From: Jason Gunthorpe Subject: Re: [tpmdd-devel] [PATCH] tpm: remove chip_num parameter from in-kernel API Date: Tue, 24 Oct 2017 10:11:18 -0600 Message-ID: <20171024161118.GA348@obsidianresearch.com> References: <20171023123817.18559-1-jarkko.sakkinen@linux.intel.com> <20171023163139.GA17394@obsidianresearch.com> <20171024154440.3jeupmus43jcgbbz@linux.intel.com> <20171024155526.GA32250@obsidianresearch.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Jarkko Sakkinen , Stefan Berger , linux-integrity@vger.kernel.org, David Howells , Herbert Xu , "open list:INTEGRITY MEASUREMENT ARCHITECTURE IMA" , Dmitry Kasatkin , open list , linux-security-module@vger.kernel.org, "moderated list:TPM DEVICE DRIVER" , "open list:KEYS-TRUSTED" , "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" , James Morris , Matt Mackall , "open list:INTEGRITY MEASUREMENT ARCHITECTURE IMA" To: PrasannaKumar Muralidharan Return-path: Content-Disposition: inline In-Reply-To: Sender: linux-kernel-owner@vger.kernel.org List-Id: linux-crypto.vger.kernel.org On Tue, Oct 24, 2017 at 09:37:33PM +0530, PrasannaKumar Muralidharan wrote: > Hi Jason, > > On 24 October 2017 at 21:25, Jason Gunthorpe > wrote: > > On Tue, Oct 24, 2017 at 09:21:15PM +0530, PrasannaKumar Muralidharan wrote: > > > >> Please check the RFC [1]. It does use chip id. The rfc has issues and > >> has to be fixed but still there could be users of the API. > >> > >> 1. https://www.spinics.net/lists/linux-crypto/msg28282.html > > > > That patch isn't safe at all. You need to store a kref to th chip in > > the hwrng, not parse a string. > > The drivers/char/hw_random/tpm-rng.c module does not store the chip > reference so I guess the usage is safe. It is using the default TPM, it is always safe to use the default tpm. > The RFC is just a sample use case of the API. Well, a wrong example not to be emulated, and I think, further shows how Jarkko's direction is the right one. Jason