From patchwork Wed Sep 28 08:34:37 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Nayna X-Patchwork-Id: 9353259 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 9B9F86077B for ; Wed, 28 Sep 2016 08:35:35 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 8BD0D28375 for ; Wed, 28 Sep 2016 08:35:35 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 80425293BE; Wed, 28 Sep 2016 08:35:35 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from lists.sourceforge.net (lists.sourceforge.net [216.34.181.88]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 2FAB228375 for ; Wed, 28 Sep 2016 08:35:34 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=sfs-ml-4.v29.ch3.sourceforge.com) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1bpAKx-0000LA-Sj; Wed, 28 Sep 2016 08:35:31 +0000 Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1bpAKw-0000Kz-96 for tpmdd-devel@lists.sourceforge.net; Wed, 28 Sep 2016 08:35:30 +0000 X-ACL-Warn: Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5] helo=mx0a-001b2d01.pphosted.com) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1bpAKv-00047R-6q for tpmdd-devel@lists.sourceforge.net; Wed, 28 Sep 2016 08:35:30 +0000 Received: from pps.filterd (m0098417.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.17/8.16.0.17) with SMTP id u8S8X69B103295 for ; Wed, 28 Sep 2016 04:35:23 -0400 Received: from e28smtp01.in.ibm.com (e28smtp01.in.ibm.com [125.16.236.1]) by mx0a-001b2d01.pphosted.com with ESMTP id 25r3aghbh2-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Wed, 28 Sep 2016 04:35:23 -0400 Received: from localhost by e28smtp01.in.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Wed, 28 Sep 2016 14:05:19 +0530 Received: from d28dlp02.in.ibm.com (9.184.220.127) by e28smtp01.in.ibm.com (192.168.1.131) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Wed, 28 Sep 2016 14:05:16 +0530 Received: from d28relay10.in.ibm.com (d28relay10.in.ibm.com [9.184.220.161]) by d28dlp02.in.ibm.com (Postfix) with ESMTP id C8231394004E for ; Wed, 28 Sep 2016 14:05:15 +0530 (IST) Received: from d28av04.in.ibm.com (d28av04.in.ibm.com [9.184.220.66]) by d28relay10.in.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id u8S8Z4QD28180684 for ; Wed, 28 Sep 2016 14:05:04 +0530 Received: from d28av04.in.ibm.com (localhost [127.0.0.1]) by d28av04.in.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id u8S8ZDWu022203 for ; Wed, 28 Sep 2016 14:05:15 +0530 Received: from c365f16u1b3.pok.stglabs.ibm.com (c365f16u1b3.pok.stglabs.ibm.com [9.47.77.42]) by d28av04.in.ibm.com (8.14.4/8.14.4/NCO v10.0 AVin) with ESMTP id u8S8YiRH020817; Wed, 28 Sep 2016 14:05:10 +0530 From: Nayna Jain To: tpmdd-devel@lists.sourceforge.net Date: Wed, 28 Sep 2016 04:34:37 -0400 X-Mailer: git-send-email 2.5.0 In-Reply-To: <1475051682-23060-1-git-send-email-nayna@linux.vnet.ibm.com> References: <1475051682-23060-1-git-send-email-nayna@linux.vnet.ibm.com> X-TM-AS-MML: disable X-Content-Scanned: Fidelis XPS MAILER x-cbid: 16092808-7323-0000-0000-0000000F208C X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 16092808-7324-0000-0000-0000001D9F62 Message-Id: <1475051682-23060-4-git-send-email-nayna@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-09-28_06:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=3 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1609020000 definitions=main-1609280151 X-Headers-End: 1bpAKv-00047R-6q Subject: [tpmdd-devel] [PATCH v4 3/8] tpm: validate event log access before tpm_bios_log_setup X-BeenThere: tpmdd-devel@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: Tpm Device Driver maintainance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: tpmdd-devel-bounces@lists.sourceforge.net X-Virus-Scanned: ClamAV using ClamSMTP Currently, the securityfs pseudo files for obtaining the firmware event log are created whether the event log properties exist or not. This patch creates ascii and bios measurements pseudo files only if read_log() is successful. Suggested-by: Jason Gunthorpe Signed-off-by: Nayna Jain --- drivers/char/tpm/tpm.h | 6 +++++ drivers/char/tpm/tpm_acpi.c | 12 +++++++--- drivers/char/tpm/tpm_eventlog.c | 53 +++++++++++++++++++---------------------- drivers/char/tpm/tpm_eventlog.h | 7 +++++- drivers/char/tpm/tpm_of.c | 4 +++- 5 files changed, 48 insertions(+), 34 deletions(-) diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index b5866bb..68630cd 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -35,6 +35,8 @@ #include #include +#include "tpm_eventlog.h" + enum tpm_const { TPM_MINOR = 224, /* officially assigned */ TPM_BUFSIZE = 4096, @@ -156,6 +158,10 @@ struct tpm_chip { struct rw_semaphore ops_sem; const struct tpm_class_ops *ops; + struct tpm_bios_log log; + struct tpm_securityfs_data bin_sfs_data; + struct tpm_securityfs_data ascii_sfs_data; + unsigned int flags; int dev_num; /* /dev/tpm# */ diff --git a/drivers/char/tpm/tpm_acpi.c b/drivers/char/tpm/tpm_acpi.c index 565a947..4d6c2d7 100644 --- a/drivers/char/tpm/tpm_acpi.c +++ b/drivers/char/tpm/tpm_acpi.c @@ -45,13 +45,15 @@ struct acpi_tcpa { }; /* read binary bios log */ -int read_log(struct tpm_bios_log *log) +int read_log(struct tpm_chip *chip) { struct acpi_tcpa *buff; acpi_status status; void __iomem *virt; u64 len, start; + struct tpm_bios_log *log; + log = &chip->log; if (log->bios_event_log != NULL) { printk(KERN_ERR "%s: ERROR - Eventlog already initialized\n", @@ -97,13 +99,17 @@ int read_log(struct tpm_bios_log *log) virt = acpi_os_map_iomem(start, len); if (!virt) { - kfree(log->bios_event_log); printk("%s: ERROR - Unable to map memory\n", __func__); - return -EIO; + goto err; } memcpy_fromio(log->bios_event_log, virt, len); acpi_os_unmap_iomem(virt, len); return 0; + +err: + kfree(log->bios_event_log); + return -EIO; + } diff --git a/drivers/char/tpm/tpm_eventlog.c b/drivers/char/tpm/tpm_eventlog.c index f1df782..a8cd4a1 100644 --- a/drivers/char/tpm/tpm_eventlog.c +++ b/drivers/char/tpm/tpm_eventlog.c @@ -261,14 +261,6 @@ static int tpm_binary_bios_measurements_show(struct seq_file *m, void *v) static int tpm_bios_measurements_release(struct inode *inode, struct file *file) { - struct seq_file *seq = file->private_data; - struct tpm_bios_log *log = seq->private; - - if (log) { - kfree(log->bios_event_log); - kfree(log); - } - return seq_release(inode, file); } @@ -323,34 +315,19 @@ static int tpm_bios_measurements_open(struct inode *inode, struct file *file) { int err; - struct tpm_bios_log *log; struct seq_file *seq; - const struct seq_operations *seqops = - (const struct seq_operations *)inode->i_private; - - log = kzalloc(sizeof(struct tpm_bios_log), GFP_KERNEL); - if (!log) - return -ENOMEM; - - err = read_log(log); - if (err) - goto out_free; + const struct tpm_securityfs_data *sfs_data = + (const struct tpm_securityfs_data *)inode->i_private; + const struct seq_operations *seqops = sfs_data->seqops; /* now register seq file */ err = seq_open(file, seqops); if (!err) { seq = file->private_data; - seq->private = log; - } else { - goto out_free; + seq->private = sfs_data->log; } -out: return err; -out_free: - kfree(log->bios_event_log); - kfree(log); - goto out; } static const struct file_operations tpm_bios_measurements_ops = { @@ -372,6 +349,18 @@ static int is_bad(void *p) int tpm_bios_log_setup(struct tpm_chip *chip) { const char *name = dev_name(&chip->dev); + int rc = 0; + + rc = read_log(chip); + /* + * read_log failure means event log is not supported except for ENOMEM + */ + if (rc < 0) { + if (rc == -ENOMEM) + return rc; + else + return 0; + } chip->bios_dir_count = 0; chip->bios_dir[chip->bios_dir_count] = @@ -380,19 +369,24 @@ int tpm_bios_log_setup(struct tpm_chip *chip) goto err; chip->bios_dir_count++; + chip->bin_sfs_data.log = &chip->log; + chip->bin_sfs_data.seqops = &tpm_binary_b_measurments_seqops; + chip->bios_dir[chip->bios_dir_count] = securityfs_create_file("binary_bios_measurements", S_IRUSR | S_IRGRP, chip->bios_dir[0], - (void *)&tpm_binary_b_measurments_seqops, + (void *)&chip->bin_sfs_data, &tpm_bios_measurements_ops); if (is_bad(chip->bios_dir[chip->bios_dir_count])) goto err; chip->bios_dir_count++; + chip->ascii_sfs_data.log = &chip->log; + chip->ascii_sfs_data.seqops = &tpm_ascii_b_measurments_seqops; chip->bios_dir[chip->bios_dir_count] = securityfs_create_file("ascii_bios_measurements", S_IRUSR | S_IRGRP, chip->bios_dir[0], - (void *)&tpm_ascii_b_measurments_seqops, + (void *)&chip->ascii_sfs_data, &tpm_bios_measurements_ops); if (is_bad(chip->bios_dir[chip->bios_dir_count])) goto err; @@ -413,4 +407,5 @@ void tpm_bios_log_teardown(struct tpm_chip *chip) securityfs_remove(chip->bios_dir[i-1]); chip->bios_dir_count = i; + kfree(chip->log.bios_event_log); } diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h index fd3357e..7ea066c 100644 --- a/drivers/char/tpm/tpm_eventlog.h +++ b/drivers/char/tpm/tpm_eventlog.h @@ -22,6 +22,11 @@ struct tpm_bios_log { void *bios_event_log_end; }; +struct tpm_securityfs_data { + struct tpm_bios_log *log; + const struct seq_operations *seqops; +}; + struct tcpa_event { u32 pcr_index; u32 event_type; @@ -73,7 +78,7 @@ enum tcpa_pc_event_ids { HOST_TABLE_OF_DEVICES, }; -int read_log(struct tpm_bios_log *log); +int read_log(struct tpm_chip *chip); #if defined(CONFIG_TCG_IBMVTPM) || defined(CONFIG_TCG_IBMVTPM_MODULE) || \ defined(CONFIG_ACPI) diff --git a/drivers/char/tpm/tpm_of.c b/drivers/char/tpm/tpm_of.c index 570f30c..68d891a 100644 --- a/drivers/char/tpm/tpm_of.c +++ b/drivers/char/tpm/tpm_of.c @@ -20,12 +20,14 @@ #include "tpm.h" #include "tpm_eventlog.h" -int read_log(struct tpm_bios_log *log) +int read_log(struct tpm_chip *chip) { struct device_node *np; const u32 *sizep; const u64 *basep; + struct tpm_bios_log *log; + log = &chip->log; if (log->bios_event_log != NULL) { pr_err("%s: ERROR - Eventlog already initialized\n", __func__); return -EFAULT;