Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1758499AbbFCMdy (ORCPT ); Wed, 3 Jun 2015 08:33:54 -0400 Received: from mga03.intel.com ([134.134.136.65]:31173 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756951AbbFCMXg (ORCPT ); Wed, 3 Jun 2015 08:23:36 -0400 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.13,547,1427785200"; d="scan'208";a="736295839" Date: Wed, 3 Jun 2015 15:23:31 +0300 From: Jarkko Sakkinen To: Jason Gunthorpe Cc: peterhuewe@gmx.de, safford@us.ibm.com, Marcel Selhorst , "moderated list:TPM DEVICE DRIVER" , open list , richard.l.maliszewski@intel.com Subject: Re: [PATCH] tpm: introduce struct tpm_buf Message-ID: <20150603122331.GA3542@jsakkine-mobl1> References: <1433250262-17200-1-git-send-email-jarkko.sakkinen@linux.intel.com> <20150602181315.GE17776@obsidianresearch.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20150602181315.GE17776@obsidianresearch.com> Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo User-Agent: Mutt/1.5.23 (2014-03-12) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2689 Lines: 81 On Tue, Jun 02, 2015 at 12:13:15PM -0600, Jason Gunthorpe wrote: > On Tue, Jun 02, 2015 at 04:04:22PM +0300, Jarkko Sakkinen wrote: > > +/* A string buffer type for constructing TPM commands. This is based on the > > + * code in security/keys/trusted.h. > > + */ > > + > > +#define TPM_BUF_SIZE 512 > > + > > +struct tpm_buf { > > + u8 data[TPM_BUF_SIZE]; > This should be u32 or u64 to guarentee correct alignment for the > casting. Good catch. The functions where this might cause trouble are *_length() and *_tag(). In other places misalignment should not cause any regressions since data is not directly assigned to the buffer with pointer casting. I would prefer to fix by changing *_length() and *_tag() to copy the value to a local variable and return that. It's a fail safe way and here the performance is not an issue. > > +}; > > + > > +static inline void tpm_buf_init(struct tpm_buf *buf, u16 tag, u32 ordinal) > > +{ > > + struct tpm_input_header *head; > > + > > + head = (struct tpm_input_header *) buf->data; > > + > > + head->tag = cpu_to_be16(tag); > > + head->length = cpu_to_be32(sizeof(*head)); > > + head->ordinal = cpu_to_be32(ordinal); > > +} > > + > > +static inline u32 tpm_buf_length(struct tpm_buf *buf) > > +{ > > + struct tpm_input_header *head = (struct tpm_input_header *) buf->data; > > + > > + return be32_to_cpu(head->length); > > +} > > + > > +static inline u16 tpm_buf_tag(struct tpm_buf *buf) > > +{ > > + return be16_to_cpu(*(__be16 *) &buf->data[0]); > > be16_to_cpup ? Thanks, I'll change this. > Any thought on someday using this for tpm1 as well? Yes, I think this could form the baseline so that the sealing code that currently resides is security/keys/trusted.c could be eventually moved to drivers/char/tpm. I will be contributing API to include/linux/tpm.h that can be then called by trusted keys. I will also contribute the implementation for TPM 2.0 sealing but it is up to those who implemented TPM 1.x sealing code to do the migration. I put all the enablers in place so that doing that transition should be relatively painless. I have PoC for TPM 2.0 trusted keys written in Python available here: https://github.com/jsakkine/tpm2-scripts/blob/master/tpm2.py (In kernel version the default hash algorithm should be probably SHA-256 as SHA-1 is not considered secure by NIST anymore) Doing also all the TPM 1.x migration on top of this would make oversubscribed. > Jason /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/