Message ID | 20240913200517.3085794-19-ross.philipson@oracle.com |
---|---|
State | New |
Headers | show |
Series | x86: Trenchboot secure dynamic launch Linux kernel support | expand |
On Fri Sep 13, 2024 at 11:05 PM EEST, Ross Philipson wrote: > Expose a sysfs interface to allow user mode to set and query the default > locality set for the TPM chip. > > Signed-off-by: Ross Philipson <ross.philipson@oracle.com> Must be read-only. Should be decided per power cycle. BR, Jarkko
On Fri Nov 1, 2024 at 11:50 PM EET, Jarkko Sakkinen wrote: > On Fri Nov 1, 2024 at 12:06 PM EET, Jarkko Sakkinen wrote: > > On Fri Sep 13, 2024 at 11:05 PM EEST, Ross Philipson wrote: > > > Expose a sysfs interface to allow user mode to set and query the default > > > locality set for the TPM chip. > > > > > > Signed-off-by: Ross Philipson <ross.philipson@oracle.com> > > > > Must be read-only. Should be decided per power cycle. > > I'm throwing one incomplete idea not all things considered... > > So one idea is would be to apply set operation to /dev/tpm0 as ioctl > (would not be available for /dev/tpmrm0). > > Then at least access control rules would apply. > > The open here is that the IMA etc. will use a different locality during > boot-time, like it would also with sysfs attribute. Looking at [1] this would become a problem if TPM2_PolicyLocality based policy is ever used during boot-time. We can make a choice of not allowing such policies for in-kernel clients if agree so, but it is a choice that needs to be locked in. With quick thinking I'm not sure if that is horrible limitation. Also does not obviously affect clients communicating with /dev/tpm0. With that constrain it would not matter if during boot-time different locale is used. With that constraint and "set" in ioctl instead of sysfs attributes that might even work out... Open for feedback. [1] https://trustedcomputinggroup.org/wp-content/uploads/TPM-2.0-1.83-Part-3-Commands.pdf BR, Jarkko
diff --git a/drivers/char/tpm/tpm-sysfs.c b/drivers/char/tpm/tpm-sysfs.c index 94231f052ea7..185a2f57d4cb 100644 --- a/drivers/char/tpm/tpm-sysfs.c +++ b/drivers/char/tpm/tpm-sysfs.c @@ -324,6 +324,34 @@ static ssize_t null_name_show(struct device *dev, struct device_attribute *attr, static DEVICE_ATTR_RO(null_name); #endif +static ssize_t default_locality_show(struct device *dev, + struct device_attribute *attr, char *buf) +{ + struct tpm_chip *chip = to_tpm_chip(dev); + + return sprintf(buf, "%d\n", chip->default_locality); +} + +static ssize_t default_locality_store(struct device *dev, struct device_attribute *attr, + const char *buf, size_t count) +{ + struct tpm_chip *chip = to_tpm_chip(dev); + unsigned int locality; + + if (kstrtouint(buf, 0, &locality)) + return -ERANGE; + + if (locality >= TPM_MAX_LOCALITY) + return -ERANGE; + + if (tpm_chip_set_default_locality(chip, (int)locality)) + return count; + else + return 0; +} + +static DEVICE_ATTR_RW(default_locality); + static struct attribute *tpm1_dev_attrs[] = { &dev_attr_pubek.attr, &dev_attr_pcrs.attr, @@ -336,6 +364,7 @@ static struct attribute *tpm1_dev_attrs[] = { &dev_attr_durations.attr, &dev_attr_timeouts.attr, &dev_attr_tpm_version_major.attr, + &dev_attr_default_locality.attr, NULL, }; @@ -344,6 +373,7 @@ static struct attribute *tpm2_dev_attrs[] = { #ifdef CONFIG_TCG_TPM2_HMAC &dev_attr_null_name.attr, #endif + &dev_attr_default_locality.attr, NULL };
Expose a sysfs interface to allow user mode to set and query the default locality set for the TPM chip. Signed-off-by: Ross Philipson <ross.philipson@oracle.com> --- drivers/char/tpm/tpm-sysfs.c | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+)