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 17010518-0017-0000-0000-00003604AD29 Message-Id: <1483639595.2515.52.camel@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-01-05_12:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1612050000 definitions=main-1701050270 Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2017-01-05 at 10:27 -0700, Jason Gunthorpe wrote: > On Thu, Jan 05, 2017 at 03:52:02PM +0000, Fuchs, Andreas wrote: > > Great to see this coming along so well. Thanks a lot to Jarkko ! > > > The TPM allows an application to get the list of currently loaded > > handles TPM2_GetCapabilities(TPM_CAP_HANDLES). It would be great > > to have the RM be as transparent to userspace as possible. The RM > > spec of TCG therefore says that you need to intercept and override > > this > > I'd rather just ban unnecessary stuff like this on the RM fd. > Tracking active handles can be done in userspace by the app > itself. Debugging can be done by using the non-RM fd or debugfs. Yes, we basically agreed on not doing this. The only handles that actually need translating are the transient 0x80 ones. Since the RM effectively segregates them, you can't see anyone else's, so the only query could be about the application's own transient handles and it's difficult to see how it could lose track of them and want to issue this query. So the best course is to leave it unimplemented (less code) and see if anyone complains because they have an actual use case. James From mboxrd@z Thu Jan 1 00:00:00 1970 From: James Bottomley Subject: Re: [PATCH RFC 0/4] RFC: in-kernel resource manager Date: Thu, 05 Jan 2017 10:06:35 -0800 Message-ID: <1483639595.2515.52.camel@linux.vnet.ibm.com> References: <20170102132213.22880-1-jarkko.sakkinen@linux.intel.com> <9F48E1A823B03B4790B7E6E69430724DC7C149F6@exch2010c.sit.fraunhofer.de> <20170105172726.GA11680@obsidianresearch.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <20170105172726.GA11680-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tpmdd-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org To: Jason Gunthorpe , "Fuchs, Andreas" Cc: "linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org" , "tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org" , open list List-Id: tpmdd-devel@lists.sourceforge.net On Thu, 2017-01-05 at 10:27 -0700, Jason Gunthorpe wrote: > On Thu, Jan 05, 2017 at 03:52:02PM +0000, Fuchs, Andreas wrote: > > Great to see this coming along so well. Thanks a lot to Jarkko ! > > > The TPM allows an application to get the list of currently loaded > > handles TPM2_GetCapabilities(TPM_CAP_HANDLES). It would be great > > to have the RM be as transparent to userspace as possible. The RM > > spec of TCG therefore says that you need to intercept and override > > this > > I'd rather just ban unnecessary stuff like this on the RM fd. > Tracking active handles can be done in userspace by the app > itself. Debugging can be done by using the non-RM fd or debugfs. Yes, we basically agreed on not doing this. The only handles that actually need translating are the transient 0x80 ones. Since the RM effectively segregates them, you can't see anyone else's, so the only query could be about the application's own transient handles and it's difficult to see how it could lose track of them and want to issue this query. So the best course is to leave it unimplemented (less code) and see if anyone complains because they have an actual use case. James ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot