lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 23 Jan 2017 16:30:28 -0700
From:   Jason Gunthorpe <jgunthorpe@...idianresearch.com>
To:     James Bottomley <James.Bottomley@...senPartnership.com>
Cc:     linux-security-module@...r.kernel.org,
        tpmdd-devel@...ts.sourceforge.net,
        open list <linux-kernel@...r.kernel.org>
Subject: Re: [tpmdd-devel] [PATCH RFC v4 4/5] tpm: split out tpm-dev.c into
 tpm-dev.c and tpm-common-dev.c

On Mon, Jan 23, 2017 at 03:20:12PM -0800, James Bottomley wrote:

> > So you are saying there is so much already deployed TPM2 software 
> > that has this TPM_DEVICE env var convention that we need to support 
> > it with compat?
> > 
> > I'm really surprised by that.. But OK.
> > 
> > Can you at least remove the 'user_read_timer' junk from the new cdev?
> 
> What's the problem with it?  Can we not just fix whatever the issue is?

The issue is that it exists at all.

I've been unwilling to remove it because some crazy userspace might
rely on it, but I really don't want to see it continue in any new
stuff.

If you know the existing TPM1 userspace is safe then lets just delete
it entirely. Otherwise lets be sure no new users crop up by disabling
it.

> I'd rather reuse all the R/W machinery as is.  If I start trying to
> special case it so that we only use some parts on some control flows,
> the chances are I'll introduce additional bugs as well.

Sure, this is part of the pain of compat..

Jason

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ