Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1943105imm;
        Thu, 19 Jul 2018 10:20:02 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpeK6jVpy/XYQsCka8cGiOr2EwyeBx8UqgF0ZUU3u3VHgIrjNfU1TtCt8vmYjkkr0R/+k538
X-Received: by 2002:a65:5c83:: with SMTP id a3-v6mr10903248pgt.164.1532020802391;
        Thu, 19 Jul 2018 10:20:02 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1532020802; cv=none;
        d=google.com; s=arc-20160816;
        b=eUZuHnn2Tb22QMDg0D6xCe2R/+eKOja7CXnknEYpLCFg7gKrMQQYFzX96T/x6MWZhb
         K1ZrkyrzGd/67XF1cjuvJybph96lV7OgKKYCv+/8209EtUjr4aaDNzTiKx6pxPO7JKwS
         k2V2E07KhC7NlV6ZSuGPL+cvwSypbtS2KL2HBHbqZtQbJWNCjEmpSe0M5x4XfQAJkJLk
         tfYhG45ensKzwjCSEkjJGeTTsIVKYlauz6eY5D7LF6qlDz1pidJbEGtOX+2PifQBU3hE
         b2V8aJ63fG7xwFT0mhUd7vqn3F3Mw5dKAcGV2pLpYRBOJMpnQunvzzk6hugH6COzmpLy
         nBow==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:date:cc:to:from:subject:message-id
         :dkim-signature:arc-authentication-results;
        bh=po7ibF94F49K5N5sxP+WW8hSa3uQ6rNgxFPnX+X4xB4=;
        b=NhTxDTk3VCOVIH6g5KIpoimAzWCxl0mxwmbOC76XoulxqGQfjeASPEWPRMKtUZePbh
         60jPcZi0n2aSU7iutJVEyZeNNbHEbJctlMBsNXWBqvxUqLL08eNn4lLDsrnimhVSaea0
         axJjFictf8NVzcs2L5FBSKgg3tmvYC7/nO2mm4Jd9iQYn6Z+U2QVZsvKORjAi/FTY7HP
         UEYqdLWglS1YiL1HsAlVbkh8HDdKo/m4HRnlQHzjtbVYQTNgU9DC7zb9QJWLBKO+wVv5
         eOVVdHTHW6oe+D3N2RofbgLn4JjJYE1nU9rlalxHJCNo8rwfHJoefUs5LnPJ+LiHuqvS
         B/LQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@hansenpartnership.com header.s=20151216 header.b=S7LMtSWL;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=hansenpartnership.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id m23-v6si6570456pgb.420.2018.07.19.10.19.47;
        Thu, 19 Jul 2018 10:20:02 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@hansenpartnership.com header.s=20151216 header.b=S7LMtSWL;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=hansenpartnership.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1732106AbeGSSDT (ORCPT <rfc822;michael.k.kehoe@gmail.com>
        + 99 others); Thu, 19 Jul 2018 14:03:19 -0400
Received: from bedivere.hansenpartnership.com ([66.63.167.143]:41846 "EHLO
        bedivere.hansenpartnership.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1731839AbeGSSDT (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 19 Jul 2018 14:03:19 -0400
Received: from localhost (localhost [127.0.0.1])
        by bedivere.hansenpartnership.com (Postfix) with ESMTP id 61F458EE1DD;
        Thu, 19 Jul 2018 10:19:12 -0700 (PDT)
Received: from bedivere.hansenpartnership.com ([127.0.0.1])
        by localhost (bedivere.hansenpartnership.com [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id kqhrVG2BgVMk; Thu, 19 Jul 2018 10:19:12 -0700 (PDT)
Received: from [153.66.254.194] (unknown [50.35.68.20])
        (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
        (No client certificate requested)
        by bedivere.hansenpartnership.com (Postfix) with ESMTPSA id C64E08EE150;
        Thu, 19 Jul 2018 10:19:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=hansenpartnership.com;
        s=20151216; t=1532020752;
        bh=bJ52egUzu+gZLUu0nDfZyv2Is2cpr+GC1YHou2APOEo=;
        h=Subject:From:To:Cc:Date:In-Reply-To:References:From;
        b=S7LMtSWL+RBTqv6lBm6oyyKgHc+Worm7SZHGm6UrP2L6rJBmasOoaXPxFVousB94t
         v3W4lN8SBDrcCfXlxF9BVtwA6mSYQJV13f6NLTKXvaZ/tSx/qqDkizs2siP9rW3JUY
         jmOSzPLVLpWnoRgCivkRdpGrbmiZeMrjWwQwWqtY=
Message-ID: <1532020750.5396.4.camel@HansenPartnership.com>
Subject: Re: [PATCH] tpm: add support for partial reads
From:   James Bottomley <James.Bottomley@HansenPartnership.com>
To:     Tadeusz Struk <tadeusz.struk@intel.com>,
        jarkko.sakkinen@linux.intel.com
Cc:     jgg@ziepe.ca, linux-integrity@vger.kernel.org,
        linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org
Date:   Thu, 19 Jul 2018 10:19:10 -0700
In-Reply-To: <153201555276.20155.1352499992826895966.stgit@tstruk-mobl1.jf.intel.com>
References: <153201555276.20155.1352499992826895966.stgit@tstruk-mobl1.jf.intel.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.22.6 
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, 2018-07-19 at 08:52 -0700, Tadeusz Struk wrote:
> Currently to read a response from the TPM device an application needs
> provide "big enough" buffer for the whole response and read it in one
> go.  The application doesn't know how big the response it beforehand
> so it always needs to maintain a 4K buffer and read the max (4K).
> In case if the user of the TSS library doesn't provide big enough
> buffer the TCTI spec says that the library should set the required
> size and return TSS2_TCTI_RC_INSUFFICIENT_BUFFER error code so that
> the application could allocate a bigger buffer and call receive
> again. To make it possible in the TSS library this requires being
> able to do partial reads from the driver.
> The library would read the header first to get the actual size of the
> response from the header and then read the rest of the response.
> This patch adds support for partial reads.
> 
> The usecase is implemented in this TSS commit:
> https://github.com/tpm2-software/tpm2-tss/commit/ce982f67a67dc08e2468
> 3d30b05800648d8a264c

That's just an implementation, though, what's the use case?

I'm curious because all the TPM applications I've written need to be
aware of TPM2B_MAX_BUFFER_SIZE, which is related to MAX_RESPONSE_SIZE
because you can't go over that for big buffer commands (mostly sealing
and unsealing).

The TCG supporting routines define MAX_RESPONSE_SIZE to be 4096, so you
know absolutely how large a buffer you have to have ... and the value
is rather handy for us because if it were larger we'd have to do
scatter gather.

I think the point is that knowing the max buffer size allows us to
behave like UDP: if your packet is the wrong size it gets dropped and
relieves the applications from having to do fragmentation and
reassembly.  Since the max size is so low, what's the benefit of not
assuming the application has to know it?

James