From: Greg KH <gregkh@linuxfoundation.org>
To: Jonathan McDowell <noodles@fb.com>
Cc: Dmitrii Okunev <xaionaro@fb.com>,
Hans de Goede <hdegoede@redhat.com>,
Mark Gross <markgross@kernel.org>,
Qiaowei Ren <qiaowei.ren@intel.com>,
Matthew Garrett <mjg59@srcf.ucam.org>,
Xiaoyan Zhang <xiaoyan.zhang@intel.com>,
Pavel Machek <pavel@denx.de>, "x86@kernel.org" <x86@kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"platform-driver-x86@vger.kernel.org"
<platform-driver-x86@vger.kernel.org>
Subject: Re: [RFC PATCH] platform/x86: Add sysfs interface for Intel TXT status
Date: Wed, 9 Mar 2022 12:29:27 +0100 [thread overview]
Message-ID: <YiiPl/zThbkKToar@kroah.com> (raw)
In-Reply-To: <YiiIRLZGq5c5uBjX@noodles-fedora-PC23Y6EG.dhcp.thefacebook.com>
On Wed, Mar 09, 2022 at 10:58:17AM +0000, Jonathan McDowell wrote:
> On Wed, Mar 09, 2022 at 11:48:23AM +0100, Greg KH wrote:
> > On Wed, Mar 09, 2022 at 10:40:03AM +0000, Jonathan McDowell wrote:
> > > (This is an RFC to see if the approach is generally acceptable; unlike
> > > the previous driver this exposes the information purely as read-only
> > > status information, so userspace can make an informed decision about the
> > > system state without having to poke about in /dev/mem. There are still a
> > > few extra registers I'm trying to dig up information for before a proper
> > > submission.)
> > >
> > > This module provides read-only access to the Intel TXT (Trusted
> > > Execution Technology) status registers, allowing userspace to determine
> > > the status of measured boot and whether the dynamic root of trust for
> > > measurement (DRTM) has been fully enabled.
> > >
> > > Tools such as txt-stat from tboot
> > > <https://sourceforge.net/projects/tboot/ > can make use of this driver to
> > > display state rather than relying on access to /dev/mem.
> > >
> > > See Documentation/x86/intel_txt.rst for more information about Intel
> > > TXT.
> > >
> > > Signed-off-by: Jonathan McDowell <noodles@fb.com>
> > > ---
> > > arch/x86/include/asm/txt.h | 34 +++++
> > > drivers/platform/x86/intel/Kconfig | 14 ++
> > > drivers/platform/x86/intel/Makefile | 2 +
> > > drivers/platform/x86/intel/txt_sysfs.c | 185 +++++++++++++++++++++++++
> >
> > No Documentation/ABI/ entry for your new sysfs entry? How can we
> > evaluate if this is a good api then?
>
> As a read-only export of configuration registers is a full set of info
> in Documentation/ABI/ required? I didn't get a feel for how required
> that was from the existing files there.
For all sysfs entries, yes, it is required. Run the scripts/get_abi.pl
tool as proof :)
> > Wait, I don't see any sysfs code in here, are you sure you sent a viable
> > patch?
>
> The export to sysfs is via securityfs, as that seemed to be the
> appropriate route (it fits into a similar area as
> /sys/kernel/security/integrity/ima/ or /sys/kernel/security/tpm0/,
> providing userspace with some visibility of what the kernel thinks the
> state is).
Then this is securityfs, NOT sysfs. securityfs just happens to be
mounted at that location. You could mount it anywhere else as well.
Please fix up the terminology here, it is very confusing and has nothing
to do with sysfs at all.
thanks,
greg k-h
next prev parent reply other threads:[~2022-03-09 11:29 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-13 17:24 [PATCH v2 0/3] Intel TXT driver Qiaowei Ren
2013-05-13 17:24 ` [PATCH v2 1/3] driver: add TXT driver in kernel Qiaowei Ren
2013-05-13 17:31 ` Matthew Garrett
2013-05-13 17:31 ` Matthew Garrett
2013-05-14 1:49 ` Ren, Qiaowei
2013-05-14 1:49 ` Ren, Qiaowei
2013-05-13 17:24 ` [PATCH v2 2/3] driver: provide sysfs interfaces to access TXT config space Qiaowei Ren
2013-05-13 17:35 ` Matthew Garrett
2013-05-13 17:35 ` Matthew Garrett
2013-05-14 1:46 ` Ren, Qiaowei
2013-05-14 1:46 ` Ren, Qiaowei
2013-05-16 16:03 ` Pavel Machek
2013-05-17 8:50 ` Ren, Qiaowei
2013-05-17 8:50 ` Ren, Qiaowei
2013-05-17 18:07 ` Pavel Machek
2013-05-17 18:07 ` Pavel Machek
2022-02-17 11:47 ` [discuss] Improve and merge a driver proposed in 2013: " Dmitrii Okunev
2022-02-17 12:34 ` greg
2022-02-17 12:37 ` Pavel Machek
2022-02-18 18:05 ` Jonathan McDowell
2022-02-22 9:31 ` Pavel Machek
2022-03-09 10:40 ` [RFC PATCH] platform/x86: Add sysfs interface for Intel TXT status Jonathan McDowell
2022-03-09 10:48 ` Greg KH
2022-03-09 10:58 ` Jonathan McDowell
2022-03-09 11:29 ` Greg KH [this message]
2022-03-09 10:53 ` Matthew Garrett
2022-03-09 17:55 ` Jonathan McDowell
2022-04-12 14:23 ` [RFC PATCH v2] platform/x86: Add securityfs interface for " Jonathan McDowell
2013-05-13 17:24 ` [PATCH v2 3/3] driver: provide sysfs interfaces to access SMX parameter Qiaowei Ren
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YiiPl/zThbkKToar@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=hdegoede@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=markgross@kernel.org \
--cc=mjg59@srcf.ucam.org \
--cc=noodles@fb.com \
--cc=pavel@denx.de \
--cc=platform-driver-x86@vger.kernel.org \
--cc=qiaowei.ren@intel.com \
--cc=x86@kernel.org \
--cc=xaionaro@fb.com \
--cc=xiaoyan.zhang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.