lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 20 Jul 2009 16:28:16 -0700
From:	Andy Isaacson <adi@...apodia.org>
To:	Rajiv Andrade <srajiv@...ux.vnet.ibm.com>
Cc:	Valdis.Kletnieks@...edu, Alan Cox <alan@...rguk.ukuu.org.uk>,
	Andy Isaacson <adi@...are.com>, linux-kernel@...r.kernel.org,
	tpmdd-devel@...ts.sourceforge.net, dds@...gle.com,
	Mimi Zohar <zohar@...ux.vnet.ibm.com>,
	Shahbaz Khan <shaz.linux@...il.com>, seiji.munetoh@...il.com
Subject: Re: [PATCH] TPM: DATA_EXPECT bit check bypass

On Thu, Jul 16, 2009 at 06:20:26PM -0300, Rajiv Andrade wrote:
> On Thu, 2009-07-16 at 16:08 -0400, Valdis.Kletnieks@...edu wrote:
> > On Thu, 16 Jul 2009 14:43:32 -0300, Rajiv Andrade said:
> > 
> > > @@ -582,6 +585,12 @@ static int tpm_tis_init(struct device *dev, resource_siz
> > e_t start,
> > >         tpm_get_timeouts(chip);
> > >         tpm_continue_selftest(chip);
> > >  
> > > +       for (i=0; i < 8; i++)
> > > +               if (ITPM_ID[i] != to_pnp_dev(dev)->id->id[i])
> > > +                       break;
> > > +       if (i == 8)
> > > +               chip->is_itpm = 1;
> > > +
> > 
> > strcmp() variant of some sort instead?
> 
> Wait, is to_pnp_dev(dev)->id->id[i] null terminated? Maybe memcmp() fits
> better here..

Rather than checking the PNP ID at this point, I suggest something like:

(the context here depends on my earlier series, but it's fairly
obvious.)

@@ -467,6 +481,11 @@ static int tpm_tis_init(struct device *dev, resource_size_t start,
 		 "1.2 TPM (%04X:%04X rev %d)\n", vendor & 0xffff,
 		 vendor >> 16, ioread8(chip->vendor.iobase + TPM_RID(0)));
 
+	if (vendor == 0x10208086) {
+		dev_info(dev, "Intel iTPM workaround enabled\n");
+		chip->itpm = 1;
+	}
+
 	/* Figure out the capabilities */
 	intfcaps =
 	    ioread32(chip->vendor.iobase +

(I suppose there should be a #define of 0x10208086 somewhere.)

I'll cook up a refreshed patch series.

-andy
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ