lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Mon, 10 Oct 2016 07:59:25 +0300
From:   Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To:     "Winkler, Tomas" <tomas.winkler@...el.com>
Cc:     Jason Gunthorpe <jgunthorpe@...idianresearch.com>,
        "moderated list:TPM DEVICE DRIVER" 
        <tpmdd-devel@...ts.sourceforge.net>,
        open list <linux-kernel@...r.kernel.org>
Subject: Re: [tpmdd-devel] [PATCH RFC 1/3] tpm_crb: expand struct
 crb_control_area to struct crb_regs

On Mon, Oct 10, 2016 at 12:25:11AM +0000, Winkler, Tomas wrote:
> 
> 
> > -----Original Message-----
> > From: Jason Gunthorpe [mailto:jgunthorpe@...idianresearch.com]
> > Sent: Monday, October 10, 2016 02:08
> > To: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
> > Cc: moderated list:TPM DEVICE DRIVER <tpmdd-devel@...ts.sourceforge.net>;
> > open list <linux-kernel@...r.kernel.org>
> > Subject: Re: [tpmdd-devel] [PATCH RFC 1/3] tpm_crb: expand struct
> > crb_control_area to struct crb_regs
> > 
> > On Sun, Oct 09, 2016 at 09:33:58PM +0300, Jarkko Sakkinen wrote:
> > 
> > > > Sorry I missed this part.
> > > >
> > > > Here are the constraints for existing hardware:
> > > >
> > > > 1. All the existing CRB start only hardware has the iomem covering the
> > > >    control area and registers for multiple localities.
> > > > 2. All the existing ACPI start hardware has only the control area.
> > > >
> > > > If you assume that SSDT does not have malicous behavior caused by
> > > > either a BIOS bug or maybe a rootkit, then the current patch works
> > > > for all the existing hardware.
> > > >
> > > > To counter-measure for unexpected behavior in non-existing hardware
> > > > and buggy or malicious firmware it probably make sense to use
> > > > crb_map_res to validate the part of the CRB registers that is not
> > > > part of the control area.
> > 
> > I don't know how much I'd assume BIOS authors do what you think - the spec I
> > saw for this seems very vauge.
> > 
> > Certainly checking that locality region falls within the acpi mapping seems
> > essential.
> > 
> > > > Doing it in the way you proposed does not work for ACPI start devices.
> > > >
> > > > For them it should be done in the same way as I'm doing in the
> > > > existing patch as for ACPI start devices the address below the
> > > > control area are never accessed. Having a separate crb_map_res for
> > > > CRB start only devices is sane thing to do for validation.
> > >
> > > Alternative is to do two structures crb_regs_head and crb_regs_tail,
> > > which might be cleaner. I'm fine with going either route.
> > 
> > Since the iomem doesn't actually exist for a configuration having two pointers
> > is the better choice. Make sure one is null for the configuration that does not
> > support it.
> > 
> > The negative offset thing is way too subtle.
> 
> I addition I believe it should be always on offset FED4_0xxxh by the
> Spec, so all this arithmetic is a bit of overkill.

It's all done to workaround ACPI start. Even if CRB start devices would
always be in that offset it still would be needed.

> Thanks
> Tomas

/Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ