Received: by 2002:ac0:bc90:0:0:0:0:0 with SMTP id a16csp661184img; Thu, 21 Mar 2019 06:26:55 -0700 (PDT) X-Google-Smtp-Source: APXvYqyL1shDOAWWdtdGXXfuHFrMabiZKK6Gl/OAso9Ewv0wN/0NM66i3qeBEo3k4U3ZyiiSSK+a X-Received: by 2002:a17:902:a60c:: with SMTP id u12mr3403908plq.301.1553174815697; Thu, 21 Mar 2019 06:26:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1553174815; cv=none; d=google.com; s=arc-20160816; b=EoKLilFfpg9VHjrB46eYdw8kpGHlRVDLfK/mwD3EDGpn5bjwgkenm1muV/pbHHpNL6 vECB01Lk4dk5QCa0YipS6XutiHVEK5obqdKNBtV581alZGhet59yaOLo25p4PMF1FEgg ekaiVjzvrBE5hgxf9e9qvi4x8gTzVGKfK/lGZ9jvCucOBmn/to+QFFSAppNQhFNLz6eU 5GMrAMWfczK8aYFnA2seLESewwtNrnjbvQFIoP6e/RUpGbYZU5RBXBMrBrznBG/ceqsL n+UBxPqSZtz/4TdhVURlUwBsF/labvDQ4Zg/h+H6PWCkaYc+JNvZ7iwzPk6/nnECAL6h gB+g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=46cOclaW7d7RBJ4U2+AJCEuPrT1SJWSIV09PFQCWbhc=; b=h8D0tU1iNx5RnxyEN6tlXEbgkE9YGGBb7TygHSZpm6yXV4Sf/eGMhyf2ra6gaSPGiQ 0b3DugtN6sT/CvAUZItSRS0DQZTZkt2orrVGA+zTe9MtjhWYOy3Crkd3vayt+XTg+0tK ApNG4pZtDQnTR+6ysDcwwUslZfxZ4E/zMOTzGeA1Rp5VYpfu6T57iRA+9sQ3MNnHZYB5 o6RY4YsHqpeV+1buRZClfrbwcPTrPzJKNsCJUkU5ruZuZ8jvNJP0FvnGp09cv/zROO1Y FFpbrdnoaaAM94oJdig6YSKsaUf1EOiPTkU1ESaA0+9LHILUoQgW059OOqyfKvf768Xb D3rw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h35si4723410plb.180.2019.03.21.06.26.38; Thu, 21 Mar 2019 06:26:55 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728417AbfCUNZb (ORCPT + 99 others); Thu, 21 Mar 2019 09:25:31 -0400 Received: from lhrrgout.huawei.com ([185.176.76.210]:32909 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1728157AbfCUNZb (ORCPT ); Thu, 21 Mar 2019 09:25:31 -0400 Received: from LHREML711-CAH.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id 67ABE477CB3B6C7DF3CE; Thu, 21 Mar 2019 13:25:29 +0000 (GMT) Received: from [10.204.65.148] (10.204.65.148) by smtpsuk.huawei.com (10.201.108.34) with Microsoft SMTP Server (TLS) id 14.3.408.0; Thu, 21 Mar 2019 13:25:23 +0000 Subject: Re: [PATCH v10, RESEND 5/6] KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip() To: Jarkko Sakkinen , Dan Williams CC: , , , , , , , "Linux Kernel Mailing List" , , linux-nvdimm References: <20190206162452.7749-1-roberto.sassu@huawei.com> <20190206162452.7749-6-roberto.sassu@huawei.com> <20190321131554.GB2267@linux.intel.com> From: Roberto Sassu Message-ID: Date: Thu, 21 Mar 2019 14:25:26 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.3.0 MIME-Version: 1.0 In-Reply-To: <20190321131554.GB2267@linux.intel.com> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [10.204.65.148] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 3/21/2019 2:15 PM, Jarkko Sakkinen wrote: > On Mon, Mar 18, 2019 at 03:35:08PM -0700, Dan Williams wrote: >> On Wed, Feb 6, 2019 at 10:30 AM Roberto Sassu wrote: >>> >>> When crypto agility support will be added to the TPM driver, users of the >>> driver have to retrieve the allocated banks from chip->allocated_banks and >>> use this information to prepare the array of tpm_digest structures to be >>> passed to tpm_pcr_extend(). >>> >>> This patch retrieves a tpm_chip pointer from tpm_default_chip() so that the >>> pointer can be used to prepare the array of tpm_digest structures. >>> >>> Signed-off-by: Roberto Sassu >>> Reviewed-by: Jarkko Sakkinen >>> Tested-by: Jarkko Sakkinen >>> --- >>> security/keys/trusted.c | 38 ++++++++++++++++++++++++-------------- >>> 1 file changed, 24 insertions(+), 14 deletions(-) >>> >>> diff --git a/security/keys/trusted.c b/security/keys/trusted.c >>> index 4d98f4f87236..5b852263eae1 100644 >>> --- a/security/keys/trusted.c >>> +++ b/security/keys/trusted.c >>> @@ -34,6 +34,7 @@ >>> >>> static const char hmac_alg[] = "hmac(sha1)"; >>> static const char hash_alg[] = "sha1"; >>> +static struct tpm_chip *chip; >>> >>> struct sdesc { >>> struct shash_desc shash; >>> @@ -362,7 +363,7 @@ int trusted_tpm_send(unsigned char *cmd, size_t buflen) >>> int rc; >>> >>> dump_tpm_buf(cmd); >>> - rc = tpm_send(NULL, cmd, buflen); >>> + rc = tpm_send(chip, cmd, buflen); >>> dump_tpm_buf(cmd); >>> if (rc > 0) >>> /* Can't return positive return codes values to keyctl */ >>> @@ -384,10 +385,10 @@ static int pcrlock(const int pcrnum) >>> >>> if (!capable(CAP_SYS_ADMIN)) >>> return -EPERM; >>> - ret = tpm_get_random(NULL, hash, SHA1_DIGEST_SIZE); >>> + ret = tpm_get_random(chip, hash, SHA1_DIGEST_SIZE); >>> if (ret != SHA1_DIGEST_SIZE) >>> return ret; >>> - return tpm_pcr_extend(NULL, pcrnum, hash) ? -EINVAL : 0; >>> + return tpm_pcr_extend(chip, pcrnum, hash) ? -EINVAL : 0; >>> } >>> >>> /* >>> @@ -400,7 +401,7 @@ static int osap(struct tpm_buf *tb, struct osapsess *s, >>> unsigned char ononce[TPM_NONCE_SIZE]; >>> int ret; >>> >>> - ret = tpm_get_random(NULL, ononce, TPM_NONCE_SIZE); >>> + ret = tpm_get_random(chip, ononce, TPM_NONCE_SIZE); >>> if (ret != TPM_NONCE_SIZE) >>> return ret; >>> >>> @@ -496,7 +497,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, >>> if (ret < 0) >>> goto out; >>> >>> - ret = tpm_get_random(NULL, td->nonceodd, TPM_NONCE_SIZE); >>> + ret = tpm_get_random(chip, td->nonceodd, TPM_NONCE_SIZE); >>> if (ret != TPM_NONCE_SIZE) >>> goto out; >>> ordinal = htonl(TPM_ORD_SEAL); >>> @@ -606,7 +607,7 @@ static int tpm_unseal(struct tpm_buf *tb, >>> >>> ordinal = htonl(TPM_ORD_UNSEAL); >>> keyhndl = htonl(SRKHANDLE); >>> - ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE); >>> + ret = tpm_get_random(chip, nonceodd, TPM_NONCE_SIZE); >>> if (ret != TPM_NONCE_SIZE) { >>> pr_info("trusted_key: tpm_get_random failed (%d)\n", ret); >>> return ret; >>> @@ -751,7 +752,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay, >>> int i; >>> int tpm2; >>> >>> - tpm2 = tpm_is_tpm2(NULL); >>> + tpm2 = tpm_is_tpm2(chip); >>> if (tpm2 < 0) >>> return tpm2; >>> >>> @@ -920,7 +921,7 @@ static struct trusted_key_options *trusted_options_alloc(void) >>> struct trusted_key_options *options; >>> int tpm2; >>> >>> - tpm2 = tpm_is_tpm2(NULL); >>> + tpm2 = tpm_is_tpm2(chip); >>> if (tpm2 < 0) >>> return NULL; >>> >>> @@ -970,7 +971,7 @@ static int trusted_instantiate(struct key *key, >>> size_t key_len; >>> int tpm2; >>> >>> - tpm2 = tpm_is_tpm2(NULL); >>> + tpm2 = tpm_is_tpm2(chip); >>> if (tpm2 < 0) >>> return tpm2; >>> >>> @@ -1011,7 +1012,7 @@ static int trusted_instantiate(struct key *key, >>> switch (key_cmd) { >>> case Opt_load: >>> if (tpm2) >>> - ret = tpm_unseal_trusted(NULL, payload, options); >>> + ret = tpm_unseal_trusted(chip, payload, options); >>> else >>> ret = key_unseal(payload, options); >>> dump_payload(payload); >>> @@ -1021,13 +1022,13 @@ static int trusted_instantiate(struct key *key, >>> break; >>> case Opt_new: >>> key_len = payload->key_len; >>> - ret = tpm_get_random(NULL, payload->key, key_len); >>> + ret = tpm_get_random(chip, payload->key, key_len); >>> if (ret != key_len) { >>> pr_info("trusted_key: key_create failed (%d)\n", ret); >>> goto out; >>> } >>> if (tpm2) >>> - ret = tpm_seal_trusted(NULL, payload, options); >>> + ret = tpm_seal_trusted(chip, payload, options); >>> else >>> ret = key_seal(payload, options); >>> if (ret < 0) >>> @@ -1225,17 +1226,26 @@ static int __init init_trusted(void) >>> { >>> int ret; >>> >>> + chip = tpm_default_chip(); >>> + if (!chip) >>> + return -ENOENT; >> >> This change causes a regression loading the encrypted_keys module on >> systems that don't have a tpm. >> >> Module init functions should not have hardware dependencies. >> >> The effect is that the libnvdimm module, which is an encrypted_keys >> user, fails to load, but up until this change encrypted_keys did not >> have a hard dependency on TPM presence. > > Sorry for the latency. I was in flu for couple of days. > > I missed that addition in the review process albeit this patch set > went numerous rounds. Apologies about ths. Also the return value is > wrong. Should be -ENODEV but it doesn't matter because this needs to > be removed anyway. > > Roberto, can you submit a fix ASAP that: Ok, I will do it now. Roberto > 1. Allows the module to initialize even if the chip is not found. > 2. In the beginning of each function (before tpm_is_tpm2()) you > should check if chip is NULL and return -ENODEV if it is. > > Add also these tags before your signed-off-by: > > Cc: stable@vger.kernel.org > Fixes: 240730437deb ("KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip()") > Reported-by: Dan Williams > Suggested-by: Jarkko Sakkinen > > /Jarkko > -- HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063 Managing Director: Bo PENG, Jian LI, Yanli SHI