diff mbox series

[v2] tpm: Add major_version sysfs file

Message ID 20191025193103.30226-1-jsnitsel@redhat.com (mailing list archive)
State New, archived
Headers show
Series [v2] tpm: Add major_version sysfs file | expand

Commit Message

Jerry Snitselaar Oct. 25, 2019, 7:31 p.m. UTC 
Easily determining what TCG version a tpm device implements
has been a pain point for userspace for a long time, so
add a sysfs file to report the TCG version of a tpm device.

Also add an entry to Documentation/ABI/stable/sysfs-class-tpm
describing the new file.

Cc: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Peter Huewe <peterhuewe@gmx.de>
Cc: Jason Gunthorpe <jgg@ziepe.ca>
Cc: linux-integrity@vger.kernel.org
Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
---
v2: - Fix TCG usage in commit message.
    - Add entry to sysfs-class-tpm in Documentation/ABI/stable

 Documentation/ABI/stable/sysfs-class-tpm | 11 ++++++++
 drivers/char/tpm/tpm-sysfs.c             | 34 +++++++++++++++++++-----
 2 files changed, 38 insertions(+), 7 deletions(-)

Comments

Jarkko Sakkinen Oct. 28, 2019, 8:53 p.m. UTC | #1 
On Fri, Oct 25, 2019 at 12:31:03PM -0700, Jerry Snitselaar wrote:
> +	return sprintf(buf, "%s\n", chip->flags & TPM_CHIP_FLAG_TPM2
> +		       ? "2.0" : "1.2");

This is not right. Should be either "1" or "2".

/Jarkko
Jerry Snitselaar Oct. 28, 2019, 9:05 p.m. UTC | #2 
On Mon Oct 28 19, Jarkko Sakkinen wrote:
>On Fri, Oct 25, 2019 at 12:31:03PM -0700, Jerry Snitselaar wrote:
>> +	return sprintf(buf, "%s\n", chip->flags & TPM_CHIP_FLAG_TPM2
>> +		       ? "2.0" : "1.2");
>
>This is not right. Should be either "1" or "2".
>
>/Jarkko

Okay I will fix that up. Do we have a final decision on the file name,
major_version versus version_major?
Jarkko Sakkinen Oct. 29, 2019, 9:17 a.m. UTC | #3 
On Mon, Oct 28, 2019 at 02:05:07PM -0700, Jerry Snitselaar wrote:
> On Mon Oct 28 19, Jarkko Sakkinen wrote:
> > On Fri, Oct 25, 2019 at 12:31:03PM -0700, Jerry Snitselaar wrote:
> > > +	return sprintf(buf, "%s\n", chip->flags & TPM_CHIP_FLAG_TPM2
> > > +		       ? "2.0" : "1.2");
> > 
> > This is not right. Should be either "1" or "2".
> > 
> > /Jarkko
> 
> Okay I will fix that up. Do we have a final decision on the file name,
> major_version versus version_major?

Well, I don't see how major_version would make any sense. It is
not as future proof as version_major. Still waiting for Jason's
feedback for this.

/Jarkko
Jason Gunthorpe Oct. 29, 2019, 12:43 p.m. UTC | #4 
On Tue, Oct 29, 2019 at 11:17:31AM +0200, Jarkko Sakkinen wrote:
> On Mon, Oct 28, 2019 at 02:05:07PM -0700, Jerry Snitselaar wrote:
> > On Mon Oct 28 19, Jarkko Sakkinen wrote:
> > > On Fri, Oct 25, 2019 at 12:31:03PM -0700, Jerry Snitselaar wrote:
> > > > +	return sprintf(buf, "%s\n", chip->flags & TPM_CHIP_FLAG_TPM2
> > > > +		       ? "2.0" : "1.2");
> > > 
> > > This is not right. Should be either "1" or "2".
> > > 
> > > /Jarkko
> > 
> > Okay I will fix that up. Do we have a final decision on the file name,
> > major_version versus version_major?
> 
> Well, I don't see how major_version would make any sense. It is
> not as future proof as version_major. Still waiting for Jason's
> feedback for this.

$ find /sys/ -name  "*version*"
/sys/devices/pci0000:00/0000:00:17.0/ata1/host0/scsi_host/host0/ahci_host_version
/sys/devices/virtual/net/docker0/bridge/multicast_mld_version
/sys/devices/virtual/net/docker0/bridge/multicast_igmp_version
/sys/firmware/efi/esrt/entries/entry0/lowest_supported_fw_version
/sys/firmware/efi/esrt/entries/entry0/last_attempt_version
/sys/firmware/efi/esrt/entries/entry0/fw_version
/sys/module/acpi/parameters/acpica_version

etc..

Not a single example of the backward version.

Most likely it should be called 'tpm_version'

Jason
Jarkko Sakkinen Oct. 29, 2019, 2:22 p.m. UTC | #5 
On Tue, Oct 29, 2019 at 09:43:42AM -0300, Jason Gunthorpe wrote:
> On Tue, Oct 29, 2019 at 11:17:31AM +0200, Jarkko Sakkinen wrote:
> > On Mon, Oct 28, 2019 at 02:05:07PM -0700, Jerry Snitselaar wrote:
> > > On Mon Oct 28 19, Jarkko Sakkinen wrote:
> > > > On Fri, Oct 25, 2019 at 12:31:03PM -0700, Jerry Snitselaar wrote:
> > > > > +	return sprintf(buf, "%s\n", chip->flags & TPM_CHIP_FLAG_TPM2
> > > > > +		       ? "2.0" : "1.2");
> > > > 
> > > > This is not right. Should be either "1" or "2".
> > > > 
> > > > /Jarkko
> > > 
> > > Okay I will fix that up. Do we have a final decision on the file name,
> > > major_version versus version_major?
> > 
> > Well, I don't see how major_version would make any sense. It is
> > not as future proof as version_major. Still waiting for Jason's
> > feedback for this.
> 
> $ find /sys/ -name  "*version*"
> /sys/devices/pci0000:00/0000:00:17.0/ata1/host0/scsi_host/host0/ahci_host_version
> /sys/devices/virtual/net/docker0/bridge/multicast_mld_version
> /sys/devices/virtual/net/docker0/bridge/multicast_igmp_version
> /sys/firmware/efi/esrt/entries/entry0/lowest_supported_fw_version
> /sys/firmware/efi/esrt/entries/entry0/last_attempt_version
> /sys/firmware/efi/esrt/entries/entry0/fw_version
> /sys/module/acpi/parameters/acpica_version
> 
> etc..
> 
> Not a single example of the backward version.
> 
> Most likely it should be called 'tpm_version'

The postfix gives tells the part of the version number that the file
reports. If you really want to add the prefix, then the appropriate
name would be tpm_version_major.

I'd still go with just version_major as tpm_ prefix is somewhat
redundant.

/Jarkko
James Bottomley Oct. 29, 2019, 2:56 p.m. UTC | #6 
On Tue, 2019-10-29 at 16:22 +0200, Jarkko Sakkinen wrote:
> On Tue, Oct 29, 2019 at 09:43:42AM -0300, Jason Gunthorpe wrote:
> > On Tue, Oct 29, 2019 at 11:17:31AM +0200, Jarkko Sakkinen wrote:
> > > On Mon, Oct 28, 2019 at 02:05:07PM -0700, Jerry Snitselaar wrote:
> > > > On Mon Oct 28 19, Jarkko Sakkinen wrote:
> > > > > On Fri, Oct 25, 2019 at 12:31:03PM -0700, Jerry Snitselaar
> > > > > wrote:
> > > > > > +	return sprintf(buf, "%s\n", chip->flags &
> > > > > > TPM_CHIP_FLAG_TPM2
> > > > > > +		       ? "2.0" : "1.2");
> > > > > 
> > > > > This is not right. Should be either "1" or "2".
> > > > > 
> > > > > /Jarkko
> > > > 
> > > > Okay I will fix that up. Do we have a final decision on the
> > > > file name,
> > > > major_version versus version_major?
> > > 
> > > Well, I don't see how major_version would make any sense. It is
> > > not as future proof as version_major. Still waiting for Jason's
> > > feedback for this.
> > 
> > $ find /sys/ -name  "*version*"
> > /sys/devices/pci0000:00/0000:00:17.0/ata1/host0/scsi_host/host0/ahc
> > i_host_version
> > /sys/devices/virtual/net/docker0/bridge/multicast_mld_version
> > /sys/devices/virtual/net/docker0/bridge/multicast_igmp_version
> > /sys/firmware/efi/esrt/entries/entry0/lowest_supported_fw_version
> > /sys/firmware/efi/esrt/entries/entry0/last_attempt_version
> > /sys/firmware/efi/esrt/entries/entry0/fw_version
> > /sys/module/acpi/parameters/acpica_version
> > 
> > etc..
> > 
> > Not a single example of the backward version.
> > 
> > Most likely it should be called 'tpm_version'
> 
> The postfix gives tells the part of the version number that the file
> reports. If you really want to add the prefix, then the appropriate
> name would be tpm_version_major.
> 
> I'd still go with just version_major as tpm_ prefix is somewhat
> redundant.

You have to be careful with overly generic names in sysfs ... this is
what happened to us in SCSI:

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42caa0edabd6a0a392ec36a5f0943924e4954311

That's not to say version_major is wrong ... plenty of sysfs files have
generic names like this, it's just that tpm_version_major might be more
future proof.

James
Jason Gunthorpe Oct. 29, 2019, 3:22 p.m. UTC | #7 
On Tue, Oct 29, 2019 at 07:56:48AM -0700, James Bottomley wrote:
> On Tue, 2019-10-29 at 16:22 +0200, Jarkko Sakkinen wrote:
> > On Tue, Oct 29, 2019 at 09:43:42AM -0300, Jason Gunthorpe wrote:
> > > On Tue, Oct 29, 2019 at 11:17:31AM +0200, Jarkko Sakkinen wrote:
> > > > On Mon, Oct 28, 2019 at 02:05:07PM -0700, Jerry Snitselaar wrote:
> > > > > On Mon Oct 28 19, Jarkko Sakkinen wrote:
> > > > > > On Fri, Oct 25, 2019 at 12:31:03PM -0700, Jerry Snitselaar
> > > > > > wrote:
> > > > > > > +	return sprintf(buf, "%s\n", chip->flags &
> > > > > > > TPM_CHIP_FLAG_TPM2
> > > > > > > +		       ? "2.0" : "1.2");
> > > > > > 
> > > > > > This is not right. Should be either "1" or "2".
> > > > > > 
> > > > > > /Jarkko
> > > > > 
> > > > > Okay I will fix that up. Do we have a final decision on the
> > > > > file name,
> > > > > major_version versus version_major?
> > > > 
> > > > Well, I don't see how major_version would make any sense. It is
> > > > not as future proof as version_major. Still waiting for Jason's
> > > > feedback for this.
> > > 
> > > $ find /sys/ -name  "*version*"
> > > /sys/devices/pci0000:00/0000:00:17.0/ata1/host0/scsi_host/host0/ahc
> > > i_host_version
> > > /sys/devices/virtual/net/docker0/bridge/multicast_mld_version
> > > /sys/devices/virtual/net/docker0/bridge/multicast_igmp_version
> > > /sys/firmware/efi/esrt/entries/entry0/lowest_supported_fw_version
> > > /sys/firmware/efi/esrt/entries/entry0/last_attempt_version
> > > /sys/firmware/efi/esrt/entries/entry0/fw_version
> > > /sys/module/acpi/parameters/acpica_version
> > > 
> > > etc..
> > > 
> > > Not a single example of the backward version.
> > > 
> > > Most likely it should be called 'tpm_version'
> > 
> > The postfix gives tells the part of the version number that the file
> > reports. If you really want to add the prefix, then the appropriate
> > name would be tpm_version_major.
> > 
> > I'd still go with just version_major as tpm_ prefix is somewhat
> > redundant.
> 
> You have to be careful with overly generic names in sysfs ... this is
> what happened to us in SCSI:
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42caa0edabd6a0a392ec36a5f0943924e4954311
> 
> That's not to say version_major is wrong ... plenty of sysfs files have
> generic names like this, it's just that tpm_version_major might be more
> future proof.

Indeed, it is a bit a global namespace, so nothing wrong with adding
tpm_

Jason
Jerry Snitselaar Oct. 29, 2019, 7:11 p.m. UTC | #8 
On Tue Oct 29 19, Jason Gunthorpe wrote:
>On Tue, Oct 29, 2019 at 07:56:48AM -0700, James Bottomley wrote:
>> On Tue, 2019-10-29 at 16:22 +0200, Jarkko Sakkinen wrote:
>> > On Tue, Oct 29, 2019 at 09:43:42AM -0300, Jason Gunthorpe wrote:
>> > > On Tue, Oct 29, 2019 at 11:17:31AM +0200, Jarkko Sakkinen wrote:
>> > > > On Mon, Oct 28, 2019 at 02:05:07PM -0700, Jerry Snitselaar wrote:
>> > > > > On Mon Oct 28 19, Jarkko Sakkinen wrote:
>> > > > > > On Fri, Oct 25, 2019 at 12:31:03PM -0700, Jerry Snitselaar
>> > > > > > wrote:
>> > > > > > > +	return sprintf(buf, "%s\n", chip->flags &
>> > > > > > > TPM_CHIP_FLAG_TPM2
>> > > > > > > +		       ? "2.0" : "1.2");
>> > > > > >
>> > > > > > This is not right. Should be either "1" or "2".
>> > > > > >
>> > > > > > /Jarkko
>> > > > >
>> > > > > Okay I will fix that up. Do we have a final decision on the
>> > > > > file name,
>> > > > > major_version versus version_major?
>> > > >
>> > > > Well, I don't see how major_version would make any sense. It is
>> > > > not as future proof as version_major. Still waiting for Jason's
>> > > > feedback for this.
>> > >
>> > > $ find /sys/ -name  "*version*"
>> > > /sys/devices/pci0000:00/0000:00:17.0/ata1/host0/scsi_host/host0/ahc
>> > > i_host_version
>> > > /sys/devices/virtual/net/docker0/bridge/multicast_mld_version
>> > > /sys/devices/virtual/net/docker0/bridge/multicast_igmp_version
>> > > /sys/firmware/efi/esrt/entries/entry0/lowest_supported_fw_version
>> > > /sys/firmware/efi/esrt/entries/entry0/last_attempt_version
>> > > /sys/firmware/efi/esrt/entries/entry0/fw_version
>> > > /sys/module/acpi/parameters/acpica_version
>> > >
>> > > etc..
>> > >
>> > > Not a single example of the backward version.
>> > >
>> > > Most likely it should be called 'tpm_version'
>> >
>> > The postfix gives tells the part of the version number that the file
>> > reports. If you really want to add the prefix, then the appropriate
>> > name would be tpm_version_major.
>> >
>> > I'd still go with just version_major as tpm_ prefix is somewhat
>> > redundant.
>>
>> You have to be careful with overly generic names in sysfs ... this is
>> what happened to us in SCSI:
>>
>> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42caa0edabd6a0a392ec36a5f0943924e4954311
>>
>> That's not to say version_major is wrong ... plenty of sysfs files have
>> generic names like this, it's just that tpm_version_major might be more
>> future proof.
>
>Indeed, it is a bit a global namespace, so nothing wrong with adding
>tpm_
>
>Jason

So tpm_version_major?
Jarkko Sakkinen Oct. 31, 2019, 9:04 p.m. UTC | #9 
On Tue, Oct 29, 2019 at 07:56:48AM -0700, James Bottomley wrote:
> On Tue, 2019-10-29 at 16:22 +0200, Jarkko Sakkinen wrote:
> > On Tue, Oct 29, 2019 at 09:43:42AM -0300, Jason Gunthorpe wrote:
> > > On Tue, Oct 29, 2019 at 11:17:31AM +0200, Jarkko Sakkinen wrote:
> > > > On Mon, Oct 28, 2019 at 02:05:07PM -0700, Jerry Snitselaar wrote:
> > > > > On Mon Oct 28 19, Jarkko Sakkinen wrote:
> > > > > > On Fri, Oct 25, 2019 at 12:31:03PM -0700, Jerry Snitselaar
> > > > > > wrote:
> > > > > > > +	return sprintf(buf, "%s\n", chip->flags &
> > > > > > > TPM_CHIP_FLAG_TPM2
> > > > > > > +		       ? "2.0" : "1.2");
> > > > > > 
> > > > > > This is not right. Should be either "1" or "2".
> > > > > > 
> > > > > > /Jarkko
> > > > > 
> > > > > Okay I will fix that up. Do we have a final decision on the
> > > > > file name,
> > > > > major_version versus version_major?
> > > > 
> > > > Well, I don't see how major_version would make any sense. It is
> > > > not as future proof as version_major. Still waiting for Jason's
> > > > feedback for this.
> > > 
> > > $ find /sys/ -name  "*version*"
> > > /sys/devices/pci0000:00/0000:00:17.0/ata1/host0/scsi_host/host0/ahc
> > > i_host_version
> > > /sys/devices/virtual/net/docker0/bridge/multicast_mld_version
> > > /sys/devices/virtual/net/docker0/bridge/multicast_igmp_version
> > > /sys/firmware/efi/esrt/entries/entry0/lowest_supported_fw_version
> > > /sys/firmware/efi/esrt/entries/entry0/last_attempt_version
> > > /sys/firmware/efi/esrt/entries/entry0/fw_version
> > > /sys/module/acpi/parameters/acpica_version
> > > 
> > > etc..
> > > 
> > > Not a single example of the backward version.
> > > 
> > > Most likely it should be called 'tpm_version'
> > 
> > The postfix gives tells the part of the version number that the file
> > reports. If you really want to add the prefix, then the appropriate
> > name would be tpm_version_major.
> > 
> > I'd still go with just version_major as tpm_ prefix is somewhat
> > redundant.
> 
> You have to be careful with overly generic names in sysfs ... this is
> what happened to us in SCSI:
> 
> https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=42caa0edabd6a0a392ec36a5f0943924e4954311
> 
> That's not to say version_major is wrong ... plenty of sysfs files have
> generic names like this, it's just that tpm_version_major might be more
> future proof.

I'm cool with that name as long as the postfix also stays.

/Jarkko
diff mbox series

Patch

diff --git a/Documentation/ABI/stable/sysfs-class-tpm b/Documentation/ABI/stable/sysfs-class-tpm
index c0e23830f56a..c6bd02bafafd 100644
--- a/Documentation/ABI/stable/sysfs-class-tpm
+++ b/Documentation/ABI/stable/sysfs-class-tpm
@@ -183,3 +183,14 @@  Description:	The "timeouts" property shows the 4 vendor-specific values
 		The four timeout values are shown in usecs, with a trailing
 		"[original]" or "[adjusted]" depending on whether the values
 		were scaled by the driver to be reported in usec from msecs.
+
+What:		/sys/class/tpm/tpmX/major_version
+Date:		October 2019
+KernelVersion:	5.5
+Contact:	linux-integrity@vger.kernel.org
+Description:	The "major_version" property shows the TCG spec version
+		implemented by the TPM device.
+
+		Example output:
+
+		2.0
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c
index edfa89160010..9372c2d6f0b3 100644
--- a/drivers/char/tpm/tpm-sysfs.c
+++ b/drivers/char/tpm/tpm-sysfs.c
@@ -309,7 +309,17 @@  static ssize_t timeouts_show(struct device *dev, struct device_attribute *attr,
 }
 static DEVICE_ATTR_RO(timeouts);
 
-static struct attribute *tpm_dev_attrs[] = {
+static ssize_t major_version_show(struct device *dev,
+				  struct device_attribute *attr, char *buf)
+{
+	struct tpm_chip *chip = to_tpm_chip(dev);
+
+	return sprintf(buf, "%s\n", chip->flags & TPM_CHIP_FLAG_TPM2
+		       ? "2.0" : "1.2");
+}
+static DEVICE_ATTR_RO(major_version);
+
+static struct attribute *tpm12_dev_attrs[] = {
 	&dev_attr_pubek.attr,
 	&dev_attr_pcrs.attr,
 	&dev_attr_enabled.attr,
@@ -320,18 +330,28 @@  static struct attribute *tpm_dev_attrs[] = {
 	&dev_attr_cancel.attr,
 	&dev_attr_durations.attr,
 	&dev_attr_timeouts.attr,
+	&dev_attr_major_version.attr,
 	NULL,
 };
 
-static const struct attribute_group tpm_dev_group = {
-	.attrs = tpm_dev_attrs,
+static struct attribute *tpm20_dev_attrs[] = {
+	&dev_attr_major_version.attr,
+	NULL
+};
+
+static const struct attribute_group tpm12_dev_group = {
+	.attrs = tpm12_dev_attrs,
+};
+
+static const struct attribute_group tpm20_dev_group = {
+	.attrs = tpm20_dev_attrs,
 };
 
 void tpm_sysfs_add_device(struct tpm_chip *chip)
 {
-	if (chip->flags & TPM_CHIP_FLAG_TPM2)
-		return;
-
 	WARN_ON(chip->groups_cnt != 0);
-	chip->groups[chip->groups_cnt++] = &tpm_dev_group;
+	if (chip->flags & TPM_CHIP_FLAG_TPM2)
+		chip->groups[chip->groups_cnt++] = &tpm20_dev_group;
+	else
+		chip->groups[chip->groups_cnt++] = &tpm12_dev_group;
 }