From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: Roberto Sassu <roberto.sassu@huawei.com>,
dhowells@redhat.com, James.Bottomley@HansenPartnership.com
Cc: zohar@linux.ibm.com, david.safford@ge.com, monty.wiseman@ge.com,
matthewgarrett@google.com, linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, keyrings@vger.kernel.org,
silviu.vlasceanu@huawei.com
Subject: Re: [PATCH v8 6/7] KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip()
Date: Tue, 29 Jan 2019 20:43:07 +0000 [thread overview]
Message-ID: <20190129204307.GE11615@linux.intel.com> (raw)
In-Reply-To: <20190124154910.29948-7-roberto.sassu@huawei.com>
On Thu, Jan 24, 2019 at 04:49:09PM +0100, Roberto Sassu wrote:
> When crypto agility support will be added to the TPM driver, users of the
> driver have to retrieve the allocated banks from chip->allocated_banks and
> use this information to prepare the array of tpm_digest structures to be
> passed to tpm_pcr_extend().
>
> This patch retrieves a tpm_chip pointer from tpm_default_chip() so that the
> pointer can be used to prepare the array of tpm_digest structures.
>
> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> ---
> security/keys/trusted.c | 38 ++++++++++++++++++++++++--------------
> 1 file changed, 24 insertions(+), 14 deletions(-)
>
> diff --git a/security/keys/trusted.c b/security/keys/trusted.c
> index 4d98f4f87236..1a20a9692fef 100644
> --- a/security/keys/trusted.c
> +++ b/security/keys/trusted.c
> @@ -34,6 +34,7 @@
>
> static const char hmac_alg[] = "hmac(sha1)";
> static const char hash_alg[] = "sha1";
> +static struct tpm_chip *chip;
>
> struct sdesc {
> struct shash_desc shash;
> @@ -362,7 +363,7 @@ int trusted_tpm_send(unsigned char *cmd, size_t buflen)
> int rc;
>
> dump_tpm_buf(cmd);
> - rc = tpm_send(NULL, cmd, buflen);
> + rc = tpm_send(chip, cmd, buflen);
> dump_tpm_buf(cmd);
> if (rc > 0)
> /* Can't return positive return codes values to keyctl */
> @@ -384,10 +385,10 @@ static int pcrlock(const int pcrnum)
>
> if (!capable(CAP_SYS_ADMIN))
> return -EPERM;
> - ret = tpm_get_random(NULL, hash, SHA1_DIGEST_SIZE);
> + ret = tpm_get_random(chip, hash, SHA1_DIGEST_SIZE);
> if (ret != SHA1_DIGEST_SIZE)
> return ret;
> - return tpm_pcr_extend(NULL, pcrnum, hash) ? -EINVAL : 0;
> + return tpm_pcr_extend(chip, pcrnum, hash) ? -EINVAL : 0;
> }
>
> /*
> @@ -400,7 +401,7 @@ static int osap(struct tpm_buf *tb, struct osapsess *s,
> unsigned char ononce[TPM_NONCE_SIZE];
> int ret;
>
> - ret = tpm_get_random(NULL, ononce, TPM_NONCE_SIZE);
> + ret = tpm_get_random(chip, ononce, TPM_NONCE_SIZE);
> if (ret != TPM_NONCE_SIZE)
> return ret;
>
> @@ -496,7 +497,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype,
> if (ret < 0)
> goto out;
>
> - ret = tpm_get_random(NULL, td->nonceodd, TPM_NONCE_SIZE);
> + ret = tpm_get_random(chip, td->nonceodd, TPM_NONCE_SIZE);
> if (ret != TPM_NONCE_SIZE)
> goto out;
> ordinal = htonl(TPM_ORD_SEAL);
> @@ -606,7 +607,7 @@ static int tpm_unseal(struct tpm_buf *tb,
>
> ordinal = htonl(TPM_ORD_UNSEAL);
> keyhndl = htonl(SRKHANDLE);
> - ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE);
> + ret = tpm_get_random(chip, nonceodd, TPM_NONCE_SIZE);
> if (ret != TPM_NONCE_SIZE) {
> pr_info("trusted_key: tpm_get_random failed (%d)\n", ret);
> return ret;
> @@ -751,7 +752,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
> int i;
> int tpm2;
>
> - tpm2 = tpm_is_tpm2(NULL);
> + tpm2 = tpm_is_tpm2(chip);
> if (tpm2 < 0)
> return tpm2;
>
> @@ -920,7 +921,7 @@ static struct trusted_key_options *trusted_options_alloc(void)
> struct trusted_key_options *options;
> int tpm2;
>
> - tpm2 = tpm_is_tpm2(NULL);
> + tpm2 = tpm_is_tpm2(chip);
> if (tpm2 < 0)
> return NULL;
>
> @@ -970,7 +971,7 @@ static int trusted_instantiate(struct key *key,
> size_t key_len;
> int tpm2;
>
> - tpm2 = tpm_is_tpm2(NULL);
> + tpm2 = tpm_is_tpm2(chip);
> if (tpm2 < 0)
> return tpm2;
>
> @@ -1011,7 +1012,7 @@ static int trusted_instantiate(struct key *key,
> switch (key_cmd) {
> case Opt_load:
> if (tpm2)
> - ret = tpm_unseal_trusted(NULL, payload, options);
> + ret = tpm_unseal_trusted(chip, payload, options);
> else
> ret = key_unseal(payload, options);
> dump_payload(payload);
> @@ -1021,13 +1022,13 @@ static int trusted_instantiate(struct key *key,
> break;
> case Opt_new:
> key_len = payload->key_len;
> - ret = tpm_get_random(NULL, payload->key, key_len);
> + ret = tpm_get_random(chip, payload->key, key_len);
> if (ret != key_len) {
> pr_info("trusted_key: key_create failed (%d)\n", ret);
> goto out;
> }
> if (tpm2)
> - ret = tpm_seal_trusted(NULL, payload, options);
> + ret = tpm_seal_trusted(chip, payload, options);
> else
> ret = key_seal(payload, options);
> if (ret < 0)
> @@ -1225,17 +1226,26 @@ static int __init init_trusted(void)
> {
> int ret;
>
> + chip = tpm_default_chip();
> + if (!chip)
> + return -ENOENT;
> ret = trusted_shash_alloc();
> if (ret < 0)
> - return ret;
> + goto out_put;
> ret = register_key_type(&key_type_trusted);
> if (ret < 0)
> - trusted_shash_release();
> + goto out_release;
> + return 0;
> +out_release:
> + trusted_shash_release();
> +out_put:
> + put_device(&chip->dev);
> return ret;
> }
Since the labels are *only* used for exception fallbacks, I'd prefer
err_release and err_put.
Other than that, LGTM.
Unrelated side-note: I think the TPM subsystem starts to be soon in a
shape that TPM 2.0 trusted keys code could be eventually moved to
security/keys/trusted2.c, and TPM 1.2 trusted keys code could start to
use tpm_buf to build its commands.
/Jarkko
WARNING: multiple messages have this Message-ID (diff)
From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: Roberto Sassu <roberto.sassu@huawei.com>,
dhowells@redhat.com, James.Bottomley@HansenPartnership.com
Cc: zohar@linux.ibm.com, david.safford@ge.com, monty.wiseman@ge.com,
matthewgarrett@google.com, linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, keyrings@vger.kernel.org,
silviu.vlasceanu@huawei.com
Subject: Re: [PATCH v8 6/7] KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip()
Date: Tue, 29 Jan 2019 22:43:07 +0200 [thread overview]
Message-ID: <20190129204307.GE11615@linux.intel.com> (raw)
In-Reply-To: <20190124154910.29948-7-roberto.sassu@huawei.com>
On Thu, Jan 24, 2019 at 04:49:09PM +0100, Roberto Sassu wrote:
> When crypto agility support will be added to the TPM driver, users of the
> driver have to retrieve the allocated banks from chip->allocated_banks and
> use this information to prepare the array of tpm_digest structures to be
> passed to tpm_pcr_extend().
>
> This patch retrieves a tpm_chip pointer from tpm_default_chip() so that the
> pointer can be used to prepare the array of tpm_digest structures.
>
> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> ---
> security/keys/trusted.c | 38 ++++++++++++++++++++++++--------------
> 1 file changed, 24 insertions(+), 14 deletions(-)
>
> diff --git a/security/keys/trusted.c b/security/keys/trusted.c
> index 4d98f4f87236..1a20a9692fef 100644
> --- a/security/keys/trusted.c
> +++ b/security/keys/trusted.c
> @@ -34,6 +34,7 @@
>
> static const char hmac_alg[] = "hmac(sha1)";
> static const char hash_alg[] = "sha1";
> +static struct tpm_chip *chip;
>
> struct sdesc {
> struct shash_desc shash;
> @@ -362,7 +363,7 @@ int trusted_tpm_send(unsigned char *cmd, size_t buflen)
> int rc;
>
> dump_tpm_buf(cmd);
> - rc = tpm_send(NULL, cmd, buflen);
> + rc = tpm_send(chip, cmd, buflen);
> dump_tpm_buf(cmd);
> if (rc > 0)
> /* Can't return positive return codes values to keyctl */
> @@ -384,10 +385,10 @@ static int pcrlock(const int pcrnum)
>
> if (!capable(CAP_SYS_ADMIN))
> return -EPERM;
> - ret = tpm_get_random(NULL, hash, SHA1_DIGEST_SIZE);
> + ret = tpm_get_random(chip, hash, SHA1_DIGEST_SIZE);
> if (ret != SHA1_DIGEST_SIZE)
> return ret;
> - return tpm_pcr_extend(NULL, pcrnum, hash) ? -EINVAL : 0;
> + return tpm_pcr_extend(chip, pcrnum, hash) ? -EINVAL : 0;
> }
>
> /*
> @@ -400,7 +401,7 @@ static int osap(struct tpm_buf *tb, struct osapsess *s,
> unsigned char ononce[TPM_NONCE_SIZE];
> int ret;
>
> - ret = tpm_get_random(NULL, ononce, TPM_NONCE_SIZE);
> + ret = tpm_get_random(chip, ononce, TPM_NONCE_SIZE);
> if (ret != TPM_NONCE_SIZE)
> return ret;
>
> @@ -496,7 +497,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype,
> if (ret < 0)
> goto out;
>
> - ret = tpm_get_random(NULL, td->nonceodd, TPM_NONCE_SIZE);
> + ret = tpm_get_random(chip, td->nonceodd, TPM_NONCE_SIZE);
> if (ret != TPM_NONCE_SIZE)
> goto out;
> ordinal = htonl(TPM_ORD_SEAL);
> @@ -606,7 +607,7 @@ static int tpm_unseal(struct tpm_buf *tb,
>
> ordinal = htonl(TPM_ORD_UNSEAL);
> keyhndl = htonl(SRKHANDLE);
> - ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE);
> + ret = tpm_get_random(chip, nonceodd, TPM_NONCE_SIZE);
> if (ret != TPM_NONCE_SIZE) {
> pr_info("trusted_key: tpm_get_random failed (%d)\n", ret);
> return ret;
> @@ -751,7 +752,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
> int i;
> int tpm2;
>
> - tpm2 = tpm_is_tpm2(NULL);
> + tpm2 = tpm_is_tpm2(chip);
> if (tpm2 < 0)
> return tpm2;
>
> @@ -920,7 +921,7 @@ static struct trusted_key_options *trusted_options_alloc(void)
> struct trusted_key_options *options;
> int tpm2;
>
> - tpm2 = tpm_is_tpm2(NULL);
> + tpm2 = tpm_is_tpm2(chip);
> if (tpm2 < 0)
> return NULL;
>
> @@ -970,7 +971,7 @@ static int trusted_instantiate(struct key *key,
> size_t key_len;
> int tpm2;
>
> - tpm2 = tpm_is_tpm2(NULL);
> + tpm2 = tpm_is_tpm2(chip);
> if (tpm2 < 0)
> return tpm2;
>
> @@ -1011,7 +1012,7 @@ static int trusted_instantiate(struct key *key,
> switch (key_cmd) {
> case Opt_load:
> if (tpm2)
> - ret = tpm_unseal_trusted(NULL, payload, options);
> + ret = tpm_unseal_trusted(chip, payload, options);
> else
> ret = key_unseal(payload, options);
> dump_payload(payload);
> @@ -1021,13 +1022,13 @@ static int trusted_instantiate(struct key *key,
> break;
> case Opt_new:
> key_len = payload->key_len;
> - ret = tpm_get_random(NULL, payload->key, key_len);
> + ret = tpm_get_random(chip, payload->key, key_len);
> if (ret != key_len) {
> pr_info("trusted_key: key_create failed (%d)\n", ret);
> goto out;
> }
> if (tpm2)
> - ret = tpm_seal_trusted(NULL, payload, options);
> + ret = tpm_seal_trusted(chip, payload, options);
> else
> ret = key_seal(payload, options);
> if (ret < 0)
> @@ -1225,17 +1226,26 @@ static int __init init_trusted(void)
> {
> int ret;
>
> + chip = tpm_default_chip();
> + if (!chip)
> + return -ENOENT;
> ret = trusted_shash_alloc();
> if (ret < 0)
> - return ret;
> + goto out_put;
> ret = register_key_type(&key_type_trusted);
> if (ret < 0)
> - trusted_shash_release();
> + goto out_release;
> + return 0;
> +out_release:
> + trusted_shash_release();
> +out_put:
> + put_device(&chip->dev);
> return ret;
> }
Since the labels are *only* used for exception fallbacks, I'd prefer
err_release and err_put.
Other than that, LGTM.
Unrelated side-note: I think the TPM subsystem starts to be soon in a
shape that TPM 2.0 trusted keys code could be eventually moved to
security/keys/trusted2.c, and TPM 1.2 trusted keys code could start to
use tpm_buf to build its commands.
/Jarkko
next prev parent reply other threads:[~2019-01-29 20:43 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-24 15:49 [PATCH v8 0/7] tpm: retrieve digest size of unknown algorithms from TPM Roberto Sassu
2019-01-24 15:49 ` Roberto Sassu
2019-01-24 15:49 ` [PATCH v8 1/7] tpm: dynamically allocate the allocated_banks array Roberto Sassu
2019-01-24 15:49 ` Roberto Sassu
2019-01-29 19:29 ` Jarkko Sakkinen
2019-01-29 19:29 ` Jarkko Sakkinen
2019-01-30 7:52 ` Roberto Sassu
2019-01-30 7:52 ` Roberto Sassu
2019-01-30 12:01 ` Jarkko Sakkinen
2019-01-30 12:01 ` Jarkko Sakkinen
2019-01-24 15:49 ` [PATCH v8 2/7] tpm: add _head suffix to tcg_efi_specid_event and tcg_pcr_event2 Roberto Sassu
2019-01-24 15:49 ` Roberto Sassu
2019-01-29 19:37 ` Jarkko Sakkinen
2019-01-29 19:37 ` Jarkko Sakkinen
2019-01-24 15:49 ` [PATCH v8 3/7] tpm: rename and export tpm2_digest and tpm2_algorithms Roberto Sassu
2019-01-24 15:49 ` Roberto Sassu
2019-01-24 15:49 ` [PATCH v8 4/7] tpm: retrieve digest size of unknown algorithms with PCR read Roberto Sassu
2019-01-24 15:49 ` Roberto Sassu
2019-01-29 20:14 ` Jarkko Sakkinen
2019-01-29 20:14 ` Jarkko Sakkinen
2019-01-24 15:49 ` [PATCH v8 5/7] tpm: move tpm_chip definition to include/linux/tpm.h Roberto Sassu
2019-01-24 15:49 ` Roberto Sassu
2019-01-29 20:34 ` Jarkko Sakkinen
2019-01-29 20:34 ` Jarkko Sakkinen
2019-01-31 7:54 ` Roberto Sassu
2019-01-31 7:54 ` Roberto Sassu
2019-01-31 16:05 ` Jarkko Sakkinen
2019-01-31 16:05 ` Jarkko Sakkinen
2019-01-24 15:49 ` [PATCH v8 6/7] KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip() Roberto Sassu
2019-01-24 15:49 ` Roberto Sassu
2019-01-29 20:43 ` Jarkko Sakkinen [this message]
2019-01-29 20:43 ` Jarkko Sakkinen
2019-01-24 15:49 ` [PATCH v8 7/7] tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend() Roberto Sassu
2019-01-24 15:49 ` Roberto Sassu
2019-01-29 21:02 ` Jarkko Sakkinen
2019-01-29 21:02 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190129204307.GE11615@linux.intel.com \
--to=jarkko.sakkinen@linux.intel.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=david.safford@ge.com \
--cc=dhowells@redhat.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=matthewgarrett@google.com \
--cc=monty.wiseman@ge.com \
--cc=roberto.sassu@huawei.com \
--cc=silviu.vlasceanu@huawei.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.