tpmutil: separate OpenTPM into emulation and non-emulation #364
Conversation
d982001 to
e1d87cc
Compare
to prohibit the inclusion of netowrk packages seperate the build of tpmutil via buildtag 'emu' into a filesystem based and a socket based version. Signed-off-by: leongross <leon.gross@9elements.com>
e1d87cc to
6011be3
Compare
|
Hi @leongross, first my apologies for slow SLO on PR review here. I confess, I don't really understand the purpose of this change. What aspect of go-tpm is pulling in |
|
I dug up this "problem" while enabling builds of u-root commands using The function I want to move this decision of the opening mode from runtime to build time. An alternative to build-tags might be several func OpenTPM(path string) (io.ReadWriteCloser, error) // old API for runtime decision
func OpenTPMFile(path string) (io.ReadWriteCloser, error)
func OpenTPMUds(path string) (io.ReadWriteCloser, error)EDIT: I tried to split this up as said https://github.com/leongross/go-tpm/tree/ref/emulator-dce but it does not work as expected, tinygo does not pick the dce up and the build fails. It seems as the initially proposed refactoring is the only working solution. |
|
any feedback on my proposals? @chrisfenner @rminnich @josephlr |
|
@chrisfenner @rminnich @josephlr any thoughts on that? |
|
Agh, sorry for the delay @leongross. Let me try to find some time to take a look this week. I need to tinker with this to fully understand why the DCE can't help us yet... |
|
First off, sorry for the extensive delays here. We've had trouble with our CI in this repo, and I've been busy with my day-to-day work. I'm hesitant to add a(nother) build tag here, but I see the problem you're running into.
Here's my suggestion, @leongross please let me know what you think. Let's add some new transport packages under Normally I'd suggest that you make this change to unblock yourself, but I'm not willing to make that suggestion after taking 6 weeks to really get to this PR, it's not fair to you. So, I will send a PR and add you as a reviewer. |
|
@chrisfenner thank you for your extensive explanation and the work you are putting in here. |
google#364 called to attention some long-standing technical debt around TPM transport. In particular, the stack looks like: (Linux or Windows) `OpenTPM` function calls the legacy `OpenTPM` function calls the tpmutil `OpenTPM` function At the bottom of the stack, tpmutil does some runtime introspection to see what type of TPM it wants to open (e.g., on Linux, the device could be either a device file or a socket). This runtime support is convenient, but also breaks dead-code elimination (for example, tinygo will fail to compile the UDS support code, and users have no way of leaving that out without patches). In principle, we've found within Google that "open my TPM" should be as un-smart as possible, to avoid awkward edge cases (for example, what happens if the logic finds two different TPMs on the system; which should it prefer; should it invisibly succeed and surprise the user?). Instead, the preferred pattern is to require the user to explicitly say which TPM they are trying to open. This change introduces 3 packages as a replacement for `transport.OpenTPM` (which this change marks as now Deprecated): `transport/linuxtpm.Open(path)` opens Linux device TPMs (e.g., /dev/tpm0 or /dev/tpmrm0) `transport/linuxudstpm.Open(path)` opens Linux Unix Domain Socket TPMs `transport/windowstpm.Open()` opens the TPM from TBS.dll Intentionally, the now-deprecated `transport.OpenTPM` is not touched. This would create an import cycle.
|
I sent #369, PTAL @leongross. I'd especially like to know if tinygo happily compiles a program that uses |
|
I will have a look at it @chrisfenner. |
|
This PR can be closed since #369 implemented all the necessary changes. |
* Create individual packages for Windows and Linux TPM transport #364 called to attention some long-standing technical debt around TPM transport. In particular, the stack looks like: (Linux or Windows) `OpenTPM` function calls the legacy `OpenTPM` function calls the tpmutil `OpenTPM` function At the bottom of the stack, tpmutil does some runtime introspection to see what type of TPM it wants to open (e.g., on Linux, the device could be either a device file or a socket). This runtime support is convenient, but also breaks dead-code elimination (for example, tinygo will fail to compile the UDS support code, and users have no way of leaving that out without patches). In principle, we've found within Google that "open my TPM" should be as un-smart as possible, to avoid awkward edge cases (for example, what happens if the logic finds two different TPMs on the system; which should it prefer; should it invisibly succeed and surprise the user?). Instead, the preferred pattern is to require the user to explicitly say which TPM they are trying to open. This change introduces 3 packages as a replacement for `transport.OpenTPM` (which this change marks as now Deprecated): `transport/linuxtpm.Open(path)` opens Linux device TPMs (e.g., /dev/tpm0 or /dev/tpmrm0) `transport/linuxudstpm.Open(path)` opens Linux Unix Domain Socket TPMs `transport/windowstpm.Open()` opens the TPM from TBS.dll Intentionally, the now-deprecated `transport.OpenTPM` is not touched. This would create an import cycle. * Add small tests for each of the openers * fix lint * fix linuxudstpm and test * fix the test in the case that the UDS simulator is not running * remove extraneous test for windows
To prohibit the inclusion of the "net" package, separate the build of
tpmutilvia build tagemuinto a filesystem-based and a socket-based version.EDIT: This PR is part of enabling
tinygosupport for u-root.tinygocurrently lacks sufficient linux network support, so we need to remove unnecessary networking features, e.g. in vboot.