From patchwork Fri Jun 24 14:36:55 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Berger X-Patchwork-Id: 9197659 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 706A76075F for ; Fri, 24 Jun 2016 14:37:16 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 5F974284B8 for ; Fri, 24 Jun 2016 14:37:16 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 53337284BA; Fri, 24 Jun 2016 14:37:16 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from lists.sourceforge.net (lists.sourceforge.net [216.34.181.88]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 30C40284B8 for ; Fri, 24 Jun 2016 14:37:14 +0000 (UTC) Received: from localhost ([127.0.0.1] helo=sfs-ml-2.v29.ch3.sourceforge.com) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1bGSEK-0000n4-6w; Fri, 24 Jun 2016 14:37:12 +0000 Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1bGSEJ-0000mz-6V for tpmdd-devel@lists.sourceforge.net; Fri, 24 Jun 2016 14:37:11 +0000 X-ACL-Warn: Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1bGSEI-0005R6-4s for tpmdd-devel@lists.sourceforge.net; Fri, 24 Jun 2016 14:37:11 +0000 Received: from pps.filterd (m0098396.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.16.0.11/8.16.0.11) with SMTP id u5OEYLN2012066 for ; Fri, 24 Jun 2016 10:37:04 -0400 Received: from e38.co.us.ibm.com (e38.co.us.ibm.com [32.97.110.159]) by mx0a-001b2d01.pphosted.com with ESMTP id 23rskwt31r-1 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=NOT) for ; Fri, 24 Jun 2016 10:37:04 -0400 Received: from localhost by e38.co.us.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Fri, 24 Jun 2016 08:37:02 -0600 Received: from d03dlp02.boulder.ibm.com (9.17.202.178) by e38.co.us.ibm.com (192.168.1.138) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted; Fri, 24 Jun 2016 08:36:59 -0600 X-IBM-Helo: d03dlp02.boulder.ibm.com X-IBM-MailFrom: stefanb@linux.vnet.ibm.com Received: from b03cxnp08025.gho.boulder.ibm.com (b03cxnp08025.gho.boulder.ibm.com [9.17.130.17]) by d03dlp02.boulder.ibm.com (Postfix) with ESMTP id A92E13E40030; Fri, 24 Jun 2016 08:36:58 -0600 (MDT) Received: from b03ledav002.gho.boulder.ibm.com (b03ledav002.gho.boulder.ibm.com [9.17.130.233]) by b03cxnp08025.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id u5OEawT545744216; Fri, 24 Jun 2016 07:36:58 -0700 Received: from b03ledav002.gho.boulder.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 33073136046; Fri, 24 Jun 2016 08:36:58 -0600 (MDT) Received: from dhcp-9-2-140-43.watson.ibm.com (unknown [9.2.141.158]) by b03ledav002.gho.boulder.ibm.com (Postfix) with ESMTP id BDAD9136048; Fri, 24 Jun 2016 08:36:57 -0600 (MDT) From: Stefan Berger To: tpmdd-devel@lists.sourceforge.net Date: Fri, 24 Jun 2016 10:36:55 -0400 X-Mailer: git-send-email 2.4.3 X-TM-AS-GCONF: 00 X-Content-Scanned: Fidelis XPS MAILER x-cbid: 16062414-0028-0000-0000-000005082228 X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused x-cbparentid: 16062414-0029-0000-0000-00002CF516C9 Message-Id: <1466779015-26965-1-git-send-email-stefanb@linux.vnet.ibm.com> X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2016-06-24_07:, , signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=5 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1604210000 definitions=main-1606240159 X-Headers-End: 1bGSEI-0005R6-4s Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [tpmdd-devel] [PATCH] tpm: vtpm_proxy: Introduce flag to prevent sysfs entries X-BeenThere: tpmdd-devel@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: Tpm Device Driver maintainance List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: tpmdd-devel-bounces@lists.sourceforge.net X-Virus-Scanned: ClamAV using ClamSMTP Introduce TPM_VTPM_PROXY_NO_SYSFS flag that prevents a vtpm_proxy driver instance from having the typical sysfs entries that shows the state of the TPM. The flag is to be set in the ioctl creating the vtpm_proxy device pair and maps on a new chip flags TPM_CHIP_FLAG_NO_SYSFS. This flag would be set by a container management stack to prevent TPM related information leakage between containers who share entries in sysfs. Signed-off-by: Stefan Berger --- drivers/char/tpm/tpm-chip.c | 2 +- drivers/char/tpm/tpm.h | 1 + drivers/char/tpm/tpm_vtpm_proxy.c | 5 ++++- include/uapi/linux/vtpm_proxy.h | 3 ++- 4 files changed, 8 insertions(+), 3 deletions(-) diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c index 1965dc7..c8e7cab 100644 --- a/drivers/char/tpm/tpm-chip.c +++ b/drivers/char/tpm/tpm-chip.c @@ -278,7 +278,7 @@ static void tpm_del_char_device(struct tpm_chip *chip) static int tpm1_chip_register(struct tpm_chip *chip) { - if (chip->flags & TPM_CHIP_FLAG_TPM2) + if (chip->flags & (TPM_CHIP_FLAG_TPM2 | TPM_CHIP_FLAG_NO_SYSFS)) return 0; tpm_sysfs_add_device(chip); diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index 8890df2..9d8cf81 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -143,6 +143,7 @@ enum tpm_chip_flags { TPM_CHIP_FLAG_TPM2 = BIT(1), TPM_CHIP_FLAG_IRQ = BIT(2), TPM_CHIP_FLAG_VIRTUAL = BIT(3), + TPM_CHIP_FLAG_NO_SYSFS = BIT(4), }; struct tpm_chip { diff --git a/drivers/char/tpm/tpm_vtpm_proxy.c b/drivers/char/tpm/tpm_vtpm_proxy.c index 86e27e8..81079e0 100644 --- a/drivers/char/tpm/tpm_vtpm_proxy.c +++ b/drivers/char/tpm/tpm_vtpm_proxy.c @@ -50,7 +50,7 @@ struct proxy_dev { }; /* all supported flags */ -#define VTPM_PROXY_FLAGS_ALL (VTPM_PROXY_FLAG_TPM2) +#define VTPM_PROXY_FLAGS_ALL (VTPM_PROXY_FLAG_TPM2 | VTPM_PROXY_FLAG_NO_SYSFS) static struct workqueue_struct *workqueue; @@ -490,6 +490,9 @@ static struct file *vtpm_proxy_create_device( if (proxy_dev->flags & VTPM_PROXY_FLAG_TPM2) proxy_dev->chip->flags |= TPM_CHIP_FLAG_TPM2; + if (proxy_dev->flags & VTPM_PROXY_FLAG_NO_SYSFS) + proxy_dev->chip->flags |= TPM_CHIP_FLAG_NO_SYSFS; + vtpm_proxy_work_start(proxy_dev); vtpm_new_dev->fd = fd; diff --git a/include/uapi/linux/vtpm_proxy.h b/include/uapi/linux/vtpm_proxy.h index 41e8e22..151ea48 100644 --- a/include/uapi/linux/vtpm_proxy.h +++ b/include/uapi/linux/vtpm_proxy.h @@ -29,7 +29,8 @@ struct vtpm_proxy_new_dev { }; /* above flags */ -#define VTPM_PROXY_FLAG_TPM2 1 /* emulator is TPM 2 */ +#define VTPM_PROXY_FLAG_TPM2 1 /* emulator is TPM 2 */ +#define VTPM_PROXY_FLAG_NO_SYSFS 2 /* no sysfs for vTPM proxy instance */ #define VTPM_PROXY_IOC_NEW_DEV _IOWR(0xa1, 0x00, struct vtpm_proxy_new_dev)