[PATCH 3/6] ima-evm-utils: When using the IBM TSS, link in its library

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH 3/6] ima-evm-utils: When using the IBM TSS, link in its library
@ 2020-10-05 22:28 Ken Goldman
  2020-10-06 15:07 ` Petr Vorel
  0 siblings, 1 reply; 5+ messages in thread
From: Ken Goldman @ 2020-10-05 22:28 UTC (permalink / raw)
  To: Linux Integrity

This is a prerequisite for the code change that uses the TSS rather
than the command line tools.

Signed-off-by: Ken Goldman <kgoldman@us.ibm.com>
---
  src/Makefile.am | 1 +
  1 file changed, 1 insertion(+)

diff --git a/src/Makefile.am b/src/Makefile.am
index d6c779f..bf18caf 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -26,6 +26,7 @@ if USE_PCRTSS
  evmctl_SOURCES += pcr_tss.c
  else
  evmctl_SOURCES += pcr_tsspcrread.c
+evmctl_LDADD += -libmtss
  endif

  AM_CPPFLAGS = -I$(top_srcdir) -include config.h
-- 
2.25.1


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH 3/6] ima-evm-utils: When using the IBM TSS, link in its library
  2020-10-05 22:28 [PATCH 3/6] ima-evm-utils: When using the IBM TSS, link in its library Ken Goldman
@ 2020-10-06 15:07 ` Petr Vorel
  2020-10-06 17:33   ` Ken Goldman
  2020-10-06 17:58   ` Ken Goldman
  0 siblings, 2 replies; 5+ messages in thread
From: Petr Vorel @ 2020-10-06 15:07 UTC (permalink / raw)
  To: Ken Goldman; +Cc: Linux Integrity

Hi Ken,

> This is a prerequisite for the code change that uses the TSS rather
> than the command line tools.

> Signed-off-by: Ken Goldman <kgoldman@us.ibm.com>
> ---
>  src/Makefile.am | 1 +
>  1 file changed, 1 insertion(+)

> diff --git a/src/Makefile.am b/src/Makefile.am
> index d6c779f..bf18caf 100644
> --- a/src/Makefile.am
> +++ b/src/Makefile.am
> @@ -26,6 +26,7 @@ if USE_PCRTSS
>  evmctl_SOURCES += pcr_tss.c
>  else
>  evmctl_SOURCES += pcr_tsspcrread.c
> +evmctl_LDADD += -libmtss
>  endif
But pcr_tsspcrread.c uses the binary (tsspcrread).

pcr_tss.c uses TSS, but that's already covered:
ldd src/.libs/evmctl |grep tss
	libtss2-rc.so.0 => /usr/lib64/libtss2-rc.so.0 (0x00007fb82514c000)
	libtss2-esys.so.0 => /usr/lib64/libtss2-esys.so.0 (0x00007fb824eba000)
	libtss2-sys.so.0 => /usr/lib64/libtss2-sys.so.0 (0x00007fb8244ba000)
	libtss2-mu.so.0 => /usr/lib64/libtss2-mu.so.0 (0x00007fb824276000)

Thus I thing this patch is invalid. Or do I miss something obvious?

And other thing: could you please rebase your patches for next-testing branch?
It's not applicable for master, next and next-testing.

Kind regards,
Petr

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 3/6] ima-evm-utils: When using the IBM TSS, link in its library
  2020-10-06 15:07 ` Petr Vorel
@ 2020-10-06 17:33   ` Ken Goldman
  2020-10-06 17:58   ` Ken Goldman
  1 sibling, 0 replies; 5+ messages in thread
From: Ken Goldman @ 2020-10-06 17:33 UTC (permalink / raw)
  To: Petr Vorel; +Cc: Linux Integrity

On 10/6/2020 11:07 AM, Petr Vorel wrote:
> Hi Ken,
> 
>> This is a prerequisite for the code change that uses the TSS rather
>> than the command line tools.
> 
>> Signed-off-by: Ken Goldman <kgoldman@us.ibm.com>
>> ---
>>   src/Makefile.am | 1 +
>>   1 file changed, 1 insertion(+)
> 
>> diff --git a/src/Makefile.am b/src/Makefile.am
>> index d6c779f..bf18caf 100644
>> --- a/src/Makefile.am
>> +++ b/src/Makefile.am
>> @@ -26,6 +26,7 @@ if USE_PCRTSS
>>   evmctl_SOURCES += pcr_tss.c
>>   else
>>   evmctl_SOURCES += pcr_tsspcrread.c
>> +evmctl_LDADD += -libmtss
>>   endif
> But pcr_tsspcrread.c uses the binary (tsspcrread).

The idea is to eliminate the calls to command line utilities, which
are not as stable as the TSS library.  Patch 4/6 does that.

I'm a git newbie.  I thought the idea was to do the patches as
small pieces.  Thus, this one does the autotools piece.  Then
the next one does the C code.  Should they be combined?

> 
> pcr_tss.c uses TSS, but that's already covered:
> ldd src/.libs/evmctl |grep tss
> 	libtss2-rc.so.0 => /usr/lib64/libtss2-rc.so.0 (0x00007fb82514c000)
> 	libtss2-esys.so.0 => /usr/lib64/libtss2-esys.so.0 (0x00007fb824eba000)
> 	libtss2-sys.so.0 => /usr/lib64/libtss2-sys.so.0 (0x00007fb8244ba000)
> 	libtss2-mu.so.0 => /usr/lib64/libtss2-mu.so.0 (0x00007fb824276000)
> 
> Thus I thing this patch is invalid. Or do I miss something obvious?

There are two TSSes.  This one's for the IBM TSS.  Your traces are
for the ESAPI API (aka Intel TSS).

> 
> And other thing: could you please rebase your patches for next-testing branch?
> It's not applicable for master, next and next-testing.
> 
> Kind regards,
> Petr
> 


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 3/6] ima-evm-utils: When using the IBM TSS, link in its library
  2020-10-06 15:07 ` Petr Vorel
  2020-10-06 17:33   ` Ken Goldman
@ 2020-10-06 17:58   ` Ken Goldman
  2020-10-07 12:25     ` Petr Vorel
  1 sibling, 1 reply; 5+ messages in thread
From: Ken Goldman @ 2020-10-06 17:58 UTC (permalink / raw)
  To: Petr Vorel; +Cc: Linux Integrity

On 10/6/2020 11:07 AM, Petr Vorel wrote:
> Hi Ken,
> 
>> This is a prerequisite for the code change that uses the TSS rather
>> than the command line tools.
> 
>> Signed-off-by: Ken Goldman <kgoldman@us.ibm.com>
>> ---
>>   src/Makefile.am | 1 +
>>   1 file changed, 1 insertion(+)
> 
>> diff --git a/src/Makefile.am b/src/Makefile.am
>> index d6c779f..bf18caf 100644
>> --- a/src/Makefile.am
>> +++ b/src/Makefile.am
>> @@ -26,6 +26,7 @@ if USE_PCRTSS
>>   evmctl_SOURCES += pcr_tss.c
>>   else
>>   evmctl_SOURCES += pcr_tsspcrread.c
>> +evmctl_LDADD += -libmtss
>>   endif
> But pcr_tsspcrread.c uses the binary (tsspcrread).

The idea is to eliminate the calls to command line utilities that
are not as stable as the TSS library.  Patch 4/6 does that.

I'm a git newbie.  I thought the idea was to do the patches as
small pieces.  Thus, this one does the autotools piece.  Then
the next one does the C code.  Should they be combined?

> 
> pcr_tss.c uses TSS, but that's already covered:
> ldd src/.libs/evmctl |grep tss
> 	libtss2-rc.so.0 => /usr/lib64/libtss2-rc.so.0 (0x00007fb82514c000)
> 	libtss2-esys.so.0 => /usr/lib64/libtss2-esys.so.0 (0x00007fb824eba000)
> 	libtss2-sys.so.0 => /usr/lib64/libtss2-sys.so.0 (0x00007fb8244ba000)
> 	libtss2-mu.so.0 => /usr/lib64/libtss2-mu.so.0 (0x00007fb824276000)
> 
> Thus I thing this patch is invalid. Or do I miss something obvious?

There are two TSSes.  This one's for the IBM TSS.  Your traces are
for the ESAPI (aka

> 
> And other thing: could you please rebase your patches for next-testing branch?
> It's not applicable for master, next and next-testing.
> 
> Kind regards,
> Petr
> 


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH 3/6] ima-evm-utils: When using the IBM TSS, link in its library
  2020-10-06 17:58   ` Ken Goldman
@ 2020-10-07 12:25     ` Petr Vorel
  0 siblings, 0 replies; 5+ messages in thread
From: Petr Vorel @ 2020-10-07 12:25 UTC (permalink / raw)
  To: Ken Goldman; +Cc: Linux Integrity

Hi Ken,

...
> > > diff --git a/src/Makefile.am b/src/Makefile.am
> > > index d6c779f..bf18caf 100644
> > > --- a/src/Makefile.am
> > > +++ b/src/Makefile.am
> > > @@ -26,6 +26,7 @@ if USE_PCRTSS
> > >   evmctl_SOURCES += pcr_tss.c
> > >   else
> > >   evmctl_SOURCES += pcr_tsspcrread.c
> > > +evmctl_LDADD += -libmtss
> > >   endif
> > But pcr_tsspcrread.c uses the binary (tsspcrread).

> The idea is to eliminate the calls to command line utilities that
> are not as stable as the TSS library.  Patch 4/6 does that.
I'm sorry, I overlooked that.

> I'm a git newbie.  I thought the idea was to do the patches as
> small pieces.  Thus, this one does the autotools piece.  Then
> the next one does the C code.  Should they be combined?
I'd personally put it into the 4/6 patch (code change is small and it's related
to the code change).

> > pcr_tss.c uses TSS, but that's already covered:
> > ldd src/.libs/evmctl |grep tss
> > 	libtss2-rc.so.0 => /usr/lib64/libtss2-rc.so.0 (0x00007fb82514c000)
> > 	libtss2-esys.so.0 => /usr/lib64/libtss2-esys.so.0 (0x00007fb824eba000)
> > 	libtss2-sys.so.0 => /usr/lib64/libtss2-sys.so.0 (0x00007fb8244ba000)
> > 	libtss2-mu.so.0 => /usr/lib64/libtss2-mu.so.0 (0x00007fb824276000)

> > Thus I thing this patch is invalid. Or do I miss something obvious?

> There are two TSSes.  This one's for the IBM TSS.  Your traces are
> for the ESAPI (aka
Thanks for explanation.

Kind regards,
Petr

^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2020-10-07 12:25 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-05 22:28 [PATCH 3/6] ima-evm-utils: When using the IBM TSS, link in its library Ken Goldman
2020-10-06 15:07 ` Petr Vorel
2020-10-06 17:33   ` Ken Goldman
2020-10-06 17:58   ` Ken Goldman
2020-10-07 12:25     ` Petr Vorel

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.