lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Wed, 1 Jul 2009 23:03:06 +0900
From:	dds (☕) <dds@...gle.com>
To:	Rajiv Andrade <srajiv@...ux.vnet.ibm.com>
Cc:	seiji.munetoh@...il.com, tpmdd-devel@...ts.sourceforge.net,
	Mimi Zohar <zohar@...ux.vnet.ibm.com>,
	linux-kernel <linux-kernel@...r.kernel.org>,
	Shahbaz Khan <shaz.linux@...il.com>
Subject: Fwd: [tpmdd-devel] TPM drivers support and Linux Integrity Module for 
	2.6.30

Hi Rajiv. I'm resending this since it is not in the archives (my bad).


---------- Forwarded message ----------
From: dds (☕) <dds@...gle.com>
Date: Sun, Jun 14, 2009 at 4:15 PM
Subject: Re: [tpmdd-devel] TPM drivers support and Linux Integrity
Module for 2.6.30
To: Rajiv Andrade <srajiv@...ux.vnet.ibm.com>
Cc: Mimi Zohar <zohar@...ux.vnet.ibm.com>,
tpmdd-devel@...ts.sourceforge.net, linux-kernel
<linux-kernel@...r.kernel.org>, Shahbaz Khan <shaz.linux@...il.com>


Hello, I'd been meaning to write about this.


On Sun, Jun 14, 2009 at 12:55 PM, Rajiv Andrade
<srajiv@...ux.vnet.ibm.com> wrote:
>
> Hi Mimi, thanks for copying us.
>
> Shaz,
>
> If this is the same chip we find in the GM45 boards, iTPM, the upstream
> driver won't work properly with it.
> Mainly because this iTPM returns the wrong status code when the driver
> didn't finish sending all bytes required for a specific command.
> As suggested by Seiji Munetoh in the tpmdd-devel sf mailing list, you
> can modify line 263 of tpm_tis.c as below:
>
> -               if ((status & TPM_STS_DATA_EXPECT) == 0) {
> +               if ((status & TPM_STS_VALID) == 0) {
>

This isn't unreasonable. In the block that should be executing there,
it's proper to check both, since VALID is an override for DATA_EXPECT.
See first patch.

>
> Then, after compiling it, since it also seems to not support PNP, load
> it with force option on:
>
> modprobe tpm_tis force=1

The problem here is acpi pnp but the fix is really simple. The current
pnpacpi/core.c routine that looks for isapnp devices enumerated in
acpi enforces that the acpi hid be a valid isapnp id (the formats are
slightly different). But that's broken: it shoudl be enforcing that
either the acpi hid or any acpi cids be valid isapnp ids. It's a
one-line change to do this, see patch 2.


>
> If modprobe fails the first time, try the second and then it will work.

This is fixed by changing the order in the code of setting default
timeouts and requesting locality. See patch 3.

>
> I'm going to submit a patch to make the upstream driver work with it,
> making this line depend on a module param too..
>
> Thanks,
> Rajiv
>
> Mimi Zohar wrote:
> > On Fri, 2009-06-12 at 11:59 +0600, Shahbaz Khan wrote:
> >
> >> Hi,
> >>
> >> I am using Intel Q45 Express chipset with TPM version 1.2 specs of
> >> TCG. The kernel version is 2.6.30. Problem is that the TPM drivers
> >> cannot provide functionality to the TCG TSS giving error message:
> >>
> >> "TCSD TDDL ERROR: Could not find a device to open!"
> >>
> >> The device node in /dev is also not being created which should be
> >> "/dev/tpm". If created manually then still it does not work.
> >>
> >> What should be done?
> >>
> >> Thanks.
> >>
> >> --
> >> Shaz
> >>
> >
> > This is a device driver issue. Copying the TPM maintainers and the
> > forum.
> >
> > Mimi
> >
> >
>
>
> ------------------------------------------------------------------------------
> Crystal Reports - New Free Runtime and 30 Day Trial
> Check out the new simplified licensing option that enables unlimited
> royalty-free distribution of the report engine for externally facing
> server and web deployment.
> http://p.sf.net/sfu/businessobjects
> _______________________________________________
> tpmdd-devel mailing list
> tpmdd-devel@...ts.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

View attachment "01-either_dataexpect_or_valid.patch" of type "text/x-diff" (1472 bytes)

View attachment "02-fix_acpipnp.patch" of type "text/x-diff" (926 bytes)

View attachment "03-reorder_locality_to_after_timeouts.patch" of type "text/x-diff" (1504 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ