lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Sat, 31 Oct 2009 10:24:34 -0400
From:	Eric Paris <eparis@...isplace.org>
To:	David Smith <david.daniel.smith@...il.com>
Cc:	tpmdd-devel@...ts.sourceforge.net,
	Seiji Munetoh <seiji.munetoh@...il.com>,
	akpm@...ux-foundation.org, Daniel Walker <dwalker@...o99.com>,
	Andy Isaacson <adi@...apodia.org>, jmorris@...ei.org,
	len.brown@...el.com, Alan Cox <alan@...rguk.ukuu.org.uk>,
	Andy Isaacson <adi@...are.com>, linux-kernel@...r.kernel.org,
	Rajiv Andrade <srajiv@...ux.vnet.ibm.com>,
	Mimi Zohar <zohar@...ux.vnet.ibm.com>,
	Shahbaz Khan <shaz.linux@...il.com>
Subject: Re: [PATCH] tpm_tis: TPM_STS_DATA_EXPECT workaround

On Tue, Oct 27, 2009 at 10:45 PM, David Smith
<david.daniel.smith@...il.com> wrote:
> Hi, can this be merged, please? Using the module parameter is not
> optimal but it's better than the complete lack of support today.
>
> On Fri, Sep 25, 2009 at 3:43 AM, Rajiv Andrade
> <srajiv@...ux.vnet.ibm.com> wrote:
>> This was already tested and, given no more comments on it, finally
>> reviewed. Can it already be merged?

James can we get this merged?

Acked-by: Eric Paris <eparis@...hat.com>

>>
>> Thanks,
>> Rajiv
>>
>> On Sat, 2009-09-12 at 08:34 +0900, Seiji Munetoh wrote:
>>> On Fri, Sep 11, 2009 at 5:09 AM, Rajiv Andrade
>>> <srajiv@...ux.vnet.ibm.com> wrote:
>>> > Some newer Lenovo models are shipped with a TPM that doesn't seem to set the TPM_STS_DATA_EXPECT status bit
>>> > when sending it a burst of data, so the code understands it as a failure and doesn't proceed sending the chip
>>> > the intended data. In this patch we bypass this bit check in case the itpm module parameter was set.
>>> >
>>> > This patch is based on Andy Isaacson's one:
>>> >
>>> > http://marc.info/?l=linux-kernel&m=124650185023495&w=2
>>> >
>>> > It was heavily discussed how should we deal with identifying the chip in kernel space, but the required
>>> > patch to do so was NACK'd:
>>> >
>>> > http://marc.info/?l=linux-kernel&m=124650186423711&w=2
>>> >
>>> > This way we let the user choose using this workaround or not based on his
>>> > observations on this code behavior when trying to use the TPM.
>>> >
>>> > Fixed a checkpatch issue present on the previous patch, thanks to Daniel Walker.
>>> >
>>> > Signed-off-by: Rajiv Andrade <srajiv@...ux.vnet.ibm.com>
>>>
>>> As far as I know, only the intel tpm has this PNP issue, so I'm fine with it.
>>>
>>> Tested-by: Seiji Munetoh <seiji.munetoh@...il.com>
>>>
>>> > ---
>>> > diff --git a/drivers/char/tpm/tpm_tis.c b/drivers/char/tpm/tpm_tis.c
>>> > index aec1931..c9990db 100644
>>> > --- a/drivers/char/tpm/tpm_tis.c
>>> > +++ b/drivers/char/tpm/tpm_tis.c
>>> > @@ -257,6 +257,10 @@ out:
>>> >        return size;
>>> >  }
>>> >
>>> > +static int itpm;
>>> > +module_param(itpm, bool, 0444);
>>> > +MODULE_PARM_DESC(itpm, "Force iTPM workarounds (found on some Lenovo laptops)");
>>> > +
>>> >  /*
>>> >  * If interrupts are used (signaled by an irq set in the vendor structure)
>>> >  * tpm.c can skip polling for the data to be available as the interrupt is
>>> > @@ -293,7 +297,7 @@ static int tpm_tis_send(struct tpm_chip *chip, u8 *buf, size_t len)
>>> >                wait_for_stat(chip, TPM_STS_VALID, chip->vendor.timeout_c,
>>> >                              &chip->vendor.int_queue);
>>> >                status = tpm_tis_status(chip);
>>> > -               if ((status & TPM_STS_DATA_EXPECT) == 0) {
>>> > +               if (!itpm && (status & TPM_STS_DATA_EXPECT) == 0) {
>>> >                        rc = -EIO;
>>> >                        goto out_err;
>>> >                }
>>> > @@ -467,6 +471,10 @@ static int tpm_tis_init(struct device *dev, resource_size_t start,
>>> >                 "1.2 TPM (device-id 0x%X, rev-id %d)\n",
>>> >                 vendor >> 16, ioread8(chip->vendor.iobase + TPM_RID(0)));
>>> >
>>> > +       if (itpm)
>>> > +               dev_info(dev, "Intel iTPM workaround enabled\n");
>>> > +
>>> > +
>>> >        /* Figure out the capabilities */
>>> >        intfcaps =
>>> >            ioread32(chip->vendor.iobase +
>>> >
>>> >
>>> >
>>> --
>>> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
>>> the body of a message to majordomo@...r.kernel.org
>>> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>>> Please read the FAQ at  http://www.tux.org/lkml/
>>
>>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/
>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ