Message ID | 1494460462-29022-2-git-send-email-stefanb@linux.vnet.ibm.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
On 05/10/2017 07:54 PM, Stefan Berger wrote: > Refactor tpm_transmit and pull out code sending the command > and receiving the response and put this into tpm_transfer. > > Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> > --- > drivers/char/tpm/tpm-interface.c | 121 +++++++++++++++++++++++---------------- > 1 file changed, 73 insertions(+), 48 deletions(-) > > diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c > index 158c1db..263b6d1 100644 > --- a/drivers/char/tpm/tpm-interface.c > +++ b/drivers/char/tpm/tpm-interface.c > @@ -370,67 +370,29 @@ static bool tpm_validate_command(struct tpm_chip *chip, > } > > /** > - * tmp_transmit - Internal kernel interface to transmit TPM commands. > + * tmp_transfer - Send a TPM command to the TPM and receive response > * > * @chip: TPM chip to use > * @buf: TPM command buffer > + * @count: size of the TPM command > * @bufsiz: length of the TPM command buffer > - * @flags: tpm transmit flags - bitmap > * > * Return: > - * 0 when the operation is successful. > + * >0 when the operation is successful; returns response length > * A negative number for system errors (errno). > */ > -ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, > - u8 *buf, size_t bufsiz, unsigned int flags) > +ssize_t tpm_transfer(struct tpm_chip *chip, u8 *buf, u32 count, size_t bufsiz) > { > - struct tpm_output_header *header = (void *)buf; > int rc; > + struct tpm_output_header *header = (void *)buf; > + u32 ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); > ssize_t len = 0; > - u32 count, ordinal; > unsigned long stop; > - bool need_locality; > - > - if (!tpm_validate_command(chip, space, buf, bufsiz)) > - return -EINVAL; > - > - if (bufsiz > TPM_BUFSIZE) > - bufsiz = TPM_BUFSIZE; > - > - count = be32_to_cpu(*((__be32 *) (buf + 2))); > - ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); > - if (count == 0) > - return -ENODATA; > - if (count > bufsiz) { > - dev_err(&chip->dev, > - "invalid count value %x %zx\n", count, bufsiz); > - return -E2BIG; > - } > - > - if (!(flags & TPM_TRANSMIT_UNLOCKED)) > - mutex_lock(&chip->tpm_mutex); > - > - if (chip->dev.parent) > - pm_runtime_get_sync(chip->dev.parent); > - > - /* Store the decision as chip->locality will be changed. */ > - need_locality = chip->locality == -1; > - > - if (need_locality && chip->ops->request_locality) { > - rc = chip->ops->request_locality(chip, 0); > - if (rc < 0) > - goto out_no_locality; > - chip->locality = rc; > - } > - > - rc = tpm2_prepare_space(chip, space, ordinal, buf); > - if (rc) > - goto out; > > rc = chip->ops->send(chip, (u8 *) buf, count); > if (rc < 0) { > dev_err(&chip->dev, > - "tpm_transmit: tpm_send: error %d\n", rc); > + "tpm_transfer: tpm_send: error %d\n", rc); > goto out; > } > > @@ -467,18 +429,81 @@ ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, missing here: rc = 0; > if (len < 0) { > rc = len; > dev_err(&chip->dev, > - "tpm_transmit: tpm_recv: error %d\n", rc); > + "tpm_transfer: tpm_recv: error %d\n", rc); > goto out; > } else if (len < TPM_HEADER_SIZE) { > rc = -EFAULT; > goto out; > } > > - if (len != be32_to_cpu(header->length)) { > + if (len != be32_to_cpu(header->length)) > rc = -EFAULT; > - goto out; > + > +out: > + return rc ? rc : len; > +} > +EXPORT_SYMBOL_GPL(tpm_transfer); > + > +/** > + * tmp_transmit - Internal kernel interface to transmit TPM commands. > + * > + * @chip: TPM chip to use > + * @buf: TPM command buffer > + * @bufsiz: length of the TPM command buffer > + * @flags: tpm transmit flags - bitmap > + * > + * Return: > + * 0 when the operation is successful. > + * A negative number for system errors (errno). > + */ > +ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, > + u8 *buf, size_t bufsiz, unsigned int flags) > +{ > + int rc; > + ssize_t len = 0; > + u32 count, ordinal; > + bool need_locality; > + > + if (!tpm_validate_command(chip, space, buf, bufsiz)) > + return -EINVAL; > + > + if (bufsiz > TPM_BUFSIZE) > + bufsiz = TPM_BUFSIZE; > + > + count = be32_to_cpu(*((__be32 *) (buf + 2))); > + ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); > + if (count == 0) > + return -ENODATA; > + if (count > bufsiz) { > + dev_err(&chip->dev, > + "invalid count value %x %zx\n", count, bufsiz); > + return -E2BIG; > + } > + > + if (!(flags & TPM_TRANSMIT_UNLOCKED)) > + mutex_lock(&chip->tpm_mutex); > + > + if (chip->dev.parent) > + pm_runtime_get_sync(chip->dev.parent); > + > + /* Store the decision as chip->locality will be changed. */ > + need_locality = chip->locality == -1; > + > + if (need_locality && chip->ops->request_locality) { > + rc = chip->ops->request_locality(chip, 0); > + if (rc < 0) > + goto out_no_locality; > + chip->locality = rc; > } > > + rc = tpm2_prepare_space(chip, space, ordinal, buf); > + if (rc) > + goto out; > + > + len = tpm_transfer(chip, buf, count, bufsiz); > + if (len < 0) > + goto out; > + > rc = tpm2_commit_space(chip, space, ordinal, buf, &len); > > out: -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Wed, May 10, 2017 at 07:54:21PM -0400, Stefan Berger wrote: > Refactor tpm_transmit and pull out code sending the command > and receiving the response and put this into tpm_transfer. > > Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> > --- > drivers/char/tpm/tpm-interface.c | 121 +++++++++++++++++++++++---------------- > 1 file changed, 73 insertions(+), 48 deletions(-) > > diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c > index 158c1db..263b6d1 100644 > --- a/drivers/char/tpm/tpm-interface.c > +++ b/drivers/char/tpm/tpm-interface.c > @@ -370,67 +370,29 @@ static bool tpm_validate_command(struct tpm_chip *chip, > } > > /** > - * tmp_transmit - Internal kernel interface to transmit TPM commands. > + * tmp_transfer - Send a TPM command to the TPM and receive response > * > * @chip: TPM chip to use > * @buf: TPM command buffer > + * @count: size of the TPM command > * @bufsiz: length of the TPM command buffer > - * @flags: tpm transmit flags - bitmap > * > * Return: > - * 0 when the operation is successful. > + * >0 when the operation is successful; returns response length > * A negative number for system errors (errno). > */ > -ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, > - u8 *buf, size_t bufsiz, unsigned int flags) > +ssize_t tpm_transfer(struct tpm_chip *chip, u8 *buf, u32 count, size_t bufsiz) Add instead a flag TPM_TRANSMIT_RAW (this name is just a suggestion) that skips "prepare" and "commit" parts. That would save us from a new export. Better way to make it less messy would be to add static functions tpm_prepare_command and tpm_commit_command that would be always called and would return immediately if flags contain TPM_TRANSMIT_RAW. /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 05/15/2017 08:40 AM, Jarkko Sakkinen wrote: > On Wed, May 10, 2017 at 07:54:21PM -0400, Stefan Berger wrote: >> Refactor tpm_transmit and pull out code sending the command >> and receiving the response and put this into tpm_transfer. >> >> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> >> --- >> drivers/char/tpm/tpm-interface.c | 121 +++++++++++++++++++++++---------------- >> 1 file changed, 73 insertions(+), 48 deletions(-) >> >> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c >> index 158c1db..263b6d1 100644 >> --- a/drivers/char/tpm/tpm-interface.c >> +++ b/drivers/char/tpm/tpm-interface.c >> @@ -370,67 +370,29 @@ static bool tpm_validate_command(struct tpm_chip *chip, >> } >> >> /** >> - * tmp_transmit - Internal kernel interface to transmit TPM commands. >> + * tmp_transfer - Send a TPM command to the TPM and receive response >> * >> * @chip: TPM chip to use >> * @buf: TPM command buffer >> + * @count: size of the TPM command >> * @bufsiz: length of the TPM command buffer >> - * @flags: tpm transmit flags - bitmap >> * >> * Return: >> - * 0 when the operation is successful. >> + * >0 when the operation is successful; returns response length >> * A negative number for system errors (errno). >> */ >> -ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, >> - u8 *buf, size_t bufsiz, unsigned int flags) >> +ssize_t tpm_transfer(struct tpm_chip *chip, u8 *buf, u32 count, size_t bufsiz) > Add instead a flag TPM_TRANSMIT_RAW (this name is just a suggestion) > that skips "prepare" and "commit" parts. That would save us from a > new export. > > Better way to make it less messy would be to add static functions > tpm_prepare_command and tpm_commit_command that would be always > called and would return immediately if flags contain TPM_TRANSMIT_RAW. I'll do that then, modifying the code to skip tpm_validate_command as well. Stefan > > /Jarkko > -- > To unsubscribe from this list: send the line "unsubscribe linux-security-module" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On 05/15/2017 12:04 PM, Stefan Berger wrote: > On 05/15/2017 08:40 AM, Jarkko Sakkinen wrote: >> On Wed, May 10, 2017 at 07:54:21PM -0400, Stefan Berger wrote: >>> Refactor tpm_transmit and pull out code sending the command >>> and receiving the response and put this into tpm_transfer. >>> >>> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> >>> --- >>> drivers/char/tpm/tpm-interface.c | 121 >>> +++++++++++++++++++++++---------------- >>> 1 file changed, 73 insertions(+), 48 deletions(-) >>> >>> diff --git a/drivers/char/tpm/tpm-interface.c >>> b/drivers/char/tpm/tpm-interface.c >>> index 158c1db..263b6d1 100644 >>> --- a/drivers/char/tpm/tpm-interface.c >>> +++ b/drivers/char/tpm/tpm-interface.c >>> @@ -370,67 +370,29 @@ static bool tpm_validate_command(struct >>> tpm_chip *chip, >>> } >>> /** >>> - * tmp_transmit - Internal kernel interface to transmit TPM commands. >>> + * tmp_transfer - Send a TPM command to the TPM and receive response >>> * >>> * @chip: TPM chip to use >>> * @buf: TPM command buffer >>> + * @count: size of the TPM command >>> * @bufsiz: length of the TPM command buffer >>> - * @flags: tpm transmit flags - bitmap >>> * >>> * Return: >>> - * 0 when the operation is successful. >>> + * >0 when the operation is successful; returns response length >>> * A negative number for system errors (errno). >>> */ >>> -ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, >>> - u8 *buf, size_t bufsiz, unsigned int flags) >>> +ssize_t tpm_transfer(struct tpm_chip *chip, u8 *buf, u32 count, >>> size_t bufsiz) >> Add instead a flag TPM_TRANSMIT_RAW (this name is just a suggestion) >> that skips "prepare" and "commit" parts. That would save us from a >> new export. >> >> Better way to make it less messy would be to add static functions >> tpm_prepare_command and tpm_commit_command that would be always >> called and would return immediately if flags contain TPM_TRANSMIT_RAW. > > I'll do that then, modifying the code to skip tpm_validate_command as > well. > But we don't want to recurse (in the 2nd patch) into chip->ops->request_locality(). Any suggestions ? Stefan -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 158c1db..263b6d1 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -370,67 +370,29 @@ static bool tpm_validate_command(struct tpm_chip *chip, } /** - * tmp_transmit - Internal kernel interface to transmit TPM commands. + * tmp_transfer - Send a TPM command to the TPM and receive response * * @chip: TPM chip to use * @buf: TPM command buffer + * @count: size of the TPM command * @bufsiz: length of the TPM command buffer - * @flags: tpm transmit flags - bitmap * * Return: - * 0 when the operation is successful. + * >0 when the operation is successful; returns response length * A negative number for system errors (errno). */ -ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, - u8 *buf, size_t bufsiz, unsigned int flags) +ssize_t tpm_transfer(struct tpm_chip *chip, u8 *buf, u32 count, size_t bufsiz) { - struct tpm_output_header *header = (void *)buf; int rc; + struct tpm_output_header *header = (void *)buf; + u32 ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); ssize_t len = 0; - u32 count, ordinal; unsigned long stop; - bool need_locality; - - if (!tpm_validate_command(chip, space, buf, bufsiz)) - return -EINVAL; - - if (bufsiz > TPM_BUFSIZE) - bufsiz = TPM_BUFSIZE; - - count = be32_to_cpu(*((__be32 *) (buf + 2))); - ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); - if (count == 0) - return -ENODATA; - if (count > bufsiz) { - dev_err(&chip->dev, - "invalid count value %x %zx\n", count, bufsiz); - return -E2BIG; - } - - if (!(flags & TPM_TRANSMIT_UNLOCKED)) - mutex_lock(&chip->tpm_mutex); - - if (chip->dev.parent) - pm_runtime_get_sync(chip->dev.parent); - - /* Store the decision as chip->locality will be changed. */ - need_locality = chip->locality == -1; - - if (need_locality && chip->ops->request_locality) { - rc = chip->ops->request_locality(chip, 0); - if (rc < 0) - goto out_no_locality; - chip->locality = rc; - } - - rc = tpm2_prepare_space(chip, space, ordinal, buf); - if (rc) - goto out; rc = chip->ops->send(chip, (u8 *) buf, count); if (rc < 0) { dev_err(&chip->dev, - "tpm_transmit: tpm_send: error %d\n", rc); + "tpm_transfer: tpm_send: error %d\n", rc); goto out; } @@ -467,18 +429,81 @@ ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, if (len < 0) { rc = len; dev_err(&chip->dev, - "tpm_transmit: tpm_recv: error %d\n", rc); + "tpm_transfer: tpm_recv: error %d\n", rc); goto out; } else if (len < TPM_HEADER_SIZE) { rc = -EFAULT; goto out; } - if (len != be32_to_cpu(header->length)) { + if (len != be32_to_cpu(header->length)) rc = -EFAULT; - goto out; + +out: + return rc ? rc : len; +} +EXPORT_SYMBOL_GPL(tpm_transfer); + +/** + * tmp_transmit - Internal kernel interface to transmit TPM commands. + * + * @chip: TPM chip to use + * @buf: TPM command buffer + * @bufsiz: length of the TPM command buffer + * @flags: tpm transmit flags - bitmap + * + * Return: + * 0 when the operation is successful. + * A negative number for system errors (errno). + */ +ssize_t tpm_transmit(struct tpm_chip *chip, struct tpm_space *space, + u8 *buf, size_t bufsiz, unsigned int flags) +{ + int rc; + ssize_t len = 0; + u32 count, ordinal; + bool need_locality; + + if (!tpm_validate_command(chip, space, buf, bufsiz)) + return -EINVAL; + + if (bufsiz > TPM_BUFSIZE) + bufsiz = TPM_BUFSIZE; + + count = be32_to_cpu(*((__be32 *) (buf + 2))); + ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); + if (count == 0) + return -ENODATA; + if (count > bufsiz) { + dev_err(&chip->dev, + "invalid count value %x %zx\n", count, bufsiz); + return -E2BIG; + } + + if (!(flags & TPM_TRANSMIT_UNLOCKED)) + mutex_lock(&chip->tpm_mutex); + + if (chip->dev.parent) + pm_runtime_get_sync(chip->dev.parent); + + /* Store the decision as chip->locality will be changed. */ + need_locality = chip->locality == -1; + + if (need_locality && chip->ops->request_locality) { + rc = chip->ops->request_locality(chip, 0); + if (rc < 0) + goto out_no_locality; + chip->locality = rc; } + rc = tpm2_prepare_space(chip, space, ordinal, buf); + if (rc) + goto out; + + len = tpm_transfer(chip, buf, count, bufsiz); + if (len < 0) + goto out; + rc = tpm2_commit_space(chip, space, ordinal, buf, &len); out:
Refactor tpm_transmit and pull out code sending the command and receiving the response and put this into tpm_transfer. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> --- drivers/char/tpm/tpm-interface.c | 121 +++++++++++++++++++++++---------------- 1 file changed, 73 insertions(+), 48 deletions(-)