From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: Stefan Berger <stefanb@linux.vnet.ibm.com>
Cc: tpmdd-devel@lists.sourceforge.net,
LSM List <linux-security-module@vger.kernel.org>,
jgunthorpe@obsidianresearch.com, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 3/3] tpm: vtpm_proxy: Add ioctl to request locality prepended to command
Date: Tue, 9 May 2017 02:43:28 +0300 [thread overview]
Message-ID: <20170508234328.iydmoverh5z4nwco@intel.com> (raw)
In-Reply-To: <daa25807-53cd-1abd-d2fa-57e01e37da9f@linux.vnet.ibm.com>
On Thu, May 04, 2017 at 04:03:18PM -0400, Stefan Berger wrote:
> On 05/04/2017 02:40 PM, Jarkko Sakkinen wrote:
> > On Thu, May 04, 2017 at 07:14:27AM -0400, Stefan Berger wrote:
> > > On 05/04/2017 05:17 AM, Jarkko Sakkinen wrote:
> > > > On Wed, May 03, 2017 at 07:40:48PM -0400, Stefan Berger wrote:
> > > > > On 05/03/2017 06:37 PM, Jarkko Sakkinen wrote:
> > > > > > On Fri, Apr 28, 2017 at 09:02:18AM -0400, Stefan Berger wrote:
> > > > > > > Add an ioctl to request that the locality be prepended to every TPM
> > > > > > > command.
> > > > > > Don't really understand this change. Why locality is prenpended?
> > > > > Commands can be executed under locality 0-3 and for some commands it is
> > > > > important to know which locality a user may have chosen. How else should we
> > > > > convey that locality to the TPM emulator ?
> > > > Why this is not in the commit message?
> > > >
> > > > More scalable way to do this would be to have a set of vtpm proxy
> > > > commands. There could be a command for requesting and releasing
> > > > locality. That would be more clean.
> > > I would think that if someone wanted to use locality it's the client using
> > > /dev/tpm(rm)0 calling an ioctl or so and the vtpm proxy then merely passing
> > > that locality to the backend (TPM emulator). I suppose the intention is to
> > > support something like that following the addition of the new functions
> > > request_locality and release_locality?
> > What if we later on want to pass something else than locality to the
> > backend? How that will work out?
>
> 'push' more data in front. 'pop' off by recipient. We could wrap the command
> in some form.
>
> Stefan
I would find having a set of special commands cleaner. Prepending sounds
like a quick hack to me, not really something that should exist in the
mainline.
/Jarkko
WARNING: multiple messages have this Message-ID (diff)
From: jarkko.sakkinen@linux.intel.com (Jarkko Sakkinen)
To: linux-security-module@vger.kernel.org
Subject: [PATCH v2 3/3] tpm: vtpm_proxy: Add ioctl to request locality prepended to command
Date: Tue, 9 May 2017 02:43:28 +0300 [thread overview]
Message-ID: <20170508234328.iydmoverh5z4nwco@intel.com> (raw)
In-Reply-To: <daa25807-53cd-1abd-d2fa-57e01e37da9f@linux.vnet.ibm.com>
On Thu, May 04, 2017 at 04:03:18PM -0400, Stefan Berger wrote:
> On 05/04/2017 02:40 PM, Jarkko Sakkinen wrote:
> > On Thu, May 04, 2017 at 07:14:27AM -0400, Stefan Berger wrote:
> > > On 05/04/2017 05:17 AM, Jarkko Sakkinen wrote:
> > > > On Wed, May 03, 2017 at 07:40:48PM -0400, Stefan Berger wrote:
> > > > > On 05/03/2017 06:37 PM, Jarkko Sakkinen wrote:
> > > > > > On Fri, Apr 28, 2017 at 09:02:18AM -0400, Stefan Berger wrote:
> > > > > > > Add an ioctl to request that the locality be prepended to every TPM
> > > > > > > command.
> > > > > > Don't really understand this change. Why locality is prenpended?
> > > > > Commands can be executed under locality 0-3 and for some commands it is
> > > > > important to know which locality a user may have chosen. How else should we
> > > > > convey that locality to the TPM emulator ?
> > > > Why this is not in the commit message?
> > > >
> > > > More scalable way to do this would be to have a set of vtpm proxy
> > > > commands. There could be a command for requesting and releasing
> > > > locality. That would be more clean.
> > > I would think that if someone wanted to use locality it's the client using
> > > /dev/tpm(rm)0 calling an ioctl or so and the vtpm proxy then merely passing
> > > that locality to the backend (TPM emulator). I suppose the intention is to
> > > support something like that following the addition of the new functions
> > > request_locality and release_locality?
> > What if we later on want to pass something else than locality to the
> > backend? How that will work out?
>
> 'push' more data in front. 'pop' off by recipient. We could wrap the command
> in some form.
>
> Stefan
I would find having a set of special commands cleaner. Prepending sounds
like a quick hack to me, not really something that should exist in the
mainline.
/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2017-05-08 23:43 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-28 13:02 [PATCH v2 0/3] Extend the vTPM proxy driver to pass locality to emulator Stefan Berger
2017-04-28 13:02 ` Stefan Berger
2017-04-28 13:02 ` [PATCH v2 1/3] tpm: vtpm_proxy: Add ioctl to get supported flags Stefan Berger
2017-04-28 13:02 ` Stefan Berger
2017-04-28 13:02 ` Stefan Berger
2017-05-03 22:31 ` Jarkko Sakkinen
2017-05-03 22:31 ` Jarkko Sakkinen
2017-04-28 13:02 ` [PATCH v2 2/3] tpm: vtpm_proxy: Implement request_locality Stefan Berger
2017-04-28 13:02 ` Stefan Berger
2017-04-28 13:02 ` Stefan Berger
2017-04-28 13:02 ` [PATCH v2 3/3] tpm: vtpm_proxy: Add ioctl to request locality prepended to command Stefan Berger
2017-04-28 13:02 ` Stefan Berger
2017-04-29 7:02 ` kbuild test robot
2017-04-29 7:02 ` kbuild test robot
2017-04-29 7:02 ` kbuild test robot
2017-05-03 22:37 ` Jarkko Sakkinen
2017-05-03 22:37 ` Jarkko Sakkinen
2017-05-03 23:40 ` Stefan Berger
2017-05-03 23:40 ` Stefan Berger
2017-05-03 23:40 ` Stefan Berger
2017-05-04 9:17 ` Jarkko Sakkinen
2017-05-04 9:17 ` Jarkko Sakkinen
2017-05-04 9:17 ` Jarkko Sakkinen
2017-05-04 11:14 ` Stefan Berger
2017-05-04 11:14 ` Stefan Berger
2017-05-04 18:40 ` Jarkko Sakkinen
2017-05-04 18:40 ` Jarkko Sakkinen
2017-05-04 20:03 ` Stefan Berger
2017-05-04 20:03 ` Stefan Berger
2017-05-04 20:03 ` Stefan Berger
2017-05-08 23:43 ` Jarkko Sakkinen [this message]
2017-05-08 23:43 ` Jarkko Sakkinen
2017-05-09 15:49 ` Stefan Berger
2017-05-09 15:49 ` Stefan Berger
2017-05-09 15:49 ` Stefan Berger
2017-05-10 12:47 ` Jarkko Sakkinen
2017-05-10 12:47 ` Jarkko Sakkinen
2017-05-10 13:20 ` Stefan Berger
2017-05-10 13:20 ` Stefan Berger
2017-05-10 18:33 ` Jarkko Sakkinen
2017-05-10 18:33 ` Jarkko Sakkinen
2017-05-10 18:33 ` Jarkko Sakkinen
2017-04-29 11:58 ` [PATCH v2 0/3] Extend the vTPM proxy driver to pass locality to emulator Jarkko Sakkinen
2017-04-29 11:58 ` Jarkko Sakkinen
2017-04-29 11:58 ` Jarkko Sakkinen
2017-05-03 22:38 ` Jarkko Sakkinen
2017-05-03 22:38 ` Jarkko Sakkinen
2017-05-03 23:42 ` Stefan Berger
2017-05-03 23:42 ` Stefan Berger
2017-05-04 9:18 ` Jarkko Sakkinen
2017-05-04 9:18 ` Jarkko Sakkinen
2017-05-04 9:18 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170508234328.iydmoverh5z4nwco@intel.com \
--to=jarkko.sakkinen@linux.intel.com \
--cc=jgunthorpe@obsidianresearch.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=stefanb@linux.vnet.ibm.com \
--cc=tpmdd-devel@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.