From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> To: tpmdd-devel@lists.sourceforge.net Cc: linux-security-module@vger.kernel.org, Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>, Jason Gunthorpe <jgunthorpe@obsidianresearch.com>, linux-kernel@vger.kernel.org (open list) Subject: [PATCH RFC v3 0/5] RFC: in-kernel resource manager Date: Mon, 16 Jan 2017 15:12:06 +0200 [thread overview] Message-ID: <20170116131215.28930-1-jarkko.sakkinen@linux.intel.com> (raw) This patch set adds support for TPM spaces that provide a context for isolating and swapping transient objects. This patch set does not yet include support for isolating policy and HMAC sessions but it is trivial to add once the basic approach is settled (and that's why I created an RFC patch set). There's a test script for trying out TPM spaces in git://git.infradead.org/users/jjs/tpm2-scripts.git A simple smoke test can be run by sudo python -m unittest -v tpm2_smoke.SpaceTest v2: Changed to James' proposal of API. I did not make any other changes except split core TPM space code its own patch because I want to find consensus on the API before polishing the corners. Thus, this version also carries the RFC tag. I have not yet locked in my standpoint whether ioctl or a device file is a better deal. v3: - Check TPM return code in tpm_map_response. - Reference tracking for /dev/tpms0. - clear_bit(is_open) was removed from tpm-dev.c. Added it back. - Use response length as the buffer size limit in tpm2_commit_space. - This version now passes again my smoke tests. James Bottomley (2): tpm: split out tpm-dev.c into tpm-dev.c and tpm-common-dev.c tpm2: expose resource manager via a device link /dev/tpms<n> Jarkko Sakkinen (3): tpm: validate TPM 2.0 commands tpm: export tpm2_flush_context_cmd tpm: infrastructure for TPM spaces drivers/char/tpm/Makefile | 2 +- drivers/char/tpm/tpm-chip.c | 79 +++++++++- drivers/char/tpm/tpm-dev-common.c | 145 ++++++++++++++++++ drivers/char/tpm/tpm-dev.c | 140 ++--------------- drivers/char/tpm/tpm-dev.h | 27 ++++ drivers/char/tpm/tpm-interface.c | 100 +++++++++---- drivers/char/tpm/tpm-sysfs.c | 2 +- drivers/char/tpm/tpm.h | 56 +++++-- drivers/char/tpm/tpm2-cmd.c | 146 ++++++++++++------ drivers/char/tpm/tpm2-space.c | 305 ++++++++++++++++++++++++++++++++++++++ drivers/char/tpm/tpms-dev.c | 62 ++++++++ 11 files changed, 852 insertions(+), 212 deletions(-) create mode 100644 drivers/char/tpm/tpm-dev-common.c create mode 100644 drivers/char/tpm/tpm-dev.h create mode 100644 drivers/char/tpm/tpm2-space.c create mode 100644 drivers/char/tpm/tpms-dev.c -- 2.9.3
WARNING: multiple messages have this Message-ID (diff)
From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> To: tpmdd-devel@lists.sourceforge.net Cc: linux-security-module@vger.kernel.org, Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>, Jason Gunthorpe <jgunthorpe@obsidianresearch.com>, open list <linux-kernel@vger.kernel.org> Subject: [PATCH RFC v3 0/5] RFC: in-kernel resource manager Date: Mon, 16 Jan 2017 15:12:06 +0200 [thread overview] Message-ID: <20170116131215.28930-1-jarkko.sakkinen@linux.intel.com> (raw) This patch set adds support for TPM spaces that provide a context for isolating and swapping transient objects. This patch set does not yet include support for isolating policy and HMAC sessions but it is trivial to add once the basic approach is settled (and that's why I created an RFC patch set). There's a test script for trying out TPM spaces in git://git.infradead.org/users/jjs/tpm2-scripts.git A simple smoke test can be run by sudo python -m unittest -v tpm2_smoke.SpaceTest v2: Changed to James' proposal of API. I did not make any other changes except split core TPM space code its own patch because I want to find consensus on the API before polishing the corners. Thus, this version also carries the RFC tag. I have not yet locked in my standpoint whether ioctl or a device file is a better deal. v3: - Check TPM return code in tpm_map_response. - Reference tracking for /dev/tpms0. - clear_bit(is_open) was removed from tpm-dev.c. Added it back. - Use response length as the buffer size limit in tpm2_commit_space. - This version now passes again my smoke tests. James Bottomley (2): tpm: split out tpm-dev.c into tpm-dev.c and tpm-common-dev.c tpm2: expose resource manager via a device link /dev/tpms<n> Jarkko Sakkinen (3): tpm: validate TPM 2.0 commands tpm: export tpm2_flush_context_cmd tpm: infrastructure for TPM spaces drivers/char/tpm/Makefile | 2 +- drivers/char/tpm/tpm-chip.c | 79 +++++++++- drivers/char/tpm/tpm-dev-common.c | 145 ++++++++++++++++++ drivers/char/tpm/tpm-dev.c | 140 ++--------------- drivers/char/tpm/tpm-dev.h | 27 ++++ drivers/char/tpm/tpm-interface.c | 100 +++++++++---- drivers/char/tpm/tpm-sysfs.c | 2 +- drivers/char/tpm/tpm.h | 56 +++++-- drivers/char/tpm/tpm2-cmd.c | 146 ++++++++++++------ drivers/char/tpm/tpm2-space.c | 305 ++++++++++++++++++++++++++++++++++++++ drivers/char/tpm/tpms-dev.c | 62 ++++++++ 11 files changed, 852 insertions(+), 212 deletions(-) create mode 100644 drivers/char/tpm/tpm-dev-common.c create mode 100644 drivers/char/tpm/tpm-dev.h create mode 100644 drivers/char/tpm/tpm2-space.c create mode 100644 drivers/char/tpm/tpms-dev.c -- 2.9.3
next reply other threads:[~2017-01-16 13:12 UTC|newest] Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top 2017-01-16 13:12 Jarkko Sakkinen [this message] 2017-01-16 13:12 ` [PATCH RFC v3 0/5] RFC: in-kernel resource manager Jarkko Sakkinen 2017-01-16 13:12 ` [PATCH RFC v3 1/5] tpm: validate TPM 2.0 commands Jarkko Sakkinen 2017-01-16 13:12 ` Jarkko Sakkinen 2017-01-16 13:12 ` [PATCH RFC v3 2/5] tpm: export tpm2_flush_context_cmd Jarkko Sakkinen 2017-01-16 13:12 ` Jarkko Sakkinen 2017-01-16 13:12 ` [PATCH RFC v3 3/5] tpm: infrastructure for TPM spaces Jarkko Sakkinen 2017-01-16 13:12 ` Jarkko Sakkinen 2017-01-16 13:12 ` [PATCH RFC v3 4/5] tpm: split out tpm-dev.c into tpm-dev.c and tpm-common-dev.c Jarkko Sakkinen 2017-01-16 13:12 ` Jarkko Sakkinen 2017-01-16 13:12 ` [PATCH RFC v3 5/5] tpm2: expose resource manager via a device link /dev/tpms<n> Jarkko Sakkinen 2017-01-16 13:12 ` Jarkko Sakkinen 2017-01-16 16:14 ` Jason Gunthorpe 2017-01-16 17:24 ` Jarkko Sakkinen 2017-01-16 17:28 ` [tpmdd-devel] " James Bottomley 2017-01-17 7:14 ` Jarkko Sakkinen 2017-01-18 15:01 ` James Bottomley 2017-01-19 10:49 ` Jarkko Sakkinen 2017-01-19 12:19 ` James Bottomley 2017-01-20 13:39 ` Jarkko Sakkinen 2017-01-20 21:05 ` Jarkko Sakkinen 2017-01-20 21:05 ` Jarkko Sakkinen 2017-01-21 19:28 ` [tpmdd-devel] " James Bottomley 2017-01-22 14:49 ` Jarkko Sakkinen 2017-01-22 14:49 ` Jarkko Sakkinen 2017-01-21 20:38 ` [tpmdd-devel] " James Bottomley 2017-01-21 20:38 ` James Bottomley 2017-01-22 14:49 ` [tpmdd-devel] " Jarkko Sakkinen 2017-01-22 14:49 ` Jarkko Sakkinen 2017-01-22 17:49 ` [tpmdd-devel] " James Bottomley 2017-01-22 18:48 ` James Bottomley 2017-01-22 20:30 ` Jarkko Sakkinen 2017-01-22 21:01 ` Jarkko Sakkinen 2017-01-22 21:04 ` Jarkko Sakkinen 2017-01-22 21:36 ` James Bottomley 2017-01-23 14:09 ` Jarkko Sakkinen 2017-01-23 16:14 ` James Bottomley 2017-01-23 16:14 ` James Bottomley 2017-01-24 12:03 ` [tpmdd-devel] " Jarkko Sakkinen 2017-01-24 12:03 ` Jarkko Sakkinen 2017-01-23 16:58 ` [tpmdd-devel] " Jarkko Sakkinen 2017-01-23 21:42 ` Jarkko Sakkinen 2017-01-23 21:42 ` Jarkko Sakkinen 2017-01-23 22:16 ` [tpmdd-devel] " James Bottomley 2017-01-23 22:16 ` James Bottomley 2017-01-25 13:40 ` [tpmdd-devel] " Jarkko Sakkinen 2017-01-25 13:42 ` Jarkko Sakkinen 2017-01-27 0:29 ` James Bottomley 2017-01-27 0:29 ` James Bottomley 2017-01-27 6:45 ` [tpmdd-devel] " Jarkko Sakkinen 2017-01-27 6:45 ` Jarkko Sakkinen 2017-01-25 20:23 ` [tpmdd-devel] " Jarkko Sakkinen [not found] ` <1485209797.2534.29.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org> 2017-01-27 22:01 ` Ken Goldman 2017-01-22 20:24 ` [tpmdd-devel] " Jarkko Sakkinen 2017-01-22 20:24 ` Jarkko Sakkinen 2017-01-19 10:42 ` Jarkko Sakkinen 2017-01-19 10:42 ` Jarkko Sakkinen
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20170116131215.28930-1-jarkko.sakkinen@linux.intel.com \ --to=jarkko.sakkinen@linux.intel.com \ --cc=jgunthorpe@obsidianresearch.com \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-security-module@vger.kernel.org \ --cc=tpmdd-devel@lists.sourceforge.net \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.