Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp5265642imu; Tue, 13 Nov 2018 04:00:51 -0800 (PST) X-Google-Smtp-Source: AJdET5e7CNihRa2rJGX3bBfKcSO+xNbSmZB194z4z1tO3fA0ozXkz5wRJc7y4YgcmWTxuARyz3KA X-Received: by 2002:a63:441e:: with SMTP id r30mr4553031pga.128.1542110450964; Tue, 13 Nov 2018 04:00:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542110450; cv=none; d=google.com; s=arc-20160816; b=m4QH4VplwV2WdDLLJpzkrmnyUvu9NOZ841c3wliyZHwofdQgHr+YVLP5sERbeljzcQ CAmOeSR+MbSycMuKgIATiYEdg+HHstwAmhMXjX64bGndNLfkziGaZd8A1gdjOEZ61txm G0G+D98EPgnQsSiP26m1ljxyfEztR1bews9ADufuCs0kBD7MjHkGcVyYXTi7Em7DEMwW rAhFp8og3JH9KmP6dAMBzByqJR3gAJCovBZqctunkstnmdDw7fkPQyX0Dn2eSAIRjVso tIeyqnu0uh94WLGDR6iDqd1YwJkqyVo2/NPcD1Z2uFlqgOj4ZUgpbSyb2l+JYXwfOY65 NKZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:content-transfer-encoding :dlp-reaction:dlp-version:dlp-product:content-language :accept-language:in-reply-to:references:message-id:date:thread-index :thread-topic:subject:cc:to:from; bh=Hmsy8wKke632x1BuLUxap1fOmJdK3gYHjhJoKk0pNpQ=; b=frYv1XJUnlaZyYozQH64tQujY3lq8UiTTz4CCAOI/Q3LjB83JXXVRPlm1/qO08B+Uy q+XaMsi1uM4eU+VTPRy6ZAp4CsC0nPCFIA7TsBhlLDlSIEOI3J+gANabZjISmQEzuU57 54lqbZb6JUENdGUA5Pgm3j0nh/ym9fXg4Po5xy9XHsdVh5zoTBAi+Vj5z4B2kczDadGi ZM/IhAv0ijgfH/0jiLPP5RKxgV9J4bIeg37vdBETIS/c4u+/uiylJLtqFNoYzI5Zd0xb f2Vz7csT+HJN9z1YE0sR2agJqjth3yJXJM7IUsqYs7cq26sM0cFFMg4+KBn/azfPr/+j dFZg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b59-v6si24329224plb.206.2018.11.13.04.00.34; Tue, 13 Nov 2018 04:00:50 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732565AbeKMV4w convert rfc822-to-8bit (ORCPT + 99 others); Tue, 13 Nov 2018 16:56:52 -0500 Received: from mga11.intel.com ([192.55.52.93]:18115 "EHLO mga11.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726934AbeKMV4v (ORCPT ); Tue, 13 Nov 2018 16:56:51 -0500 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Nov 2018 03:59:03 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.54,499,1534834800"; d="scan'208";a="85461526" Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206]) by fmsmga007.fm.intel.com with ESMTP; 13 Nov 2018 03:59:03 -0800 Received: from fmsmsx101.amr.corp.intel.com (10.18.124.199) by FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 13 Nov 2018 03:59:03 -0800 Received: from lcsmsx155.ger.corp.intel.com (10.186.165.233) by fmsmsx101.amr.corp.intel.com (10.18.124.199) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 13 Nov 2018 03:59:02 -0800 Received: from hasmsx108.ger.corp.intel.com ([169.254.9.165]) by LCSMSX155.ger.corp.intel.com ([169.254.12.124]) with mapi id 14.03.0415.000; Tue, 13 Nov 2018 13:58:58 +0200 From: "Winkler, Tomas" To: Jarkko Sakkinen CC: "linux-integrity@vger.kernel.org" , "linux-security-module@vger.kernel.org" , James Bottomley , "Struk, Tadeusz" , Stefan Berger , "Nayna Jain" , Peter Huewe , "Jason Gunthorpe" , Arnd Bergmann , Greg Kroah-Hartman , open list Subject: RE: [PATCH v5 16/17] tpm: take TPM chip power gating out of tpm_transmit() Thread-Topic: [PATCH v5 16/17] tpm: take TPM chip power gating out of tpm_transmit() Thread-Index: AQHUd238CNv13jYvhU+0nbO7Ml7SjKVGNDswgAAq4wCAAZjFgIAFeyMAgAAuTKA= Date: Tue, 13 Nov 2018 11:58:58 +0000 Message-ID: <5B8DA87D05A7694D9FA63FD143655C1B9DA1CC0A@hasmsx108.ger.corp.intel.com> References: <20181108141541.12832-1-jarkko.sakkinen@linux.intel.com> <20181108141541.12832-17-jarkko.sakkinen@linux.intel.com> <5B8DA87D05A7694D9FA63FD143655C1B9DA18602@hasmsx108.ger.corp.intel.com> <20181108230700.GA8038@linux.intel.com> <5B8DA87D05A7694D9FA63FD143655C1B9DA190F4@hasmsx108.ger.corp.intel.com> <20181113111204.GD10434@linux.intel.com> In-Reply-To: <20181113111204.GD10434@linux.intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ctpclassification: CTP_NT x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiZjhiZDQwMmMtNDQwZi00NGI5LWJkM2EtMjI1MTRkNmE1ZTA0IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiNnBOa2ZzQ0pUZ2M5WHVqMjFzZXpndGxoZHc1ZnJiRDFVYithcDdodERqYmc5STlqNWpaSHcyaGx4UjlQQXE0dyJ9 dlp-product: dlpe-windows dlp-version: 11.0.400.15 dlp-reaction: no-action x-originating-ip: [10.12.116.92] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8BIT MIME-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > -----Original Message----- > From: Jarkko Sakkinen [mailto:jarkko.sakkinen@linux.intel.com] > Sent: Tuesday, November 13, 2018 13:12 > To: Winkler, Tomas > Cc: linux-integrity@vger.kernel.org; linux-security-module@vger.kernel.org; > James Bottomley ; Struk, > Tadeusz ; Stefan Berger > ; Nayna Jain ; Peter > Huewe ; Jason Gunthorpe ; Arnd > Bergmann ; Greg Kroah-Hartman > ; open list > Subject: Re: [PATCH v5 16/17] tpm: take TPM chip power gating out of > tpm_transmit() > > On Fri, Nov 09, 2018 at 09:37:48PM +0000, Winkler, Tomas wrote: > > > On Thu, Nov 08, 2018 at 06:38:59PM +0000, Winkler, Tomas wrote: > > > > > Call tpm_chip_start() and tpm_chip_stop() in > > > > > > > > > > * tpm_try_get_ops() and tpm_put_ops() > > > > > * tpm_chip_register() > > > > > * tpm2_del_space() > > > > > > > > > > And remove these calls from tpm_transmit(). The core reason for > > > > > this change is that in tpm_vtpm_proxy a locality change requires > > > > > a virtual TPM command (a command made up just for that driver). > > > > > > > > > I don't think you can do that, locality has to be request for > > > > each command, as for example tboot can request higher locality any > time. > > > > > > That could be a potential problem. How tboot intervention gets > > > prevented without this patch? > > As it was said, need to request locality and relinquish it for each > > command, I believe thought this is not required for client platforms > > only for servers. > > And what I'm trying to under is why so. > > If the intervention can happen at any time that would imply that even if you > would request and relinquish locality for a single TPM command, the > intervention could happen in the middle. That is why I'm asking why without > this patch things are just fine. Yes, w/o this constrain it would be okay to request locality only once, we can ask tboot ask again but at the time the requirement was that locality can be taken of at any point, I believe that the locality won't be granted till a single command is completed. Anyhow still the power gating is wrong in this patch do not ignore that part. Thanks Tomas