From mboxrd@z Thu Jan 1 00:00:00 1970 From: "Stefan Berger" Subject: Re: [PATCH RFC 4/4] tpm: add the infrastructure for TPM space for TPM 2.0 Date: Wed, 4 Jan 2017 12:50:21 -0500 Message-ID: References: <20170102132213.22880-1-jarkko.sakkinen@linux.intel.com> <20170102132213.22880-5-jarkko.sakkinen@linux.intel.com> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="===============3484087515824621499==" Return-path: In-Reply-To: <20170102132213.22880-5-jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tpmdd-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org To: Jarkko Sakkinen Cc: linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org, open list List-Id: tpmdd-devel@lists.sourceforge.net --===============3484087515824621499== Content-Type: multipart/alternative; boundary="=_alternative 0061FFDA8525809E_=" --=_alternative 0061FFDA8525809E_= Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="US-ASCII" Jarkko Sakkinen wrote on 01/02/2017=20 08:22:10 AM: >=20 > Added a ioctl for creating a TPM space. The space is isolated from the > other users of the TPM. Only a process holding the file with the handle > can access the objects and only objects that are created through that > file handle can be accessed. >=20 > Signed-off-by: Jarkko Sakkinen > --- > diff --git a/drivers/char/tpm/tpm-dev.c b/drivers/char/tpm/tpm-dev.c > index 912ad30..139638b 100644 > --- a/drivers/char/tpm/tpm-dev.c > +++ b/drivers/char/tpm/tpm-dev.c > @@ -19,6 +19,7 @@ > */ > #include > #include > +#include > #include "tpm.h" >=20 > struct file=5Fpriv { > @@ -32,6 +33,8 @@ struct file=5Fpriv { > struct work=5Fstruct work; >=20 > u8 data=5Fbuffer[TPM=5FBUFSIZE]; > + struct tpm=5Fspace space; > + bool has=5Fspace; > }; >=20 > static void user=5Freader=5Ftimeout(unsigned long ptr) > @@ -115,6 +118,7 @@ static ssize=5Ft tpm=5Fwrite(struct file *file,=20 > const char =5F=5Fuser *buf, > size=5Ft size, loff=5Ft *off) > { > struct file=5Fpriv *priv =3D file->private=5Fdata; > + struct tpm=5Fspace *space =3D NULL; > size=5Ft in=5Fsize =3D size; > ssize=5Ft out=5Fsize; >=20 > @@ -130,6 +134,9 @@ static ssize=5Ft tpm=5Fwrite(struct file *file,=20 > const char =5F=5Fuser *buf, >=20 > mutex=5Flock(&priv->buffer=5Fmutex); >=20 > + if (priv->has=5Fspace) > + space =3D &priv->space; > + > if (copy=5Ffrom=5Fuser > (priv->data=5Fbuffer, (void =5F=5Fuser *) buf, in=5Fsize)) { > mutex=5Funlock(&priv->buffer=5Fmutex); > @@ -144,7 +151,7 @@ static ssize=5Ft tpm=5Fwrite(struct file *file,=20 > const char =5F=5Fuser *buf, > mutex=5Funlock(&priv->buffer=5Fmutex); > return -EPIPE; > } > - out=5Fsize =3D tpm=5Ftransmit(priv->chip, priv->data=5Fbuffer, > + out=5Fsize =3D tpm=5Ftransmit(priv->chip, space, priv->data=5Fbuffer, > sizeof(priv->data=5Fbuffer), 0); >=20 > tpm=5Fput=5Fops(priv->chip); > @@ -162,6 +169,65 @@ static ssize=5Ft tpm=5Fwrite(struct file *file,=20 > const char =5F=5Fuser *buf, > return in=5Fsize; > } >=20 > +/** > + * tpm=5Fioc=5Fnew=5Fspace - handler for %SGX=5FIOC=5FNEW=5FSPACE ioctl > + * > + * Creates a new TPM space that can hold a set of transient=20 > objects. The space > + * is isolated with virtual handles that are mapped into physical=20 > handles by the > + * driver. > + */ > +static long tpm=5Fioc=5Fnew=5Fspace(struct file *file, unsigned int ioct= l, > + unsigned long arg) > +{ > + struct file=5Fpriv *priv =3D file->private=5Fdata; > + struct tpm=5Fchip *chip =3D priv->chip; > + int rc =3D 0; > + > + if (!(chip->flags & TPM=5FCHIP=5FFLAG=5FTPM2)) > + return -EOPNOTSUPP; > + > + mutex=5Flock(&priv->buffer=5Fmutex); > + > + if (priv->has=5Fspace) { > + rc =3D -EBUSY; > + goto out; > + } > + > + priv->space.context=5Fbuf =3D kzalloc(PAGE=5FSIZE, GFP=5FKERNEL); > + if (!priv->space.context=5Fbuf) { > + rc =3D -ENOMEM; > + goto out; > + } > + > + /* The TPM device can be opened again as this file has been moved to = a > + * TPM handle space. > + */ > + priv->has=5Fspace =3D true; > + clear=5Fbit(0, &chip->is=5Fopen); > +out: > + mutex=5Funlock(&priv->buffer=5Fmutex); > + return rc; > +} > + > +static long tpm=5Fioctl(struct file *file, unsigned int ioctl, > + unsigned long arg) > +{ > + switch (ioctl) { > + case TPM=5FIOC=5FNEW=5FSPACE: > + return tpm=5Fioc=5Fnew=5Fspace(file, ioctl, arg); > + default: > + return -ENOIOCTLCMD; > + } > +} > + > +#ifdef CONFIG=5FCOMPAT > +static long tpm=5Fcompat=5Fioctl(struct file *file, unsigned int ioctl, > + unsigned long arg) > +{ > + return tpm=5Fioctl(file, ioctl, arg); > +} > +#endif > + > /* > * Called on file close > */ > @@ -169,6 +235,14 @@ static int tpm=5Frelease(struct inode *inode,=20 > struct file *file) > { > struct file=5Fpriv *priv =3D file->private=5Fdata; >=20 > + if (tpm=5Ftry=5Fget=5Fops(priv->chip)) { > + mutex=5Funlock(&priv->buffer=5Fmutex); > + return -EPIPE; > + } That mutex=5Funlock looks wrong. Stefan --=_alternative 0061FFDA8525809E_= Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset="US-ASCII" Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org> wrote on 01/02/2017 08:22:10 AM:

>
> Added a ioctl for cre= ating a TPM space. The space is isolated from the
> other users of the TPM. Only a process holding the file with th= e handle
> can access the objects and only objects that are created t= hrough that
> file handle can be accessed.
>
> Signed-of= f-by: Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
> ---
> diff --git a/drivers/char/tpm/tpm-dev.c b/drivers/char/tpm/tpm-d= ev.c
> index 912ad30..139638b 100644
> --- a/drivers/char/tpm/t= pm-dev.c
> +++ b/drivers/char/tpm/tpm-dev.c
> @@ -19,6 +19,7 @@=
>   */
>  #include <linux/slab.h>
> &nbs= p;#include <linux/uaccess.h>
> +#include <uapi/linux/tpm.h&g= t;
>  #include "tpm.h"
>  
>  st= ruct file=5Fpriv {
> @@ -32,6 +33,8 @@ struct file=5Fpriv {
> &= nbsp;   struct work=5Fstruct work;
>  
>    = ; u8 data=5Fbuffer[TPM=5FBUFSIZE];
> +   struct tpm=5Fspace spac= e;
> +   bool has=5Fspace;
>  };
>  
&g= t;  static void user=5Freader=5Ftimeout(unsigned long ptr)
> @@ = -115,6 +118,7 @@ static ssize=5Ft tpm=5Fwrite(struct file *file,
> c= onst char =5F=5Fuser *buf,
>            = ;size=5Ft size, loff=5Ft *off)
>  {
>     struct= file=5Fpriv *priv =3D file->private=5Fdata;
> +   struct tpm= =5Fspace *space =3D NULL;
>     size=5Ft in=5Fsize =3D size= ;
>     ssize=5Ft out=5Fsize;
>  
> @@ -13= 0,6 +134,9 @@ static ssize=5Ft tpm=5Fwrite(struct file *file,
> cons= t char =5F=5Fuser *buf,
>  
>     mutex=5Flock(&= amp;priv->buffer=5Fmutex);
>  
> +   if (priv->= has=5Fspace)
> +      space =3D &priv->space;> +
>     if (copy=5Ffrom=5Fuser
>    =     (priv->data=5Fbuffer, (void =5F=5Fuser *) buf, in=5Fsize)) {
>        mutex=5Funlock(&p= riv->buffer=5Fmutex);
> @@ -144,7 +151,7 @@ static ssize=5Ft tpm= =5Fwrite(struct file *file,
> const char =5F=5Fuser *buf,
> &n= bsp;      mutex=5Funlock(&priv->buffer=5Fmutex);
&= gt;        return -EPIPE;
>     }
&g= t; -   out=5Fsize =3D tpm=5Ftransmit(priv->chip, priv->data=5Fbu= ffer,
> +   out=5Fsize =3D tpm=5Ftransmit(priv->chip, space, = priv->data=5Fbuffer,
>             &= nbsp;sizeof(priv->data=5Fbuffer), 0);
>  
>     tpm=5Fput=5Fops(priv->chip);> @@ -162,6 +169,65 @@ static ssize=5Ft tpm=5Fwrite(struct file *file, =
> const char =5F=5Fuser *buf,
>     return in=5Fsize= ;
>  }
>  
> +/**
> + * tpm=5Fioc=5Fnew= =5Fspace - handler for %SGX=5FIOC=5FNEW=5FSPACE ioctl
> + *
> += * Creates a new TPM space that can hold a set of transient
> object= s. The space
> + * is isolated with virtual handles that are mapped i= nto physical
> handles by the
> + * driver.
> + */
> +static lo= ng tpm=5Fioc=5Fnew=5Fspace(struct file *file, unsigned int ioctl,
> +=               unsigned long arg)
>= ; +{
> +   struct file=5Fpriv *priv =3D file->private=5Fdata;=
> +   struct tpm=5Fchip *chip =3D priv->chip;
> + &nbs= p; int rc =3D 0;
> +
> +   if (!(chip->flags & TPM= =5FCHIP=5FFLAG=5FTPM2))
> +      return -EOPNOTSUPP;> +
> +   mutex=5Flock(&priv->buffer=5Fmutex);
&g= t; +
> +   if (priv->has=5Fspace) {
> +     &= nbsp;rc =3D -EBUSY;
> +      goto out;
> +  = ; }
> +
> +   priv->space.context=5Fbuf =3D kzalloc(PAG= E=5FSIZE, GFP=5FKERNEL);
> +   if (!priv->space.context=5Fbuf= ) {
> +      rc =3D -ENOMEM;
> +     &= nbsp;goto out;
> +   }
> +
> +   /* The TPM dev= ice can be opened again as this file has been moved to a
> +    * TPM handle space.
> +   &nbs= p;*/
> +   priv->has=5Fspace =3D true;
> +   clear= =5Fbit(0, &chip->is=5Fopen);
> +out:
> +   mutex=5F= unlock(&priv->buffer=5Fmutex);
> +   return rc;
> += }
> +
> +static long tpm=5Fioctl(struct file *file, unsigned in= t ioctl,
> +            unsigned long a= rg)
> +{
> +   switch (ioctl) {
> +   case TPM= =5FIOC=5FNEW=5FSPACE:
> +      return tpm=5Fioc=5Fnew= =5Fspace(file, ioctl, arg);
> +   default:
> +   &nbs= p;  return -ENOIOCTLCMD;
> +   }
> +}
> +
&g= t; +#ifdef CONFIG=5FCOMPAT
> +static long tpm=5Fcompat=5Fioctl(struct= file *file, unsigned int ioctl,
> +         &nbs= p;    unsigned long arg)
> +{
> +   return tpm= =5Fioctl(file, ioctl, arg);
> +}
> +#endif
> +
> &n= bsp;/*
>   * Called on file close
>   */
> @@ -= 169,6 +235,14 @@ static int tpm=5Frelease(struct inode *inode,
> str= uct file *file)
>  {
>     struct file=5Fpriv *p= riv =3D file->private=5Fdata;
>  
> +   if (tpm=5F= try=5Fget=5Fops(priv->chip)) {
> +      mutex=5Funl= ock(&priv->buffer=5Fmutex);
> +      return -EP= IPE;
> +   }


That mute= x=5Funlock looks wrong.

   = Stefan
--=_alternative 0061FFDA8525809E_=-- --===============3484087515824621499== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot --===============3484087515824621499== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ tpmdd-devel mailing list tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org https://lists.sourceforge.net/lists/listinfo/tpmdd-devel --===============3484087515824621499==--