[v8,11/17] tpm: move TPM space code out of tpm_transmit()

Message ID	20181116123845.15705-12-jarkko.sakkinen@linux.intel.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-integrity-owner@kernel.org> From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> To: linux-integrity@vger.kernel.org Cc: linux-security-module@vger.kernel.org, James Bottomley <James.Bottomley@HansenPartnership.com>, Tomas Winkler <tomas.winkler@intel.com>, Tadeusz Struk <tadeusz.struk@intel.com>, Stefan Berger <stefanb@linux.vnet.ibm.com>, Nayna Jain <nayna@linux.ibm.com>, Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>, Peter Huewe <peterhuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>, Arnd Bergmann <arnd@arndb.de>, Greg Kroah-Hartman <gregkh@linuxfoundation.org>, linux-kernel@vger.kernel.org (open list) Subject: [PATCH v8 11/17] tpm: move TPM space code out of tpm_transmit() Date: Fri, 16 Nov 2018 14:38:35 +0200 Message-Id: <20181116123845.15705-12-jarkko.sakkinen@linux.intel.com> In-Reply-To: <20181116123845.15705-1-jarkko.sakkinen@linux.intel.com> References: <20181116123845.15705-1-jarkko.sakkinen@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk
Series	Removed nested TPM operations \| expand [v8,00/17] Removed nested TPM operations [v8,01/17] tpm: use tpm_buf in tpm_transmit_cmd() as the IO parameter [v8,02/17] tpm: fix invalid return value in pubek_show() [v8,03/17] tpm: return 0 from pcrs_show() when tpm1_pcr_read() fails [v8,04/17] tpm: print tpm2_commit_space() error inside tpm2_commit_space() [v8,05/17] tpm: declare struct tpm_header [v8,06/17] tpm: access command header through struct in tpm_try_transmit() [v8,07/17] tpm: encapsulate tpm_dev_transmit() [v8,08/17] tpm: call tpm2_flush_space() on error in tpm_try_transmit() [v8,09/17] tpm: clean up tpm_try_transmit() error handling flow [v8,10/17] tpm: move tpm_validate_commmand() to tpm2-space.c [v8,11/17] tpm: move TPM space code out of tpm_transmit() [v8,12/17] tpm: remove @space from tpm_transmit() [v8,13/17] tpm: use tpm_try_get_ops() in tpm-sysfs.c. [v8,14/17] tpm: remove TPM_TRANSMIT_UNLOCKED flag [v8,15/17] tpm: introduce tpm_chip_start() and tpm_chip_stop() [v8,16/17] tpm: take TPM chip power gating out of tpm_transmit() [v8,17/17] tpm: remove @flags from tpm_transmit()

Message ID

20181116123845.15705-12-jarkko.sakkinen@linux.intel.com (mailing list archive)

State

New, archived

Headers

From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: linux-integrity@vger.kernel.org
Cc: linux-security-module@vger.kernel.org,
        James Bottomley <James.Bottomley@HansenPartnership.com>,
        Tomas Winkler <tomas.winkler@intel.com>,
        Tadeusz Struk <tadeusz.struk@intel.com>,
        Stefan Berger <stefanb@linux.vnet.ibm.com>,
        Nayna Jain <nayna@linux.ibm.com>,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        Peter Huewe <peterhuewe@gmx.de>,
        Jason Gunthorpe <jgg@ziepe.ca>, Arnd Bergmann <arnd@arndb.de>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        linux-kernel@vger.kernel.org (open list)
Subject: [PATCH v8 11/17] tpm: move TPM space code out of tpm_transmit()
Date: Fri, 16 Nov 2018 14:38:35 +0200
Message-Id: <20181116123845.15705-12-jarkko.sakkinen@linux.intel.com>
In-Reply-To: <20181116123845.15705-1-jarkko.sakkinen@linux.intel.com>
References: <20181116123845.15705-1-jarkko.sakkinen@linux.intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: linux-integrity-owner@vger.kernel.org
Precedence: bulk

Series

Removed nested TPM operations | expand

Commit Message

Jarkko Sakkinen Nov. 16, 2018, 12:38 p.m. UTC

Prepare and commit TPM space before and after calling tpm_transmit()
instead of doing that inside tpm_transmit(). After this change we can
remove TPM_TRANSMIT_NESTED flag from tpm2_prepare_space() and
tpm2_commit_space() and replace it with TPM_TRANSMIT_UNLOCKED.

Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 drivers/char/tpm/tpm-dev-common.c | 30 ++++++++++++++++++++++++++----
 drivers/char/tpm/tpm-interface.c  | 29 +++--------------------------
 drivers/char/tpm/tpm2-space.c     | 12 ++++++------
 3 files changed, 35 insertions(+), 36 deletions(-)

Comments

Stefan Berger Nov. 16, 2018, 5:06 p.m. UTC | #1

On 11/16/18 7:38 AM, Jarkko Sakkinen wrote:
> Prepare and commit TPM space before and after calling tpm_transmit()
> instead of doing that inside tpm_transmit(). After this change we can
> remove TPM_TRANSMIT_NESTED flag from tpm2_prepare_space() and
> tpm2_commit_space() and replace it with TPM_TRANSMIT_UNLOCKED.
>
> Cc: James Bottomley <James.Bottomley@HansenPartnership.com>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>


Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>


> ---
>   drivers/char/tpm/tpm-dev-common.c | 30 ++++++++++++++++++++++++++----
>   drivers/char/tpm/tpm-interface.c  | 29 +++--------------------------
>   drivers/char/tpm/tpm2-space.c     | 12 ++++++------
>   3 files changed, 35 insertions(+), 36 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm-dev-common.c b/drivers/char/tpm/tpm-dev-common.c
> index cbb0ee30b511..40c1cb09ebd2 100644
> --- a/drivers/char/tpm/tpm-dev-common.c
> +++ b/drivers/char/tpm/tpm-dev-common.c
> @@ -30,13 +30,35 @@ static DEFINE_MUTEX(tpm_dev_wq_lock);
>   static ssize_t tpm_dev_transmit(struct tpm_chip *chip, struct tpm_space *space,
>   				u8 *buf, size_t bufsiz)
>   {
> -	ssize_t ret;
> +	struct tpm_header *header = (void *)buf;
> +	ssize_t ret, len;
>
>   	mutex_lock(&chip->tpm_mutex);
> -	ret = tpm_transmit(chip, space, buf, bufsiz, TPM_TRANSMIT_UNLOCKED);
> -	mutex_unlock(&chip->tpm_mutex);
> +	ret = tpm2_prepare_space(chip, space, buf, bufsiz);
> +	/* If the command is not implemented by the TPM, synthesize a
> +	 * response with a TPM2_RC_COMMAND_CODE return for user-space.
> +	 */
> +	if (ret == -EOPNOTSUPP) {
> +		header->length = cpu_to_be32(sizeof(*header));
> +		header->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
> +		header->return_code = cpu_to_be32(TPM2_RC_COMMAND_CODE |
> +						  TSS2_RESMGR_TPM_RC_LAYER);
> +		ret = sizeof(*header);
> +	}
> +	if (ret)
> +		goto out_lock;
>
> -	return ret;
> +	len = tpm_transmit(chip, space, buf, bufsiz, TPM_TRANSMIT_UNLOCKED);
> +	if (len < 0)
> +		ret = len;
> +
> +	if (ret)
> +		tpm2_flush_space(chip);
> +	else
> +		ret = tpm2_commit_space(chip, space, buf, &len);
> +out_lock:
> +	mutex_unlock(&chip->tpm_mutex);
> +	return ret ? ret : len;
>   }
>
>   static void tpm_dev_async_work(struct work_struct *work)
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index a6ffd0960ae5..7bec03e46043 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -147,27 +147,12 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip,
>   		return -E2BIG;
>   	}
>
> -	rc = tpm2_prepare_space(chip, space, buf, bufsiz);
> -	/*
> -	 * If the command is not implemented by the TPM, synthesize a
> -	 * response with a TPM2_RC_COMMAND_CODE return for user-space.
> -	 */
> -	if (rc == -EOPNOTSUPP) {
> -		header->length = cpu_to_be32(sizeof(*header));
> -		header->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
> -		header->return_code = cpu_to_be32(TPM2_RC_COMMAND_CODE |
> -						  TSS2_RESMGR_TPM_RC_LAYER);
> -		return sizeof(*header);
> -	}
> -	if (rc)
> -		return rc;
> -
>   	rc = chip->ops->send(chip, buf, count);
>   	if (rc < 0) {
>   		if (rc != -EPIPE)
>   			dev_err(&chip->dev,
>   				"%s: tpm_send: error %d\n", __func__, rc);
> -		goto out_space;
> +		return rc;
>   	}
>
>   	if (chip->flags & TPM_CHIP_FLAG_IRQ)
> @@ -182,8 +167,7 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip,
>
>   		if (chip->ops->req_canceled(chip, status)) {
>   			dev_err(&chip->dev, "Operation Canceled\n");
> -			rc = -ECANCELED;
> -			goto out_space;
> +			return -ECANCELED;
>   		}
>
>   		tpm_msleep(TPM_TIMEOUT_POLL);
> @@ -192,8 +176,7 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip,
>
>   	chip->ops->cancel(chip);
>   	dev_err(&chip->dev, "Operation Timed out\n");
> -	rc = -ETIME;
> -	goto out_space;
> +	return -ETIME;
>
>   out_recv:
>   	len = chip->ops->recv(chip, buf, bufsiz);
> @@ -203,12 +186,6 @@ static ssize_t tpm_try_transmit(struct tpm_chip *chip,
>   	} else if (len < TPM_HEADER_SIZE || len != be32_to_cpu(header->length))
>   		rc = -EFAULT;
>
> -out_space:
> -	if (rc)
> -		tpm2_flush_space(chip);
> -	else
> -		rc = tpm2_commit_space(chip, space, buf, &len);
> -
>   	return rc ? rc : len;
>   }
>
> diff --git a/drivers/char/tpm/tpm2-space.c b/drivers/char/tpm/tpm2-space.c
> index 172c9f9d4c29..995c8b963d65 100644
> --- a/drivers/char/tpm/tpm2-space.c
> +++ b/drivers/char/tpm/tpm2-space.c
> @@ -39,7 +39,7 @@ static void tpm2_flush_sessions(struct tpm_chip *chip, struct tpm_space *space)
>   	for (i = 0; i < ARRAY_SIZE(space->session_tbl); i++) {
>   		if (space->session_tbl[i])
>   			tpm2_flush_context_cmd(chip, space->session_tbl[i],
> -					       TPM_TRANSMIT_NESTED);
> +					       TPM_TRANSMIT_UNLOCKED);
>   	}
>   }
>
> @@ -84,7 +84,7 @@ static int tpm2_load_context(struct tpm_chip *chip, u8 *buf,
>   	tpm_buf_append(&tbuf, &buf[*offset], body_size);
>
>   	rc = tpm_transmit_cmd(chip, NULL, &tbuf, 4,
> -			      TPM_TRANSMIT_NESTED, NULL);
> +			      TPM_TRANSMIT_UNLOCKED, NULL);
>   	if (rc < 0) {
>   		dev_warn(&chip->dev, "%s: failed with a system error %d\n",
>   			 __func__, rc);
> @@ -133,7 +133,7 @@ static int tpm2_save_context(struct tpm_chip *chip, u32 handle, u8 *buf,
>   	tpm_buf_append_u32(&tbuf, handle);
>
>   	rc = tpm_transmit_cmd(chip, NULL, &tbuf, 0,
> -			      TPM_TRANSMIT_NESTED, NULL);
> +			      TPM_TRANSMIT_UNLOCKED, NULL);
>   	if (rc < 0) {
>   		dev_warn(&chip->dev, "%s: failed with a system error %d\n",
>   			 __func__, rc);
> @@ -170,7 +170,7 @@ void tpm2_flush_space(struct tpm_chip *chip)
>   	for (i = 0; i < ARRAY_SIZE(space->context_tbl); i++)
>   		if (space->context_tbl[i] && ~space->context_tbl[i])
>   			tpm2_flush_context_cmd(chip, space->context_tbl[i],
> -					       TPM_TRANSMIT_NESTED);
> +					       TPM_TRANSMIT_UNLOCKED);
>
>   	tpm2_flush_sessions(chip, space);
>   }
> @@ -419,7 +419,7 @@ static int tpm2_map_response_header(struct tpm_chip *chip, u32 cc, u8 *rsp,
>
>   	return 0;
>   out_no_slots:
> -	tpm2_flush_context_cmd(chip, phandle, TPM_TRANSMIT_NESTED);
> +	tpm2_flush_context_cmd(chip, phandle, TPM_TRANSMIT_UNLOCKED);
>   	dev_warn(&chip->dev, "%s: out of slots for 0x%08X\n", __func__,
>   		 phandle);
>   	return -ENOMEM;
> @@ -507,7 +507,7 @@ static int tpm2_save_space(struct tpm_chip *chip)
>   			return rc;
>
>   		tpm2_flush_context_cmd(chip, space->context_tbl[i],
> -				       TPM_TRANSMIT_NESTED);
> +				       TPM_TRANSMIT_UNLOCKED);
>   		space->context_tbl[i] = ~0;
>   	}
>

diff --git a/drivers/char/tpm/tpm-dev-common.c b/drivers/char/tpm/tpm-dev-common.c
index cbb0ee30b511..40c1cb09ebd2 100644
--- a/drivers/char/tpm/tpm-dev-common.c
+++ b/drivers/char/tpm/tpm-dev-common.c
@@ -30,13 +30,35 @@  static DEFINE_MUTEX(tpm_dev_wq_lock);
 static ssize_t tpm_dev_transmit(struct tpm_chip *chip, struct tpm_space *space,
 				u8 *buf, size_t bufsiz)
 {
-	ssize_t ret;
+	struct tpm_header *header = (void *)buf;
+	ssize_t ret, len;
 
 	mutex_lock(&chip->tpm_mutex);
-	ret = tpm_transmit(chip, space, buf, bufsiz, TPM_TRANSMIT_UNLOCKED);
-	mutex_unlock(&chip->tpm_mutex);
+	ret = tpm2_prepare_space(chip, space, buf, bufsiz);
+	/* If the command is not implemented by the TPM, synthesize a
+	 * response with a TPM2_RC_COMMAND_CODE return for user-space.
+	 */
+	if (ret == -EOPNOTSUPP) {
+		header->length = cpu_to_be32(sizeof(*header));
+		header->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
+		header->return_code = cpu_to_be32(TPM2_RC_COMMAND_CODE |
+						  TSS2_RESMGR_TPM_RC_LAYER);
+		ret = sizeof(*header);
+	}
+	if (ret)
+		goto out_lock;
 
-	return ret;
+	len = tpm_transmit(chip, space, buf, bufsiz, TPM_TRANSMIT_UNLOCKED);
+	if (len < 0)
+		ret = len;
+
+	if (ret)
+		tpm2_flush_space(chip);
+	else
+		ret = tpm2_commit_space(chip, space, buf, &len);
+out_lock:
+	mutex_unlock(&chip->tpm_mutex);
+	return ret ? ret : len;
 }
 
 static void tpm_dev_async_work(struct work_struct *work)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index a6ffd0960ae5..7bec03e46043 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -147,27 +147,12 @@  static ssize_t tpm_try_transmit(struct tpm_chip *chip,
 		return -E2BIG;
 	}
 
-	rc = tpm2_prepare_space(chip, space, buf, bufsiz);
-	/*
-	 * If the command is not implemented by the TPM, synthesize a
-	 * response with a TPM2_RC_COMMAND_CODE return for user-space.
-	 */
-	if (rc == -EOPNOTSUPP) {
-		header->length = cpu_to_be32(sizeof(*header));
-		header->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
-		header->return_code = cpu_to_be32(TPM2_RC_COMMAND_CODE |
-						  TSS2_RESMGR_TPM_RC_LAYER);
-		return sizeof(*header);
-	}
-	if (rc)
-		return rc;
-
 	rc = chip->ops->send(chip, buf, count);
 	if (rc < 0) {
 		if (rc != -EPIPE)
 			dev_err(&chip->dev,
 				"%s: tpm_send: error %d\n", __func__, rc);
-		goto out_space;
+		return rc;
 	}
 
 	if (chip->flags & TPM_CHIP_FLAG_IRQ)
@@ -182,8 +167,7 @@  static ssize_t tpm_try_transmit(struct tpm_chip *chip,
 
 		if (chip->ops->req_canceled(chip, status)) {
 			dev_err(&chip->dev, "Operation Canceled\n");
-			rc = -ECANCELED;
-			goto out_space;
+			return -ECANCELED;
 		}
 
 		tpm_msleep(TPM_TIMEOUT_POLL);
@@ -192,8 +176,7 @@  static ssize_t tpm_try_transmit(struct tpm_chip *chip,
 
 	chip->ops->cancel(chip);
 	dev_err(&chip->dev, "Operation Timed out\n");
-	rc = -ETIME;
-	goto out_space;
+	return -ETIME;
 
 out_recv:
 	len = chip->ops->recv(chip, buf, bufsiz);
@@ -203,12 +186,6 @@  static ssize_t tpm_try_transmit(struct tpm_chip *chip,
 	} else if (len < TPM_HEADER_SIZE || len != be32_to_cpu(header->length))
 		rc = -EFAULT;
 
-out_space:
-	if (rc)
-		tpm2_flush_space(chip);
-	else
-		rc = tpm2_commit_space(chip, space, buf, &len);
-
 	return rc ? rc : len;
 }
 
diff --git a/drivers/char/tpm/tpm2-space.c b/drivers/char/tpm/tpm2-space.c
index 172c9f9d4c29..995c8b963d65 100644
--- a/drivers/char/tpm/tpm2-space.c
+++ b/drivers/char/tpm/tpm2-space.c
@@ -39,7 +39,7 @@  static void tpm2_flush_sessions(struct tpm_chip *chip, struct tpm_space *space)
 	for (i = 0; i < ARRAY_SIZE(space->session_tbl); i++) {
 		if (space->session_tbl[i])
 			tpm2_flush_context_cmd(chip, space->session_tbl[i],
-					       TPM_TRANSMIT_NESTED);
+					       TPM_TRANSMIT_UNLOCKED);
 	}
 }
 
@@ -84,7 +84,7 @@  static int tpm2_load_context(struct tpm_chip *chip, u8 *buf,
 	tpm_buf_append(&tbuf, &buf[*offset], body_size);
 
 	rc = tpm_transmit_cmd(chip, NULL, &tbuf, 4,
-			      TPM_TRANSMIT_NESTED, NULL);
+			      TPM_TRANSMIT_UNLOCKED, NULL);
 	if (rc < 0) {
 		dev_warn(&chip->dev, "%s: failed with a system error %d\n",
 			 __func__, rc);
@@ -133,7 +133,7 @@  static int tpm2_save_context(struct tpm_chip *chip, u32 handle, u8 *buf,
 	tpm_buf_append_u32(&tbuf, handle);
 
 	rc = tpm_transmit_cmd(chip, NULL, &tbuf, 0,
-			      TPM_TRANSMIT_NESTED, NULL);
+			      TPM_TRANSMIT_UNLOCKED, NULL);
 	if (rc < 0) {
 		dev_warn(&chip->dev, "%s: failed with a system error %d\n",
 			 __func__, rc);
@@ -170,7 +170,7 @@  void tpm2_flush_space(struct tpm_chip *chip)
 	for (i = 0; i < ARRAY_SIZE(space->context_tbl); i++)
 		if (space->context_tbl[i] && ~space->context_tbl[i])
 			tpm2_flush_context_cmd(chip, space->context_tbl[i],
-					       TPM_TRANSMIT_NESTED);
+					       TPM_TRANSMIT_UNLOCKED);
 
 	tpm2_flush_sessions(chip, space);
 }
@@ -419,7 +419,7 @@  static int tpm2_map_response_header(struct tpm_chip *chip, u32 cc, u8 *rsp,
 
 	return 0;
 out_no_slots:
-	tpm2_flush_context_cmd(chip, phandle, TPM_TRANSMIT_NESTED);
+	tpm2_flush_context_cmd(chip, phandle, TPM_TRANSMIT_UNLOCKED);
 	dev_warn(&chip->dev, "%s: out of slots for 0x%08X\n", __func__,
 		 phandle);
 	return -ENOMEM;
@@ -507,7 +507,7 @@  static int tpm2_save_space(struct tpm_chip *chip)
 			return rc;
 
 		tpm2_flush_context_cmd(chip, space->context_tbl[i],
-				       TPM_TRANSMIT_NESTED);
+				       TPM_TRANSMIT_UNLOCKED);
 		space->context_tbl[i] = ~0;
 	}

[v8,11/17] tpm: move TPM space code out of tpm_transmit()

Commit Message

Comments

Patch