Re: [tpmdd-devel] [PATCH v2 4/7] tpm: infrastructure for TPM spaces

2017-03-23 Thread Jarkko Sakkinen
On Wed, Mar 22, 2017 at 04:09:21PM -0400, Ken Goldman wrote: > On 2/22/2017 12:39 PM, James Bottomley wrote: > > > > Right at the moment the kernel use of tpm2 looks like > > > > acquire chip->tpm_mutex > > load key > > process key > > unload key > > release chip->tpm_mutex > > > > While it does

Re: [tpmdd-devel] [PATCH v2 4/7] tpm: infrastructure for TPM spaces

2017-03-22 Thread Ken Goldman
On 2/22/2017 12:39 PM, James Bottomley wrote: Right at the moment the kernel use of tpm2 looks like acquire chip->tpm_mutex load key process key unload key release chip->tpm_mutex While it does this, there's no need for it to have a RM interface because what it does between the acquisition and

Re: [tpmdd-devel] [PATCH v2 4/7] tpm: infrastructure for TPM spaces

2017-02-22 Thread Ken Goldman
On 2/21/2017 1:24 PM, Nayna wrote: [snip] 1. Take locks. 2. Load transient objects from the backing storage by using ContextLoad and map virtual handles to physical handles. 3. Perform the transaction. 4. Save transient objects to backing storage by using ContextSave and map resulting

Re: [tpmdd-devel] [PATCH v2 4/7] tpm: infrastructure for TPM spaces

2017-02-22 Thread Jarkko Sakkinen
On Tue, Feb 21, 2017 at 11:54:50PM +0530, Nayna wrote: > > > On 02/17/2017 12:55 AM, Jarkko Sakkinen wrote: > > Added an ability to virtualize TPM commands into an isolated context > > that we call a TPM space because the word context is already heavily > > used in the TPM specification. Both the

Re: [tpmdd-devel] [PATCH v2 4/7] tpm: infrastructure for TPM spaces

2017-02-22 Thread Ken Goldman
On 2/22/2017 12:39 PM, James Bottomley wrote: Right at the moment the kernel use of tpm2 looks like acquire chip->tpm_mutex load key process key unload key release chip->tpm_mutex The advantage to context save/ context load over load / flush is that load requires the parent(s). The parent ch

Re: [tpmdd-devel] [PATCH v2 4/7] tpm: infrastructure for TPM spaces

2017-02-22 Thread James Bottomley
On Tue, 2017-02-21 at 23:54 +0530, Nayna wrote: > > On 02/17/2017 12:55 AM, Jarkko Sakkinen wrote: > > Added an ability to virtualize TPM commands into an isolated > > context that we call a TPM space because the word context is > > already heavily used in the TPM specification. Both the handle

Re: [tpmdd-devel] [PATCH v2 4/7] tpm: infrastructure for TPM spaces

2017-02-21 Thread Nayna
On 02/17/2017 12:55 AM, Jarkko Sakkinen wrote: Added an ability to virtualize TPM commands into an isolated context that we call a TPM space because the word context is already heavily used in the TPM specification. Both the handle areas and bodies (where necessary) are virtualized. The mechan