| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 4 May 2010 15:00:26 -0700 From: Randy Dunlap <randy.dunlap@...cle.com> To: Rajiv Andrade <srajiv@...ux.vnet.ibm.com> Cc: linux-kernel@...r.kernel.org, zohar@...ux.vnet.ibm.com, jmorris@...ei.org Subject: Re: [PATCH] TPM: ACPI/PNP dependency removal On Tue, 04 May 2010 18:49:20 -0300 Rajiv Andrade wrote: > This patch pushes the ACPI dependency into the device driver code > itself. Now, even without ACPI/PNP enabled, the device can be registered > using the TIS specified memory space. This will however result in the > lack of access to the bios event log, being the only implication of such > ACPI removal. > > Signed-off-by: Rajiv Andrade <srajiv@...ux.vnet.ibm.com> > Acked-by: Mimi Zohar <zohar@...ux.vnet.ibm.com> > --- > drivers/char/tpm/Kconfig | 14 +++++++++++--- > drivers/char/tpm/tpm_tis.c | 42 ++++++++++++++++++++++-------------------- > 2 files changed, 33 insertions(+), 23 deletions(-) > > diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig > index f5fc64f..0a9ec0b 100644 > --- a/drivers/char/tpm/Kconfig > +++ b/drivers/char/tpm/Kconfig > @@ -17,20 +17,28 @@ menuconfig TCG_TPM > obtained at: <http://sourceforge.net/projects/trousers>. To > compile this driver as a module, choose M here; the module > will be called tpm. If unsure, say N. > - Note: For more TPM drivers enable CONFIG_PNP, CONFIG_ACPI > - and CONFIG_PNPACPI. > + Note: For more TPM drivers and BIOS LOG access enable > + CONFIG_PNP, CONFIG_ACPI and CONFIG_PNPACPI. > > if TCG_TPM > > config TCG_TIS > tristate "TPM Interface Specification 1.2 Interface" > - depends on PNP > ---help--- > If you have a TPM security chip that is compliant with the > TCG TIS 1.2 TPM specification say Yes and it will be accessible > from within Linux. To compile this driver as a module, choose > M here; the module will be called tpm_tis. > > +config TCG_BIOS_LOG > + bool "TPM bios mesurement log" BIOS measurement > + depends on X86 > + select ACPI > + ---help--- > + ACPI is required for access to bios measurements lists and therefore BIOS and if I had any say-so, I would Nack this part of the patch. Selecting ACPI adds a huge amount of code, so it should just depend on ACPI IMO. Also, ACPI depends on PCI and PM, so if this "select" part remains, this should be more like: depends on X86 && PCI && PM (unless that's already enforced somewhere else). > + to validate the PCR[0] value. So say Yes in case you want this > + feature and, consequently, ACPI will be enabled. > + > config TCG_NSC > tristate "National Semiconductor TPM Interface" > ---help--- --- ~Randy *** Remember to use Documentation/SubmitChecklist when testing your code *** -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists