Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support
On 09/01/2016 08:22 PM, Jarkko Sakkinen wrote: > On Thu, Sep 01, 2016 at 04:45:01PM +0300, Jarkko Sakkinen wrote: >> On Wed, Aug 31, 2016 at 11:26:24PM +0530, Nayna wrote: >>> Thanks Jarkko for the review. I will address all your comments in my next >>> version of patches. >> >> OK maybe the point I'm trying to make if you forget all the whining is >> that with this particular feature we have to be extremely careful >> because of the number of stakeholders that depend on it. >> >> This is not something I would put into 4.10 and no matter who is doing >> it, it might take a few more iterations to get right. So take your time. >> There's no rush (or more like there can't be rush). > > Sorry, a typo. I meant the 4.9 release :) 4.10 release is an open > question. This should be in production quality by 4.9-rc4/5 in order > to make that happen. > > The good timeline for topic branch would be end of Oct before LPC so > that I could carry a setup involving Minnowboard and a discrete TPM > module and demo this. I already have a topic branch called 'tabrm' > in place for the same conference. Sure Jarkko. Thanks for this !! I have included the feedbacks and have posted V4 version of the patches just now. Thanks & Regards, - Nayna > > /Jarkko > >> In the meanwhile I'm still in progress on getting the suitable hardware >> so that I could test at least the DT stuff. >> >> PS. It's better to keep the attribute names the same since the code is >> already depending those names even if I don't like the naming :) >> >> /Jarkko >> >>> Thanks & Regards, >>>- Nayna >>> >>> On 08/30/2016 12:40 PM, Jarkko Sakkinen wrote: On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote: > Existing TPM2.0 support lacks the support for eventlog securityfs file. > This patch adds the binary_bios_measurements to TPM2.0 eventlog > securityfs file. > > Additionally, it also includes the review feedbacks as suggested by > Jason. > > Further, commit msg subject line is prefixed with tpm as was suggested > by Jarkko. Please start using get_maintainers.pl... > Changelog v3: > > * Includes the review feedbacks as suggested by Jason > * Split of patches into one patch per idea > * Generic open() method for ascii/bios measurements > * Replacement of of **bios_dir with *bios_dir[3] > * Verifying readlog() is successful before creating > securityfs entries > * Generic readlog() to check for ACPI/OF in sequence > * read_log_of() method now uses of_node propertry rather than > calling find_device_by_name > * read_log differentiates vtpm/tpm using its compatible property > * Cleans pr_err with dev_dbg > * Commit msgs subject line prefixed with tpm Where is the changlog for v2? /Jarkko > > Nayna Jain (7): >tpm: Define a generic open() method for ascii & bios measurements. >tpm: Replace the dynamically allocated bios_dir as struct dentry > array. >tpm: Validate the eventlog access before tpm_bios_log_setup >tpm: Redefine the read_log method to check for ACPI/OF properties > sequentially >tpm: Replace the of_find_node_by_name() with dev of_node property >tpm: Moves the eventlog init functions to tpm_eventlog_init.c >tpm: Adds securityfs support for TPM2.0 eventlog > > drivers/char/tpm/Makefile| 13 +- > drivers/char/tpm/tpm-chip.c | 21 +--- > drivers/char/tpm/tpm.h | 7 +- > drivers/char/tpm/tpm2.h | 85 + > drivers/char/tpm/tpm2_eventlog.c | 224 > +++ > drivers/char/tpm/tpm_acpi.c | 19 +-- > drivers/char/tpm/tpm_eventlog.c | 154 +--- > drivers/char/tpm/tpm_eventlog.h | 26 ++-- > drivers/char/tpm/tpm_eventlog_init.c | 153 > drivers/char/tpm/tpm_of.c| 65 ++ > 10 files changed, 543 insertions(+), 224 deletions(-) > create mode 100644 drivers/char/tpm/tpm2.h > create mode 100644 drivers/char/tpm/tpm2_eventlog.c > create mode 100644 drivers/char/tpm/tpm_eventlog_init.c > > -- > 2.5.0 > > > -- > ___ > tpmdd-devel mailing list > tpmdd-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/tpmdd-devel >>> > -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support
Jarkko Sakkinenwrote on 09/20/2016 06:04:23 AM: > > On Mon, Sep 19, 2016 at 10:50:15AM -0400, Stefan Berger wrote: > >> You also fail to explain how this should work with ACPI even though > >> we know that there does not exist any kind for event log through ACPI > >> with TPM 2.0 hardware. I.e. just by reading the commits I canobviously > >> see that you are doing major untested code path changes. > > > >That's true there there's not spec for a BIOS at the moment and I would > >expect that TCG will likely not write one. Likely all vendors have moved > >on to (U)EFI. We realized this also while implementing TPM 2 support for > >SeaBIOS and I ended up reusing the ACPI TCPA table but adopted the EFI > >specified log format with that special first entry. Can we > accomodate that > >? > > Does that match to "SHA1 Event Log Entry Format" defined in [1]? In > addition "Crypto Agile Log Entry Format" must be supported. SeaBIOS supports the SHA1 Event Log Entry Format [5.1 in that spec]. It uses it for TPM 1.2. https://code.coreboot.org/p/seabios/source/tree/master/src/std/tcg.h#L521 In case of TPM 2 it will write the first log entry in the format of the Event Log Header [5.3]. https://code.coreboot.org/p/seabios/source/tree/master/src/std/tcg.h#L521 All subsequent entries in the log will be written in Crypto Agile Log Entry Format [5.2]. Again: https://code.coreboot.org/p/seabios/source/tree/master/src/std/tcg.h#L521 UEFI may write into some special buffer that the OS can get to via an API call. In case of SeaBIOS this buffer is just in the TCPA ACPI table, as in TPM 1.2. > > Philip: what was the UEFI handover procedure that was discussed in > TPM BoF at LSS 2016? > > > Stefan > > [1] http://www.trustedcomputinggroup.org/wp-content/uploads/EFI- > Protocol-Specification-rev13-160330final.pdf > > /Jarkko > -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support
On Mon, Sep 19, 2016 at 10:50:15AM -0400, Stefan Berger wrote: >> You also fail to explain how this should work with ACPI even though >> we know that there does not exist any kind for event log through ACPI >> with TPM 2.0 hardware. I.e. just by reading the commits I can obviously >> see that you are doing major untested code path changes. > >That's true there there's not spec for a BIOS at the moment and I would >expect that TCG will likely not write one. Likely all vendors have moved >on to (U)EFI. We realized this also while implementing TPM 2 support for >SeaBIOS and I ended up reusing the ACPI TCPA table but adopted the EFI >specified log format with that special first entry. Can we accomodate that >? Does that match to "SHA1 Event Log Entry Format" defined in [1]? In addition "Crypto Agile Log Entry Format" must be supported. Philip: what was the UEFI handover procedure that was discussed in TPM BoF at LSS 2016? > Stefan [1] http://www.trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf /Jarkko -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support
Jarkko Sakkinenwrote on 08/30/2016 06:16:11 AM: > > On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote: > > Existing TPM2.0 support lacks the support for eventlog securityfs file. > > This patch adds the binary_bios_measurements to TPM2.0 eventlog > > securityfs file. > > This is kind of patch set that would require very elaborate description > how the problem was solved. I cannot really mirror the patches to > anything (especially as the commit messages in commits are also very low > quality). > > If you write bad commit messages, it leaves me worried that the quality > is low by other measure. > > This is just an example but I do not know how this scales with algorithmic > agility. > > You also fail to explain how this should work with ACPI even though > we know that there does not exist any kind for event log through ACPI > with TPM 2.0 hardware. I.e. just by reading the commits I can obviously > see that you are doing major untested code path changes. That's true there there's not spec for a BIOS at the moment and I would expect that TCG will likely not write one. Likely all vendors have moved on to (U)EFI. We realized this also while implementing TPM 2 support for SeaBIOS and I ended up reusing the ACPI TCPA table but adopted the EFI specified log format with that special first entry. Can we accomodate that ? Stefan > > This will need a lot of rework... > > > Additionally, it also includes the review feedbacks as suggested by > > Jason. > > > > Further, commit msg subject line is prefixed with tpm as was suggested > > by Jarkko. > > > > Changelog v3: > > > > * Includes the review feedbacks as suggested by Jason > > * Split of patches into one patch per idea > > * Generic open() method for ascii/bios measurements > > * Replacement of of **bios_dir with *bios_dir[3] > > * Verifying readlog() is successful before creating > > securityfs entries > > * Generic readlog() to check for ACPI/OF in sequence > >* read_log_of() method now uses of_node propertry rather than > > calling find_device_by_name > >* read_log differentiates vtpm/tpm using its compatible property > >* Cleans pr_err with dev_dbg > >* Commit msgs subject line prefixed with tpm > > BTW, what is the logic in this indentation. > > > > > Nayna Jain (7): > > tpm: Define a generic open() method for ascii & bios measurements. > > tpm: Replace the dynamically allocated bios_dir as struct dentry > > array. > > tpm: Validate the eventlog access before tpm_bios_log_setup > > tpm: Redefine the read_log method to check for ACPI/OF properties > > sequentially > > tpm: Replace the of_find_node_by_name() with dev of_node property > > tpm: Moves the eventlog init functions to tpm_eventlog_init.c > > tpm: Adds securityfs support for TPM2.0 eventlog > > > > drivers/char/tpm/Makefile| 13 +- > > drivers/char/tpm/tpm-chip.c | 21 +--- > > drivers/char/tpm/tpm.h | 7 +- > > drivers/char/tpm/tpm2.h | 85 + > > drivers/char/tpm/tpm2_eventlog.c | 224 ++ > + > > drivers/char/tpm/tpm_acpi.c | 19 +-- > > drivers/char/tpm/tpm_eventlog.c | 154 +--- > > drivers/char/tpm/tpm_eventlog.h | 26 ++-- > > drivers/char/tpm/tpm_eventlog_init.c | 153 > > drivers/char/tpm/tpm_of.c| 65 ++ > > 10 files changed, 543 insertions(+), 224 deletions(-) > > create mode 100644 drivers/char/tpm/tpm2.h > > create mode 100644 drivers/char/tpm/tpm2_eventlog.c > > create mode 100644 drivers/char/tpm/tpm_eventlog_init.c > > > > -- > > 2.5.0 > > > > > > > -- > > ___ > > tpmdd-devel mailing list > > tpmdd-devel@lists.sourceforge.net > > https://lists.sourceforge.net/lists/listinfo/tpmdd-devel > > /Jarkko > > -- > ___ > tpmdd-devel mailing list > tpmdd-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/tpmdd-devel > -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support
On Thu, Sep 01, 2016 at 04:45:01PM +0300, Jarkko Sakkinen wrote: > On Wed, Aug 31, 2016 at 11:26:24PM +0530, Nayna wrote: > > Thanks Jarkko for the review. I will address all your comments in my next > > version of patches. > > OK maybe the point I'm trying to make if you forget all the whining is > that with this particular feature we have to be extremely careful > because of the number of stakeholders that depend on it. > > This is not something I would put into 4.10 and no matter who is doing > it, it might take a few more iterations to get right. So take your time. > There's no rush (or more like there can't be rush). Sorry, a typo. I meant the 4.9 release :) 4.10 release is an open question. This should be in production quality by 4.9-rc4/5 in order to make that happen. The good timeline for topic branch would be end of Oct before LPC so that I could carry a setup involving Minnowboard and a discrete TPM module and demo this. I already have a topic branch called 'tabrm' in place for the same conference. /Jarkko > In the meanwhile I'm still in progress on getting the suitable hardware > so that I could test at least the DT stuff. > > PS. It's better to keep the attribute names the same since the code is > already depending those names even if I don't like the naming :) > > /Jarkko > > > Thanks & Regards, > > - Nayna > > > > On 08/30/2016 12:40 PM, Jarkko Sakkinen wrote: > > >On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote: > > >>Existing TPM2.0 support lacks the support for eventlog securityfs file. > > >>This patch adds the binary_bios_measurements to TPM2.0 eventlog > > >>securityfs file. > > >> > > >>Additionally, it also includes the review feedbacks as suggested by > > >>Jason. > > >> > > >>Further, commit msg subject line is prefixed with tpm as was suggested > > >>by Jarkko. > > > > > >Please start using get_maintainers.pl... > > > > > >>Changelog v3: > > >> > > >>* Includes the review feedbacks as suggested by Jason > > >> * Split of patches into one patch per idea > > >> * Generic open() method for ascii/bios measurements > > >> * Replacement of of **bios_dir with *bios_dir[3] > > >> * Verifying readlog() is successful before creating > > >> securityfs entries > > >> * Generic readlog() to check for ACPI/OF in sequence > > >> * read_log_of() method now uses of_node propertry rather than > > >> calling find_device_by_name > > >> * read_log differentiates vtpm/tpm using its compatible property > > >> * Cleans pr_err with dev_dbg > > >> * Commit msgs subject line prefixed with tpm > > > > > >Where is the changlog for v2? > > > > > >/Jarkko > > > > > >> > > >>Nayna Jain (7): > > >> tpm: Define a generic open() method for ascii & bios measurements. > > >> tpm: Replace the dynamically allocated bios_dir as struct dentry > > >> array. > > >> tpm: Validate the eventlog access before tpm_bios_log_setup > > >> tpm: Redefine the read_log method to check for ACPI/OF properties > > >> sequentially > > >> tpm: Replace the of_find_node_by_name() with dev of_node property > > >> tpm: Moves the eventlog init functions to tpm_eventlog_init.c > > >> tpm: Adds securityfs support for TPM2.0 eventlog > > >> > > >> drivers/char/tpm/Makefile| 13 +- > > >> drivers/char/tpm/tpm-chip.c | 21 +--- > > >> drivers/char/tpm/tpm.h | 7 +- > > >> drivers/char/tpm/tpm2.h | 85 + > > >> drivers/char/tpm/tpm2_eventlog.c | 224 > > >> +++ > > >> drivers/char/tpm/tpm_acpi.c | 19 +-- > > >> drivers/char/tpm/tpm_eventlog.c | 154 +--- > > >> drivers/char/tpm/tpm_eventlog.h | 26 ++-- > > >> drivers/char/tpm/tpm_eventlog_init.c | 153 > > >> drivers/char/tpm/tpm_of.c| 65 ++ > > >> 10 files changed, 543 insertions(+), 224 deletions(-) > > >> create mode 100644 drivers/char/tpm/tpm2.h > > >> create mode 100644 drivers/char/tpm/tpm2_eventlog.c > > >> create mode 100644 drivers/char/tpm/tpm_eventlog_init.c > > >> > > >>-- > > >>2.5.0 > > >> > > >> > > >>-- > > >>___ > > >>tpmdd-devel mailing list > > >>tpmdd-devel@lists.sourceforge.net > > >>https://lists.sourceforge.net/lists/listinfo/tpmdd-devel > > > > > -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support
On Wed, Aug 31, 2016 at 11:26:24PM +0530, Nayna wrote: > Thanks Jarkko for the review. I will address all your comments in my next > version of patches. OK maybe the point I'm trying to make if you forget all the whining is that with this particular feature we have to be extremely careful because of the number of stakeholders that depend on it. This is not something I would put into 4.10 and no matter who is doing it, it might take a few more iterations to get right. So take your time. There's no rush (or more like there can't be rush). In the meanwhile I'm still in progress on getting the suitable hardware so that I could test at least the DT stuff. PS. It's better to keep the attribute names the same since the code is already depending those names even if I don't like the naming :) /Jarkko > Thanks & Regards, > - Nayna > > On 08/30/2016 12:40 PM, Jarkko Sakkinen wrote: > >On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote: > >>Existing TPM2.0 support lacks the support for eventlog securityfs file. > >>This patch adds the binary_bios_measurements to TPM2.0 eventlog > >>securityfs file. > >> > >>Additionally, it also includes the review feedbacks as suggested by > >>Jason. > >> > >>Further, commit msg subject line is prefixed with tpm as was suggested > >>by Jarkko. > > > >Please start using get_maintainers.pl... > > > >>Changelog v3: > >> > >>* Includes the review feedbacks as suggested by Jason > >> * Split of patches into one patch per idea > >> * Generic open() method for ascii/bios measurements > >> * Replacement of of **bios_dir with *bios_dir[3] > >> * Verifying readlog() is successful before creating > >> securityfs entries > >> * Generic readlog() to check for ACPI/OF in sequence > >>* read_log_of() method now uses of_node propertry rather than > >> calling find_device_by_name > >>* read_log differentiates vtpm/tpm using its compatible property > >>* Cleans pr_err with dev_dbg > >>* Commit msgs subject line prefixed with tpm > > > >Where is the changlog for v2? > > > >/Jarkko > > > >> > >>Nayna Jain (7): > >> tpm: Define a generic open() method for ascii & bios measurements. > >> tpm: Replace the dynamically allocated bios_dir as struct dentry > >> array. > >> tpm: Validate the eventlog access before tpm_bios_log_setup > >> tpm: Redefine the read_log method to check for ACPI/OF properties > >> sequentially > >> tpm: Replace the of_find_node_by_name() with dev of_node property > >> tpm: Moves the eventlog init functions to tpm_eventlog_init.c > >> tpm: Adds securityfs support for TPM2.0 eventlog > >> > >> drivers/char/tpm/Makefile| 13 +- > >> drivers/char/tpm/tpm-chip.c | 21 +--- > >> drivers/char/tpm/tpm.h | 7 +- > >> drivers/char/tpm/tpm2.h | 85 + > >> drivers/char/tpm/tpm2_eventlog.c | 224 > >> +++ > >> drivers/char/tpm/tpm_acpi.c | 19 +-- > >> drivers/char/tpm/tpm_eventlog.c | 154 +--- > >> drivers/char/tpm/tpm_eventlog.h | 26 ++-- > >> drivers/char/tpm/tpm_eventlog_init.c | 153 > >> drivers/char/tpm/tpm_of.c| 65 ++ > >> 10 files changed, 543 insertions(+), 224 deletions(-) > >> create mode 100644 drivers/char/tpm/tpm2.h > >> create mode 100644 drivers/char/tpm/tpm2_eventlog.c > >> create mode 100644 drivers/char/tpm/tpm_eventlog_init.c > >> > >>-- > >>2.5.0 > >> > >> > >>-- > >>___ > >>tpmdd-devel mailing list > >>tpmdd-devel@lists.sourceforge.net > >>https://lists.sourceforge.net/lists/listinfo/tpmdd-devel > > > -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support
Thanks Jarkko for the review. I will address all your comments in my next version of patches. Thanks & Regards, - Nayna On 08/30/2016 12:40 PM, Jarkko Sakkinen wrote: > On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote: >> Existing TPM2.0 support lacks the support for eventlog securityfs file. >> This patch adds the binary_bios_measurements to TPM2.0 eventlog >> securityfs file. >> >> Additionally, it also includes the review feedbacks as suggested by >> Jason. >> >> Further, commit msg subject line is prefixed with tpm as was suggested >> by Jarkko. > > Please start using get_maintainers.pl... > >> Changelog v3: >> >> * Includes the review feedbacks as suggested by Jason >> * Split of patches into one patch per idea >> * Generic open() method for ascii/bios measurements >> * Replacement of of **bios_dir with *bios_dir[3] >> * Verifying readlog() is successful before creating >> securityfs entries >> * Generic readlog() to check for ACPI/OF in sequence >> * read_log_of() method now uses of_node propertry rather than >> calling find_device_by_name >> * read_log differentiates vtpm/tpm using its compatible property >> * Cleans pr_err with dev_dbg >> * Commit msgs subject line prefixed with tpm > > Where is the changlog for v2? > > /Jarkko > >> >> Nayna Jain (7): >>tpm: Define a generic open() method for ascii & bios measurements. >>tpm: Replace the dynamically allocated bios_dir as struct dentry >> array. >>tpm: Validate the eventlog access before tpm_bios_log_setup >>tpm: Redefine the read_log method to check for ACPI/OF properties >> sequentially >>tpm: Replace the of_find_node_by_name() with dev of_node property >>tpm: Moves the eventlog init functions to tpm_eventlog_init.c >>tpm: Adds securityfs support for TPM2.0 eventlog >> >> drivers/char/tpm/Makefile| 13 +- >> drivers/char/tpm/tpm-chip.c | 21 +--- >> drivers/char/tpm/tpm.h | 7 +- >> drivers/char/tpm/tpm2.h | 85 + >> drivers/char/tpm/tpm2_eventlog.c | 224 >> +++ >> drivers/char/tpm/tpm_acpi.c | 19 +-- >> drivers/char/tpm/tpm_eventlog.c | 154 +--- >> drivers/char/tpm/tpm_eventlog.h | 26 ++-- >> drivers/char/tpm/tpm_eventlog_init.c | 153 >> drivers/char/tpm/tpm_of.c| 65 ++ >> 10 files changed, 543 insertions(+), 224 deletions(-) >> create mode 100644 drivers/char/tpm/tpm2.h >> create mode 100644 drivers/char/tpm/tpm2_eventlog.c >> create mode 100644 drivers/char/tpm/tpm_eventlog_init.c >> >> -- >> 2.5.0 >> >> >> -- >> ___ >> tpmdd-devel mailing list >> tpmdd-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel > -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support
On Tue, Aug 30, 2016 at 01:16:11PM +0300, Jarkko Sakkinen wrote: > On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote: > > Existing TPM2.0 support lacks the support for eventlog securityfs file. > > This patch adds the binary_bios_measurements to TPM2.0 eventlog > > securityfs file. > > This is kind of patch set that would require very elaborate description > how the problem was solved. I cannot really mirror the patches to > anything (especially as the commit messages in commits are also very low > quality). > > If you write bad commit messages, it leaves me worried that the quality > is low by other measure. > > This is just an example but I do not know how this scales with algorithmic > agility. > > You also fail to explain how this should work with ACPI even though > we know that there does not exist any kind for event log through ACPI > with TPM 2.0 hardware. I.e. just by reading the commits I can obviously > see that you are doing major untested code path changes. > > This will need a lot of rework... I can create a topic branch for this when this patch set starts to converge more or less acceptable shape because that will help other to work on the grub-kernel event log hand over. This will take a while because I first want to test the code and I'm just started to acquire hardware for that. The dots need to be connected with this, event log handover and IMA for the kexec. /Jarkko -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support
On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote: > Existing TPM2.0 support lacks the support for eventlog securityfs file. > This patch adds the binary_bios_measurements to TPM2.0 eventlog > securityfs file. This is kind of patch set that would require very elaborate description how the problem was solved. I cannot really mirror the patches to anything (especially as the commit messages in commits are also very low quality). If you write bad commit messages, it leaves me worried that the quality is low by other measure. This is just an example but I do not know how this scales with algorithmic agility. You also fail to explain how this should work with ACPI even though we know that there does not exist any kind for event log through ACPI with TPM 2.0 hardware. I.e. just by reading the commits I can obviously see that you are doing major untested code path changes. This will need a lot of rework... > Additionally, it also includes the review feedbacks as suggested by > Jason. > > Further, commit msg subject line is prefixed with tpm as was suggested > by Jarkko. > > Changelog v3: > > * Includes the review feedbacks as suggested by Jason > * Split of patches into one patch per idea > * Generic open() method for ascii/bios measurements > * Replacement of of **bios_dir with *bios_dir[3] > * Verifying readlog() is successful before creating > securityfs entries > * Generic readlog() to check for ACPI/OF in sequence > * read_log_of() method now uses of_node propertry rather than > calling find_device_by_name > * read_log differentiates vtpm/tpm using its compatible property > * Cleans pr_err with dev_dbg > * Commit msgs subject line prefixed with tpm BTW, what is the logic in this indentation. > > Nayna Jain (7): > tpm: Define a generic open() method for ascii & bios measurements. > tpm: Replace the dynamically allocated bios_dir as struct dentry > array. > tpm: Validate the eventlog access before tpm_bios_log_setup > tpm: Redefine the read_log method to check for ACPI/OF properties > sequentially > tpm: Replace the of_find_node_by_name() with dev of_node property > tpm: Moves the eventlog init functions to tpm_eventlog_init.c > tpm: Adds securityfs support for TPM2.0 eventlog > > drivers/char/tpm/Makefile| 13 +- > drivers/char/tpm/tpm-chip.c | 21 +--- > drivers/char/tpm/tpm.h | 7 +- > drivers/char/tpm/tpm2.h | 85 + > drivers/char/tpm/tpm2_eventlog.c | 224 > +++ > drivers/char/tpm/tpm_acpi.c | 19 +-- > drivers/char/tpm/tpm_eventlog.c | 154 +--- > drivers/char/tpm/tpm_eventlog.h | 26 ++-- > drivers/char/tpm/tpm_eventlog_init.c | 153 > drivers/char/tpm/tpm_of.c| 65 ++ > 10 files changed, 543 insertions(+), 224 deletions(-) > create mode 100644 drivers/char/tpm/tpm2.h > create mode 100644 drivers/char/tpm/tpm2_eventlog.c > create mode 100644 drivers/char/tpm/tpm_eventlog_init.c > > -- > 2.5.0 > > > -- > ___ > tpmdd-devel mailing list > tpmdd-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/tpmdd-devel /Jarkko -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
Re: [tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support
On Tue, Aug 30, 2016 at 12:50:12AM -0400, Nayna Jain wrote: > Existing TPM2.0 support lacks the support for eventlog securityfs file. > This patch adds the binary_bios_measurements to TPM2.0 eventlog > securityfs file. > > Additionally, it also includes the review feedbacks as suggested by > Jason. > > Further, commit msg subject line is prefixed with tpm as was suggested > by Jarkko. Please start using get_maintainers.pl... > Changelog v3: > > * Includes the review feedbacks as suggested by Jason > * Split of patches into one patch per idea > * Generic open() method for ascii/bios measurements > * Replacement of of **bios_dir with *bios_dir[3] > * Verifying readlog() is successful before creating > securityfs entries > * Generic readlog() to check for ACPI/OF in sequence > * read_log_of() method now uses of_node propertry rather than > calling find_device_by_name > * read_log differentiates vtpm/tpm using its compatible property > * Cleans pr_err with dev_dbg > * Commit msgs subject line prefixed with tpm Where is the changlog for v2? /Jarkko > > Nayna Jain (7): > tpm: Define a generic open() method for ascii & bios measurements. > tpm: Replace the dynamically allocated bios_dir as struct dentry > array. > tpm: Validate the eventlog access before tpm_bios_log_setup > tpm: Redefine the read_log method to check for ACPI/OF properties > sequentially > tpm: Replace the of_find_node_by_name() with dev of_node property > tpm: Moves the eventlog init functions to tpm_eventlog_init.c > tpm: Adds securityfs support for TPM2.0 eventlog > > drivers/char/tpm/Makefile| 13 +- > drivers/char/tpm/tpm-chip.c | 21 +--- > drivers/char/tpm/tpm.h | 7 +- > drivers/char/tpm/tpm2.h | 85 + > drivers/char/tpm/tpm2_eventlog.c | 224 > +++ > drivers/char/tpm/tpm_acpi.c | 19 +-- > drivers/char/tpm/tpm_eventlog.c | 154 +--- > drivers/char/tpm/tpm_eventlog.h | 26 ++-- > drivers/char/tpm/tpm_eventlog_init.c | 153 > drivers/char/tpm/tpm_of.c| 65 ++ > 10 files changed, 543 insertions(+), 224 deletions(-) > create mode 100644 drivers/char/tpm/tpm2.h > create mode 100644 drivers/char/tpm/tpm2_eventlog.c > create mode 100644 drivers/char/tpm/tpm_eventlog_init.c > > -- > 2.5.0 > > > -- > ___ > tpmdd-devel mailing list > tpmdd-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/tpmdd-devel -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
[tpmdd-devel] [PATCH v3 0/7] tpm: TPM2.0 eventlog securityfs support
Existing TPM2.0 support lacks the support for eventlog securityfs file. This patch adds the binary_bios_measurements to TPM2.0 eventlog securityfs file. Additionally, it also includes the review feedbacks as suggested by Jason. Further, commit msg subject line is prefixed with tpm as was suggested by Jarkko. Changelog v3: * Includes the review feedbacks as suggested by Jason * Split of patches into one patch per idea * Generic open() method for ascii/bios measurements * Replacement of of **bios_dir with *bios_dir[3] * Verifying readlog() is successful before creating securityfs entries * Generic readlog() to check for ACPI/OF in sequence * read_log_of() method now uses of_node propertry rather than calling find_device_by_name * read_log differentiates vtpm/tpm using its compatible property * Cleans pr_err with dev_dbg * Commit msgs subject line prefixed with tpm Nayna Jain (7): tpm: Define a generic open() method for ascii & bios measurements. tpm: Replace the dynamically allocated bios_dir as struct dentry array. tpm: Validate the eventlog access before tpm_bios_log_setup tpm: Redefine the read_log method to check for ACPI/OF properties sequentially tpm: Replace the of_find_node_by_name() with dev of_node property tpm: Moves the eventlog init functions to tpm_eventlog_init.c tpm: Adds securityfs support for TPM2.0 eventlog drivers/char/tpm/Makefile| 13 +- drivers/char/tpm/tpm-chip.c | 21 +--- drivers/char/tpm/tpm.h | 7 +- drivers/char/tpm/tpm2.h | 85 + drivers/char/tpm/tpm2_eventlog.c | 224 +++ drivers/char/tpm/tpm_acpi.c | 19 +-- drivers/char/tpm/tpm_eventlog.c | 154 +--- drivers/char/tpm/tpm_eventlog.h | 26 ++-- drivers/char/tpm/tpm_eventlog_init.c | 153 drivers/char/tpm/tpm_of.c| 65 ++ 10 files changed, 543 insertions(+), 224 deletions(-) create mode 100644 drivers/char/tpm/tpm2.h create mode 100644 drivers/char/tpm/tpm2_eventlog.c create mode 100644 drivers/char/tpm/tpm_eventlog_init.c -- 2.5.0 -- ___ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel