So, yes, it can be and it will be removed :)
________________________________________
From: Kent Yoder [k...@linux.vnet.ibm.com]
Sent: 07 November 2012 18:45
To: Mathias LEBLANC
Cc: Rajiv Andrade; Marcel Selhorst; Sirrix AG;
tpmdd-de...@lists.sourceforge.net; linux-kernel@vger.kernel.org; Jean-Luc BLANC
Subject: Re: [PATCH 1/1] TPM: STMicroelectronics ST33 I2C
On Wed, Nov 07, 2012 at 04:23:14PM +0100, Mathias LEBLANC wrote:
> Hi Kent,
>
> Sorry for sending new driver, it was a mistake.
> Today, I will upload the new version of the Linux driver without the errors
> that you have mentioned in your previous mail.
Ok, np.
>
> About :
> > +/*
> > + * tpm_st33_i2c_ioctl provides 2 handles:
> > + * - TPMIOC_CANCEL: allow to CANCEL a TPM commands execution.
> > + * See tpm_stm_i2c_cancel description above
> > + * - TPMIOC_TRANSMIT: allow to transmit a TPM commands.
> > + * - TPMIOC_HASH: allow to compute a locality 4 hash
> > + * - TPMIOC_CHANGELOCALITY: allow to change the current locality
>
> Can we get rid of the ioctl path? cancel and transmit are available
> through read/write already, but I need help understanding what hash and
> change locality would be useful for. If the kernel is running you can
> just use the crypto api for a hash operation, right?
>
> As for changing locality, what's the idea there? If you can just
> switch localities at any time with an ioctl and no DRTM, why have it?
>
> [cut]
> > +static const struct file_operations tpm_st33_i2c_fops = {
> > + .owner = THIS_MODULE,
> > + .llseek = no_llseek,
> > + .read = tpm_read,
> > + .write = tpm_write,
> > + .open = tpm_open,
> > + .release = tpm_release,
> > +};
>
> The TPM specification, specifies all four localities used for different levels
> LOCALITY4_HASH by a CPU instruction to start
> LOCALITY3 for BIOS
> LOCALITY2 for MBR
> LOCALITY1 for operation login
> LOCALITY0 for common OS tasks.
>
> The use of these localities is agreement with the specifications and must
> always be down (4, 3, 2, 1, 0) to be sure that the verification steps lower
> levels will never be altered to ensure "sustainability".
> If once the OS loaded, I am able to use the locality 4, I could potentially
> alter the values of the starting steps below ...
> Access to these localities in the driver * Linux * has been given only for
> the purpose of validation.
Ok cool, so it can be removed? :-)
Kent
> ________________________________________
> From: Kent Yoder [k...@linux.vnet.ibm.com]
> Sent: 07 November 2012 16:02
> To: Mathias LEBLANC
> Cc: Rajiv Andrade; Marcel Selhorst; Sirrix AG;
> tpmdd-de...@lists.sourceforge.net; linux-kernel@vger.kernel.org; Jean-Luc
> BLANC
> Subject: Re: [PATCH 1/1] TPM: STMicroelectronics ST33 I2C
>
> On Wed, Nov 07, 2012 at 01:15:09PM +0100, Mathias Leblanc wrote:
> > * STMicroelectronics version 1.2.0, Copyright (C) 2010
> > * STMicroelectronics comes with ABSOLUTELY NO WARRANTY.
> > * This is free software, and you are welcome to redistribute it
> > * under certain conditions.
> >
> > This is the driver for TPM chip from ST Microelectronics.
> >
> > If you have a TPM security chip from STMicroelectronics working with
> > an I2C, in menuconfig or .config choose the tpm driver on
> > device --> tpm and activate the protocol of your choice before compiling
> > the kernel.
> > The driver will be accessible from within Linux.
> >
> > Tested on linux x86/x64, beagleboard REV B & XM REV C and CHROMIUM OS
> >
> > Signed-off-by: Mathias Leblanc <mathias.lebl...@st.com>
>
> Hi Mathias,
>
> I didn't see a reply to my mail from Oct 31, and very little has
> changed here. Did I miss something?
>
> Kent
