subject:"\[tpmdd\-devel\] \[PATCH v3 0\/7\] tpm\: TPM2.0 eventlog securityfs support"

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

2016-09-28 Thread Nayna



On 09/01/2016 08:22 PM, Jarkko Sakkinen wrote:
> On Thu, Sep 01, 2016 at 04:45:01PM +0300, Jarkko Sakkinen wrote:
>> On Wed, Aug 31, 2016 at 11:26:24PM +0530, Nayna wrote:
>>> Thanks Jarkko for the review. I will address all your comments in my next
>>> version of patches.
>>
>> OK maybe the point I'm trying to make if you forget all the whining is
>> that with this particular feature we have to be extremely careful
>> because of the number of stakeholders that depend on it.
>>
>> This is not something I would put into 4.10 and no matter who is doing
>> it, it might take a few more iterations to get right. So take your time.
>> There's no rush (or more like there can't be rush).
>
> Sorry, a typo. I meant the 4.9 release :) 4.10 release is an open
> question. This should be in production quality by 4.9-rc4/5 in order
> to make that happen.
>
> The good timeline for topic branch would be end of Oct before LPC so
> that I could carry a setup involving Minnowboard and a discrete TPM
> module and demo this. I already have a topic branch called 'tabrm'
> in place for the same conference.

Sure Jarkko. Thanks for this !! I have included the feedbacks and have 
posted V4 version of the patches just now.

Thanks & Regards,
- Nayna

>
> /Jarkko
>
>> In the meanwhile I'm still in progress on getting the suitable hardware
>> so that I could test at least the DT stuff.
>>
>> PS. It's better to keep the attribute names the same since the code is
>> already depending those names even if I don't like the naming :)
>>
>> /Jarkko
>>
>>> Thanks & Regards,
>>>- Nayna
>>>
>>> On 08/30/2016 12:40 PM, Jarkko Sakkinen wrote:
 On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote:
> Existing TPM2.0 support lacks the support for eventlog securityfs file.
> This patch adds the binary_bios_measurements to TPM2.0 eventlog
> securityfs file.
>
> Additionally, it also includes the review feedbacks as suggested by
> Jason.
>
> Further, commit msg subject line is prefixed with tpm as was suggested
> by Jarkko.

 Please start using get_maintainers.pl...

> Changelog v3:
>
> * Includes the review feedbacks as suggested by Jason
>  * Split of patches into one patch per idea
>  * Generic open() method for ascii/bios measurements
>  * Replacement of of **bios_dir with *bios_dir[3]
>  * Verifying readlog() is successful before creating
>  securityfs entries
>  * Generic readlog() to check for ACPI/OF in sequence
>   * read_log_of() method now uses of_node propertry rather than
>  calling find_device_by_name
>   * read_log differentiates vtpm/tpm using its compatible property
>   * Cleans pr_err with dev_dbg
>   * Commit msgs subject line prefixed with tpm

 Where is the changlog for v2?

 /Jarkko

>
> Nayna Jain (7):
>tpm: Define a generic open() method for ascii & bios measurements.
>tpm: Replace the dynamically allocated bios_dir as struct dentry
>  array.
>tpm: Validate the eventlog access before tpm_bios_log_setup
>tpm: Redefine the read_log method to check for ACPI/OF properties
>  sequentially
>tpm: Replace the of_find_node_by_name() with dev of_node property
>tpm: Moves the eventlog init functions to tpm_eventlog_init.c
>tpm: Adds securityfs support for TPM2.0 eventlog
>
>   drivers/char/tpm/Makefile|  13 +-
>   drivers/char/tpm/tpm-chip.c  |  21 +---
>   drivers/char/tpm/tpm.h   |   7 +-
>   drivers/char/tpm/tpm2.h  |  85 +
>   drivers/char/tpm/tpm2_eventlog.c | 224 
> +++
>   drivers/char/tpm/tpm_acpi.c  |  19 +--
>   drivers/char/tpm/tpm_eventlog.c  | 154 +---
>   drivers/char/tpm/tpm_eventlog.h  |  26 ++--
>   drivers/char/tpm/tpm_eventlog_init.c | 153 
>   drivers/char/tpm/tpm_of.c|  65 ++
>   10 files changed, 543 insertions(+), 224 deletions(-)
>   create mode 100644 drivers/char/tpm/tpm2.h
>   create mode 100644 drivers/char/tpm/tpm2_eventlog.c
>   create mode 100644 drivers/char/tpm/tpm_eventlog_init.c
>
> --
> 2.5.0
>
>
> --
> ___
> tpmdd-devel mailing list
> tpmdd-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

>>>
>


--
___
tpmdd-devel mailing list
tpmdd-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

2016-09-20 Thread Stefan Berger

Jarkko Sakkinen  wrote on 09/20/2016 
06:04:23 AM:


> 
> On Mon, Sep 19, 2016 at 10:50:15AM -0400, Stefan Berger wrote:
> >> You also fail to explain how this should work with ACPI even 
though
> >> we know that there does not exist any kind for event log through 
ACPI
> >> with TPM 2.0 hardware. I.e. just by reading the commits I 
canobviously
> >> see that you are doing major untested code path changes.
> > 
> >That's true there there's not spec for a BIOS at the moment and I 
would
> >expect that TCG will likely not write one. Likely all vendors have 
moved
> >on to (U)EFI. We realized this also while implementing TPM 2 
support for
> >SeaBIOS and I ended up reusing the ACPI TCPA table but adopted the 
EFI
> >specified log format with that special first entry. Can we 
> accomodate that
> >?
> 
> Does that match to "SHA1 Event Log Entry Format" defined in [1]? In
> addition "Crypto Agile Log Entry Format" must be supported.

SeaBIOS supports the SHA1 Event Log Entry Format [5.1 in that spec]. It 
uses it for TPM 1.2.

https://code.coreboot.org/p/seabios/source/tree/master/src/std/tcg.h#L521

In case of TPM 2 it will write the first log entry in the format of the 
Event Log Header [5.3].

https://code.coreboot.org/p/seabios/source/tree/master/src/std/tcg.h#L521

All subsequent entries in the log will be written in Crypto Agile Log 
Entry Format [5.2].

Again: 
https://code.coreboot.org/p/seabios/source/tree/master/src/std/tcg.h#L521

UEFI may write into some special buffer that the OS can get to via an API 
call. In case of SeaBIOS this buffer is just in the TCPA ACPI table, as in 
TPM 1.2.


> 
> Philip: what was the UEFI handover procedure that was discussed in
> TPM BoF at LSS 2016?
> 
> >   Stefan
> 
> [1] http://www.trustedcomputinggroup.org/wp-content/uploads/EFI-
> Protocol-Specification-rev13-160330final.pdf
> 
> /Jarkko
> 


--
___
tpmdd-devel mailing list
tpmdd-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

2016-09-20 Thread Jarkko Sakkinen

On Mon, Sep 19, 2016 at 10:50:15AM -0400, Stefan Berger wrote:
>> You also fail to explain how this should work with ACPI even though
>> we know that there does not exist any kind for event log through ACPI
>> with TPM 2.0 hardware. I.e. just by reading the commits I can obviously
>> see that you are doing major untested code path changes.
> 
>That's true there there's not spec for a BIOS at the moment and I would
>expect that TCG will likely not write one. Likely all vendors have moved
>on to (U)EFI. We realized this also while implementing TPM 2 support for
>SeaBIOS and I ended up reusing the ACPI TCPA table but adopted the EFI
>specified log format with that special first entry. Can we accomodate that
>?

Does that match to "SHA1 Event Log Entry Format" defined in [1]? In
addition "Crypto Agile Log Entry Format" must be supported.

Philip: what was the UEFI handover procedure that was discussed in
TPM BoF at LSS 2016?

>   Stefan

[1] 
http://www.trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf

/Jarkko

--
___
tpmdd-devel mailing list
tpmdd-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

2016-09-19 Thread Stefan Berger

Jarkko Sakkinen  wrote on 08/30/2016 
06:16:11 AM:

> 
> On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote:
> > Existing TPM2.0 support lacks the support for eventlog securityfs 
file.
> > This patch adds the binary_bios_measurements to TPM2.0 eventlog
> > securityfs file.
> 
> This is kind of patch set that would require very elaborate description
> how the problem was solved. I cannot really mirror the patches to
> anything (especially as the commit messages in commits are also very low
> quality).
> 
> If you write bad commit messages, it leaves me worried that the quality
> is low by other measure.
> 
> This is just an example but I do not know how this scales with 
algorithmic 
> agility. 
> 
> You also fail to explain how this should work with ACPI even though
> we know that there does not exist any kind for event log through ACPI
> with TPM 2.0 hardware. I.e. just by reading the commits I can obviously
> see that you are doing major untested code path changes.

That's true there there's not spec for a BIOS at the moment and I would 
expect that TCG will likely not write one. Likely all vendors have moved 
on to (U)EFI. We realized this also while implementing TPM 2 support for 
SeaBIOS and I ended up reusing the ACPI TCPA table but adopted the EFI 
specified log format with that special first entry. Can we accomodate that 
?

   Stefan


> 
> This will need a lot of rework...
> 
> > Additionally, it also includes the review feedbacks as suggested by
> > Jason.
> > 
> > Further, commit msg subject line is prefixed with tpm as was suggested
> > by Jarkko.
> > 
> > Changelog v3:
> > 
> > * Includes the review feedbacks as suggested by Jason
> > * Split of patches into one patch per idea
> > * Generic open() method for ascii/bios measurements
> > * Replacement of of **bios_dir with *bios_dir[3]
> > * Verifying readlog() is successful before creating
> > securityfs entries
> > * Generic readlog() to check for ACPI/OF in sequence
> >* read_log_of() method now uses of_node propertry rather than
> > calling find_device_by_name
> >* read_log differentiates vtpm/tpm using its compatible property
> >* Cleans pr_err with dev_dbg
> >* Commit msgs subject line prefixed with tpm
> 
> BTW, what is the logic in this indentation.
> 
> > 
> > Nayna Jain (7):
> >   tpm: Define a generic open() method for ascii & bios measurements.
> >   tpm: Replace the dynamically allocated bios_dir as struct dentry
> > array.
> >   tpm: Validate the eventlog access before tpm_bios_log_setup
> >   tpm: Redefine the read_log method to check for ACPI/OF properties
> > sequentially
> >   tpm: Replace the of_find_node_by_name() with dev of_node property
> >   tpm: Moves the eventlog init functions to tpm_eventlog_init.c
> >   tpm: Adds securityfs support for TPM2.0 eventlog
> > 
> >  drivers/char/tpm/Makefile|  13 +-
> >  drivers/char/tpm/tpm-chip.c  |  21 +---
> >  drivers/char/tpm/tpm.h   |   7 +-
> >  drivers/char/tpm/tpm2.h  |  85 +
> >  drivers/char/tpm/tpm2_eventlog.c | 224 ++
> +
> >  drivers/char/tpm/tpm_acpi.c  |  19 +--
> >  drivers/char/tpm/tpm_eventlog.c  | 154 +---
> >  drivers/char/tpm/tpm_eventlog.h  |  26 ++--
> >  drivers/char/tpm/tpm_eventlog_init.c | 153 
> >  drivers/char/tpm/tpm_of.c|  65 ++
> >  10 files changed, 543 insertions(+), 224 deletions(-)
> >  create mode 100644 drivers/char/tpm/tpm2.h
> >  create mode 100644 drivers/char/tpm/tpm2_eventlog.c
> >  create mode 100644 drivers/char/tpm/tpm_eventlog_init.c
> > 
> > -- 
> > 2.5.0
> > 
> > 
> > 
> 
--
> > ___
> > tpmdd-devel mailing list
> > tpmdd-devel@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
> 
> /Jarkko
> 
> 
--
> ___
> tpmdd-devel mailing list
> tpmdd-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
> 


--
___
tpmdd-devel mailing list
tpmdd-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

2016-09-01 Thread Jarkko Sakkinen

On Thu, Sep 01, 2016 at 04:45:01PM +0300, Jarkko Sakkinen wrote:
> On Wed, Aug 31, 2016 at 11:26:24PM +0530, Nayna wrote:
> > Thanks Jarkko for the review. I will address all your comments in my next
> > version of patches.
> 
> OK maybe the point I'm trying to make if you forget all the whining is
> that with this particular feature we have to be extremely careful
> because of the number of stakeholders that depend on it.
> 
> This is not something I would put into 4.10 and no matter who is doing
> it, it might take a few more iterations to get right. So take your time.
> There's no rush (or more like there can't be rush).

Sorry, a typo. I meant the 4.9 release :) 4.10 release is an open
question. This should be in production quality by 4.9-rc4/5 in order
to make that happen.

The good timeline for topic branch would be end of Oct before LPC so
that I could carry a setup involving Minnowboard and a discrete TPM
module and demo this. I already have a topic branch called 'tabrm'
in place for the same conference.

/Jarkko

> In the meanwhile I'm still in progress on getting the suitable hardware
> so that I could test at least the DT stuff.
> 
> PS. It's better to keep the attribute names the same since the code is
> already depending those names even if I don't like the naming :)
> 
> /Jarkko
> 
> > Thanks & Regards,
> >   - Nayna
> > 
> > On 08/30/2016 12:40 PM, Jarkko Sakkinen wrote:
> > >On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote:
> > >>Existing TPM2.0 support lacks the support for eventlog securityfs file.
> > >>This patch adds the binary_bios_measurements to TPM2.0 eventlog
> > >>securityfs file.
> > >>
> > >>Additionally, it also includes the review feedbacks as suggested by
> > >>Jason.
> > >>
> > >>Further, commit msg subject line is prefixed with tpm as was suggested
> > >>by Jarkko.
> > >
> > >Please start using get_maintainers.pl...
> > >
> > >>Changelog v3:
> > >>
> > >>* Includes the review feedbacks as suggested by Jason
> > >> * Split of patches into one patch per idea
> > >> * Generic open() method for ascii/bios measurements
> > >> * Replacement of of **bios_dir with *bios_dir[3]
> > >> * Verifying readlog() is successful before creating
> > >> securityfs entries
> > >> * Generic readlog() to check for ACPI/OF in sequence
> > >>  * read_log_of() method now uses of_node propertry rather than
> > >> calling find_device_by_name
> > >>  * read_log differentiates vtpm/tpm using its compatible property
> > >>  * Cleans pr_err with dev_dbg
> > >>  * Commit msgs subject line prefixed with tpm
> > >
> > >Where is the changlog for v2?
> > >
> > >/Jarkko
> > >
> > >>
> > >>Nayna Jain (7):
> > >>   tpm: Define a generic open() method for ascii & bios measurements.
> > >>   tpm: Replace the dynamically allocated bios_dir as struct dentry
> > >> array.
> > >>   tpm: Validate the eventlog access before tpm_bios_log_setup
> > >>   tpm: Redefine the read_log method to check for ACPI/OF properties
> > >> sequentially
> > >>   tpm: Replace the of_find_node_by_name() with dev of_node property
> > >>   tpm: Moves the eventlog init functions to tpm_eventlog_init.c
> > >>   tpm: Adds securityfs support for TPM2.0 eventlog
> > >>
> > >>  drivers/char/tpm/Makefile|  13 +-
> > >>  drivers/char/tpm/tpm-chip.c  |  21 +---
> > >>  drivers/char/tpm/tpm.h   |   7 +-
> > >>  drivers/char/tpm/tpm2.h  |  85 +
> > >>  drivers/char/tpm/tpm2_eventlog.c | 224 
> > >> +++
> > >>  drivers/char/tpm/tpm_acpi.c  |  19 +--
> > >>  drivers/char/tpm/tpm_eventlog.c  | 154 +---
> > >>  drivers/char/tpm/tpm_eventlog.h  |  26 ++--
> > >>  drivers/char/tpm/tpm_eventlog_init.c | 153 
> > >>  drivers/char/tpm/tpm_of.c|  65 ++
> > >>  10 files changed, 543 insertions(+), 224 deletions(-)
> > >>  create mode 100644 drivers/char/tpm/tpm2.h
> > >>  create mode 100644 drivers/char/tpm/tpm2_eventlog.c
> > >>  create mode 100644 drivers/char/tpm/tpm_eventlog_init.c
> > >>
> > >>--
> > >>2.5.0
> > >>
> > >>
> > >>--
> > >>___
> > >>tpmdd-devel mailing list
> > >>tpmdd-devel@lists.sourceforge.net
> > >>https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
> > >
> > 

--
___
tpmdd-devel mailing list
tpmdd-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

2016-09-01 Thread Jarkko Sakkinen

On Wed, Aug 31, 2016 at 11:26:24PM +0530, Nayna wrote:
> Thanks Jarkko for the review. I will address all your comments in my next
> version of patches.

OK maybe the point I'm trying to make if you forget all the whining is
that with this particular feature we have to be extremely careful
because of the number of stakeholders that depend on it.

This is not something I would put into 4.10 and no matter who is doing
it, it might take a few more iterations to get right. So take your time.
There's no rush (or more like there can't be rush).

In the meanwhile I'm still in progress on getting the suitable hardware
so that I could test at least the DT stuff.

PS. It's better to keep the attribute names the same since the code is
already depending those names even if I don't like the naming :)

/Jarkko

> Thanks & Regards,
>   - Nayna
> 
> On 08/30/2016 12:40 PM, Jarkko Sakkinen wrote:
> >On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote:
> >>Existing TPM2.0 support lacks the support for eventlog securityfs file.
> >>This patch adds the binary_bios_measurements to TPM2.0 eventlog
> >>securityfs file.
> >>
> >>Additionally, it also includes the review feedbacks as suggested by
> >>Jason.
> >>
> >>Further, commit msg subject line is prefixed with tpm as was suggested
> >>by Jarkko.
> >
> >Please start using get_maintainers.pl...
> >
> >>Changelog v3:
> >>
> >>* Includes the review feedbacks as suggested by Jason
> >> * Split of patches into one patch per idea
> >> * Generic open() method for ascii/bios measurements
> >> * Replacement of of **bios_dir with *bios_dir[3]
> >> * Verifying readlog() is successful before creating
> >> securityfs entries
> >> * Generic readlog() to check for ACPI/OF in sequence
> >>* read_log_of() method now uses of_node propertry rather than
> >> calling find_device_by_name
> >>* read_log differentiates vtpm/tpm using its compatible property
> >>* Cleans pr_err with dev_dbg
> >>* Commit msgs subject line prefixed with tpm
> >
> >Where is the changlog for v2?
> >
> >/Jarkko
> >
> >>
> >>Nayna Jain (7):
> >>   tpm: Define a generic open() method for ascii & bios measurements.
> >>   tpm: Replace the dynamically allocated bios_dir as struct dentry
> >> array.
> >>   tpm: Validate the eventlog access before tpm_bios_log_setup
> >>   tpm: Redefine the read_log method to check for ACPI/OF properties
> >> sequentially
> >>   tpm: Replace the of_find_node_by_name() with dev of_node property
> >>   tpm: Moves the eventlog init functions to tpm_eventlog_init.c
> >>   tpm: Adds securityfs support for TPM2.0 eventlog
> >>
> >>  drivers/char/tpm/Makefile|  13 +-
> >>  drivers/char/tpm/tpm-chip.c  |  21 +---
> >>  drivers/char/tpm/tpm.h   |   7 +-
> >>  drivers/char/tpm/tpm2.h  |  85 +
> >>  drivers/char/tpm/tpm2_eventlog.c | 224 
> >> +++
> >>  drivers/char/tpm/tpm_acpi.c  |  19 +--
> >>  drivers/char/tpm/tpm_eventlog.c  | 154 +---
> >>  drivers/char/tpm/tpm_eventlog.h  |  26 ++--
> >>  drivers/char/tpm/tpm_eventlog_init.c | 153 
> >>  drivers/char/tpm/tpm_of.c|  65 ++
> >>  10 files changed, 543 insertions(+), 224 deletions(-)
> >>  create mode 100644 drivers/char/tpm/tpm2.h
> >>  create mode 100644 drivers/char/tpm/tpm2_eventlog.c
> >>  create mode 100644 drivers/char/tpm/tpm_eventlog_init.c
> >>
> >>--
> >>2.5.0
> >>
> >>
> >>--
> >>___
> >>tpmdd-devel mailing list
> >>tpmdd-devel@lists.sourceforge.net
> >>https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
> >
> 

--
___
tpmdd-devel mailing list
tpmdd-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

2016-08-31 Thread Nayna

Thanks Jarkko for the review. I will address all your comments in my 
next version of patches.

Thanks & Regards,
   - Nayna

On 08/30/2016 12:40 PM, Jarkko Sakkinen wrote:
> On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote:
>> Existing TPM2.0 support lacks the support for eventlog securityfs file.
>> This patch adds the binary_bios_measurements to TPM2.0 eventlog
>> securityfs file.
>>
>> Additionally, it also includes the review feedbacks as suggested by
>> Jason.
>>
>> Further, commit msg subject line is prefixed with tpm as was suggested
>> by Jarkko.
>
> Please start using get_maintainers.pl...
>
>> Changelog v3:
>>
>> * Includes the review feedbacks as suggested by Jason
>>  * Split of patches into one patch per idea
>>  * Generic open() method for ascii/bios measurements
>>  * Replacement of of **bios_dir with *bios_dir[3]
>>  * Verifying readlog() is successful before creating
>>  securityfs entries
>>  * Generic readlog() to check for ACPI/OF in sequence
>>  * read_log_of() method now uses of_node propertry rather than
>>  calling find_device_by_name
>>  * read_log differentiates vtpm/tpm using its compatible property
>>  * Cleans pr_err with dev_dbg
>>  * Commit msgs subject line prefixed with tpm
>
> Where is the changlog for v2?
>
> /Jarkko
>
>>
>> Nayna Jain (7):
>>tpm: Define a generic open() method for ascii & bios measurements.
>>tpm: Replace the dynamically allocated bios_dir as struct dentry
>>  array.
>>tpm: Validate the eventlog access before tpm_bios_log_setup
>>tpm: Redefine the read_log method to check for ACPI/OF properties
>>  sequentially
>>tpm: Replace the of_find_node_by_name() with dev of_node property
>>tpm: Moves the eventlog init functions to tpm_eventlog_init.c
>>tpm: Adds securityfs support for TPM2.0 eventlog
>>
>>   drivers/char/tpm/Makefile|  13 +-
>>   drivers/char/tpm/tpm-chip.c  |  21 +---
>>   drivers/char/tpm/tpm.h   |   7 +-
>>   drivers/char/tpm/tpm2.h  |  85 +
>>   drivers/char/tpm/tpm2_eventlog.c | 224 
>> +++
>>   drivers/char/tpm/tpm_acpi.c  |  19 +--
>>   drivers/char/tpm/tpm_eventlog.c  | 154 +---
>>   drivers/char/tpm/tpm_eventlog.h  |  26 ++--
>>   drivers/char/tpm/tpm_eventlog_init.c | 153 
>>   drivers/char/tpm/tpm_of.c|  65 ++
>>   10 files changed, 543 insertions(+), 224 deletions(-)
>>   create mode 100644 drivers/char/tpm/tpm2.h
>>   create mode 100644 drivers/char/tpm/tpm2_eventlog.c
>>   create mode 100644 drivers/char/tpm/tpm_eventlog_init.c
>>
>> --
>> 2.5.0
>>
>>
>> --
>> ___
>> tpmdd-devel mailing list
>> tpmdd-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
>


--
___
tpmdd-devel mailing list
tpmdd-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

2016-08-30 Thread Jarkko Sakkinen

On Tue, Aug 30, 2016 at 01:16:11PM +0300, Jarkko Sakkinen wrote:
> On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote:
> > Existing TPM2.0 support lacks the support for eventlog securityfs file.
> > This patch adds the binary_bios_measurements to TPM2.0 eventlog
> > securityfs file.
> 
> This is kind of patch set that would require very elaborate description
> how the problem was solved. I cannot really mirror the patches to
> anything (especially as the commit messages in commits are also very low
> quality).
> 
> If you write bad commit messages, it leaves me worried that the quality
> is low by other measure.
> 
> This is just an example but I do not know how this scales with algorithmic 
> agility. 
> 
> You also fail to explain how this should work with ACPI even though
> we know that there does not exist any kind for event log through ACPI
> with TPM 2.0 hardware. I.e. just by reading the commits I can obviously
> see that you are doing major untested code path changes.
> 
> This will need a lot of rework...

I can create a topic branch for this when this patch set starts to
converge more or less acceptable shape because that will help other
to work on the grub-kernel event log hand over. This will take a while
because I first want to test the code and I'm just started to acquire
hardware for that.

The dots need to be connected with this, event log handover and IMA for
the kexec.

/Jarkko

--
___
tpmdd-devel mailing list
tpmdd-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

2016-08-30 Thread Jarkko Sakkinen

On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote:
> Existing TPM2.0 support lacks the support for eventlog securityfs file.
> This patch adds the binary_bios_measurements to TPM2.0 eventlog
> securityfs file.

This is kind of patch set that would require very elaborate description
how the problem was solved. I cannot really mirror the patches to
anything (especially as the commit messages in commits are also very low
quality).

If you write bad commit messages, it leaves me worried that the quality
is low by other measure.

This is just an example but I do not know how this scales with algorithmic 
agility. 

You also fail to explain how this should work with ACPI even though
we know that there does not exist any kind for event log through ACPI
with TPM 2.0 hardware. I.e. just by reading the commits I can obviously
see that you are doing major untested code path changes.

This will need a lot of rework...

> Additionally, it also includes the review feedbacks as suggested by
> Jason.
> 
> Further, commit msg subject line is prefixed with tpm as was suggested
> by Jarkko.
> 
> Changelog v3:
> 
> * Includes the review feedbacks as suggested by Jason
> * Split of patches into one patch per idea
> * Generic open() method for ascii/bios measurements
> * Replacement of of **bios_dir with *bios_dir[3]
> * Verifying readlog() is successful before creating
> securityfs entries
> * Generic readlog() to check for ACPI/OF in sequence
>   * read_log_of() method now uses of_node propertry rather than
> calling find_device_by_name
>   * read_log differentiates vtpm/tpm using its compatible property
>   * Cleans pr_err with dev_dbg
>   * Commit msgs subject line prefixed with tpm

BTW, what is the logic in this indentation.

> 
> Nayna Jain (7):
>   tpm: Define a generic open() method for ascii & bios measurements.
>   tpm: Replace the dynamically allocated bios_dir as struct dentry
> array.
>   tpm: Validate the eventlog access before tpm_bios_log_setup
>   tpm: Redefine the read_log method to check for ACPI/OF properties
> sequentially
>   tpm: Replace the of_find_node_by_name() with dev of_node property
>   tpm: Moves the eventlog init functions to tpm_eventlog_init.c
>   tpm: Adds securityfs support for TPM2.0 eventlog
> 
>  drivers/char/tpm/Makefile|  13 +-
>  drivers/char/tpm/tpm-chip.c  |  21 +---
>  drivers/char/tpm/tpm.h   |   7 +-
>  drivers/char/tpm/tpm2.h  |  85 +
>  drivers/char/tpm/tpm2_eventlog.c | 224 
> +++
>  drivers/char/tpm/tpm_acpi.c  |  19 +--
>  drivers/char/tpm/tpm_eventlog.c  | 154 +---
>  drivers/char/tpm/tpm_eventlog.h  |  26 ++--
>  drivers/char/tpm/tpm_eventlog_init.c | 153 
>  drivers/char/tpm/tpm_of.c|  65 ++
>  10 files changed, 543 insertions(+), 224 deletions(-)
>  create mode 100644 drivers/char/tpm/tpm2.h
>  create mode 100644 drivers/char/tpm/tpm2_eventlog.c
>  create mode 100644 drivers/char/tpm/tpm_eventlog_init.c
> 
> -- 
> 2.5.0
> 
> 
> --
> ___
> tpmdd-devel mailing list
> tpmdd-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

/Jarkko

--
___
tpmdd-devel mailing list
tpmdd-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

2016-08-30 Thread Jarkko Sakkinen

On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote:
> Existing TPM2.0 support lacks the support for eventlog securityfs file.
> This patch adds the binary_bios_measurements to TPM2.0 eventlog
> securityfs file.
> 
> Additionally, it also includes the review feedbacks as suggested by
> Jason.
> 
> Further, commit msg subject line is prefixed with tpm as was suggested
> by Jarkko.

Please start using get_maintainers.pl...

> Changelog v3:
> 
> * Includes the review feedbacks as suggested by Jason
> * Split of patches into one patch per idea
> * Generic open() method for ascii/bios measurements
> * Replacement of of **bios_dir with *bios_dir[3]
> * Verifying readlog() is successful before creating
> securityfs entries
> * Generic readlog() to check for ACPI/OF in sequence
>   * read_log_of() method now uses of_node propertry rather than
> calling find_device_by_name
>   * read_log differentiates vtpm/tpm using its compatible property
>   * Cleans pr_err with dev_dbg
>   * Commit msgs subject line prefixed with tpm

Where is the changlog for v2?

/Jarkko

> 
> Nayna Jain (7):
>   tpm: Define a generic open() method for ascii & bios measurements.
>   tpm: Replace the dynamically allocated bios_dir as struct dentry
> array.
>   tpm: Validate the eventlog access before tpm_bios_log_setup
>   tpm: Redefine the read_log method to check for ACPI/OF properties
> sequentially
>   tpm: Replace the of_find_node_by_name() with dev of_node property
>   tpm: Moves the eventlog init functions to tpm_eventlog_init.c
>   tpm: Adds securityfs support for TPM2.0 eventlog
> 
>  drivers/char/tpm/Makefile|  13 +-
>  drivers/char/tpm/tpm-chip.c  |  21 +---
>  drivers/char/tpm/tpm.h   |   7 +-
>  drivers/char/tpm/tpm2.h  |  85 +
>  drivers/char/tpm/tpm2_eventlog.c | 224 
> +++
>  drivers/char/tpm/tpm_acpi.c  |  19 +--
>  drivers/char/tpm/tpm_eventlog.c  | 154 +---
>  drivers/char/tpm/tpm_eventlog.h  |  26 ++--
>  drivers/char/tpm/tpm_eventlog_init.c | 153 
>  drivers/char/tpm/tpm_of.c|  65 ++
>  10 files changed, 543 insertions(+), 224 deletions(-)
>  create mode 100644 drivers/char/tpm/tpm2.h
>  create mode 100644 drivers/char/tpm/tpm2_eventlog.c
>  create mode 100644 drivers/char/tpm/tpm_eventlog_init.c
> 
> -- 
> 2.5.0
> 
> 
> --
> ___
> tpmdd-devel mailing list
> tpmdd-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

--
___
tpmdd-devel mailing list
tpmdd-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

[tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

2016-08-29 Thread Nayna Jain

Existing TPM2.0 support lacks the support for eventlog securityfs file.
This patch adds the binary_bios_measurements to TPM2.0 eventlog
securityfs file.

Additionally, it also includes the review feedbacks as suggested by
Jason.

Further, commit msg subject line is prefixed with tpm as was suggested
by Jarkko.

Changelog v3:

* Includes the review feedbacks as suggested by Jason
* Split of patches into one patch per idea
* Generic open() method for ascii/bios measurements
* Replacement of of **bios_dir with *bios_dir[3]
* Verifying readlog() is successful before creating
securityfs entries
* Generic readlog() to check for ACPI/OF in sequence
* read_log_of() method now uses of_node propertry rather than
calling find_device_by_name
* read_log differentiates vtpm/tpm using its compatible property
* Cleans pr_err with dev_dbg
* Commit msgs subject line prefixed with tpm

Nayna Jain (7):
  tpm: Define a generic open() method for ascii & bios measurements.
  tpm: Replace the dynamically allocated bios_dir as struct dentry
array.
  tpm: Validate the eventlog access before tpm_bios_log_setup
  tpm: Redefine the read_log method to check for ACPI/OF properties
sequentially
  tpm: Replace the of_find_node_by_name() with dev of_node property
  tpm: Moves the eventlog init functions to tpm_eventlog_init.c
  tpm: Adds securityfs support for TPM2.0 eventlog

 drivers/char/tpm/Makefile|  13 +-
 drivers/char/tpm/tpm-chip.c  |  21 +---
 drivers/char/tpm/tpm.h   |   7 +-
 drivers/char/tpm/tpm2.h  |  85 +
 drivers/char/tpm/tpm2_eventlog.c | 224 +++
 drivers/char/tpm/tpm_acpi.c  |  19 +--
 drivers/char/tpm/tpm_eventlog.c  | 154 +---
 drivers/char/tpm/tpm_eventlog.h  |  26 ++--
 drivers/char/tpm/tpm_eventlog_init.c | 153 
 drivers/char/tpm/tpm_of.c|  65 ++
 10 files changed, 543 insertions(+), 224 deletions(-)
 create mode 100644 drivers/char/tpm/tpm2.h
 create mode 100644 drivers/char/tpm/tpm2_eventlog.c
 create mode 100644 drivers/char/tpm/tpm_eventlog_init.c

-- 
2.5.0


--
___
tpmdd-devel mailing list
tpmdd-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

[tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support

11 matches

Site Navigation

Mail list logo

Footer information