Re: FW: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails

2017-11-29 Thread Javier Martinez Canillas
On 11/26/2017 03:21 PM, Jarkko Sakkinen wrote: > On Wed, Nov 22, 2017 at 08:25:29PM +0100, Javier Martinez Canillas wrote: >> That was my interpretation as well and what I was arguing about. I'm glad to >> know that you also think the same. > > It could be that this rationale has been your earlier

Re: FW: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails

2017-11-26 Thread Javier Martinez Canillas
On 11/26/2017 03:18 PM, Jarkko Sakkinen wrote: > On Wed, Nov 22, 2017 at 09:16:25AM -0800, flihp wrote: >> The intent of this "mostly transparent" stuff is to convey that the RM >> should be as transparent as possible while acknowledging that there are >> some cases where it's not / can't be. I can

Re: FW: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails

2017-11-26 Thread Jarkko Sakkinen
On Wed, Nov 22, 2017 at 08:25:29PM +0100, Javier Martinez Canillas wrote: > That was my interpretation as well and what I was arguing about. I'm glad to > know that you also think the same. It could be that this rationale has been your earlier emails but I just haven't recognized it :-) I think I'

Re: FW: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails

2017-11-26 Thread Jarkko Sakkinen
On Wed, Nov 22, 2017 at 09:16:25AM -0800, flihp wrote: > The intent of this "mostly transparent" stuff is to convey that the RM > should be as transparent as possible while acknowledging that there are > some cases where it's not / can't be. I can't say why the original > author phrased it in this

Re: FW: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails

2017-11-22 Thread Jason Gunthorpe
On Wed, Nov 22, 2017 at 09:16:25AM -0800, flihp wrote: > We can work around quirks in the kernel RM in user space if we must > (short term?) but I'm hesitant to do so in this case. Would feel better > about a short term work-around knowing it's only going to be short term. Pedantically, the kerne

Re: FW: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails

2017-11-22 Thread Javier Martinez Canillas
Hello Philip, On 11/22/2017 06:16 PM, flihp wrote: > Apologies for the slow response. I didn't get switched over from > tpmdd-devel to linux-integrity till just now. > No worries, thanks a lot for your feedback. >> On 11/21/2017 01:30 PM, Jarkko Sakkinen wrote: >>> On Tue, Nov 21, 2017 at 10:07

Re: FW: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails

2017-11-22 Thread flihp
Apologies for the slow response. I didn't get switched over from tpmdd-devel to linux-integrity till just now. > On 11/21/2017 01:30 PM, Jarkko Sakkinen wrote: >> On Tue, Nov 21, 2017 at 10:07:34AM +0100, Javier Martinez Canillas >> wrote: >>> As mentioned, I think this should be documented. I gue