lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <9E0BE1322F2F2246BD820DA9FC397ADE9AC855@SHSMSX102.ccr.corp.intel.com>
Date:	Fri, 10 May 2013 03:38:05 +0000
From:	"Ren, Qiaowei" <qiaowei.ren@...el.com>
To:	Matthew Garrett <matthew.garrett@...ula.com>
CC:	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"platform-driver-x86@...r.kernel.org" 
	<platform-driver-x86@...r.kernel.org>,
	"Wei, Gang" <gang.wei@...el.com>
Subject: RE: [PATCH 1/4] driver: add TXT driver in kernel

On 2013-05-08, Matthew Garrett wrote:
> On Tue, 2013-05-07 at 22:55 +0800, Qiaowei Ren wrote:
> 
> > + * This module is expected to be a better tool to access below
> > + resources
> 
> Expected to be or is? :)

"is" :)

> > + * Data is currently found below
> 
> You're adding it to ABI, so it shouldn't just be current - are you planning on
> moving it at any point? Is this functionality that should be under securityfs
> instead?
> 
> > +	txt_pdev = platform_device_register_simple(DEV_NAME, -1, NULL, 0);
> 
> This will register even if there's no TXT support on the platform, right? Is there
> no mechanism for determining whether a platform has TXT support before
> registering a device?
> 
> > +module_init(txt_sysfs_init);
> > +module_exit(txt_sysfs_exit);
> 
> And you've got no module aliases, so this will never be autoloaded. How does
> the OS know that the platform implements TXT?

Currently this driver only depends on CONFIG_INTEL_TXT, which is the kernel option for enabling Intel TXT support. And there is no explicit interface to check whether txt is supported in this txt enabling part of kernel. But since the tboot code will detect whether the platform actually supports Intel TXT, and so tboot_enabled() in include/linux/tboot.h may be used to determine whether a platform has TXT support.

In fact, we may also check CPU feature ECX[6] (SMX) for this purpose.

Thanks,
Qiaowei

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ