[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20080812231602.GB12838@kroah.com>
Date: Tue, 12 Aug 2008 16:16:02 -0700
From: Greg KH <greg@...ah.com>
To: Kenneth Goldman <kgoldman@...ibm.com>
Cc: Christoph Hellwig <hch@...radead.org>,
linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
Mimi Zohar <zohar@...ibm.com>
Subject: Re: [PATCH 1/4] integrity: TPM internel kernel interface
On Tue, Aug 12, 2008 at 04:57:31PM -0400, Kenneth Goldman wrote:
> Christoph Hellwig <hch@...radead.org> wrote on 08/12/2008 03:30:31 PM:
>
> > On Mon, Aug 11, 2008 at 05:13:51PM -0400, Mimi Zohar wrote:
> > >
> > > I assume the concern here is that between looking up the chip and
> actually
> > >
> > > using the chip, the TPM chip is disabled/deactivated. Based on
> > > discussions
> > > with Kenneth Goldman, the TCG main specification part2: structures,
> > > require
> > > that even if the TPM is disabled/deactivated, the command to extend the
>
> > > PCR
> > > will succeed, but the command to read the PCR will fail with an
> > > appropriate
> > > error code.
> >
> > And what happens when the chip simply goes away due to a hotplug action?
> > Or not even the actual chip goes away but just the chip driver and you
> > now dereference freed memory?
>
> Being a TCG/TPM person, I can only address the first question. The
> intent is that the TPM is soldered to the planar/motherboard (the TCG
> uses the phrase "bound to the platform"). I can't imagine
> any manufacturer designing a pluggable TPM. It would subvert PCR
> measurements and thus attestation, data sealing, etc.
Load up the fake-php hotplug pci driver and "soft" disconnect it from
the system :)
That was easy...
Note, just because you think your device is always going to be soldered
to the motherboard, doesn't mean it can't be disconnected at any point
in time with the kernel running.
Or the module could just be unloaded, that's also a very common thing to
have happen, right?
thanks,
greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists