lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170411113652.GB32267@leverpostej>
Date:   Tue, 11 Apr 2017 12:36:52 +0100
From:   Mark Rutland <mark.rutland@....com>
To:     Jiandi An <anjiandi@...eaurora.org>,
        Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
Cc:     linux-kernel@...r.kernel.org,
        Shanker Donthineni <shankerd@...eaurora.org>,
        ard.biesheuvel@...aro.org
Subject: ARM64 TPM start method patches

Hi,

I just stumbled upon the following commits in next-20170411:

  cf8252ca7ca76fa4 ("ACPICA: Update TPM2 ACPI table")
  08eff49d63ca2bf4 ("tpm/tpm_crb: Enable TPM CRB interface for ARM64")

... which leave me a little concerned, for two reasons.

Firstly, the spec these are based on (TCG ACPI Specification Family
“1.2” and “2.0” Version 1.2, Revision 8), is a draft, open for public
review until April 28th 2017 [1], and still subject to change, as noted
in the title page of the document [2]:

    This document is an intermediate draft for comment only and is
    subject to change without notice. Readers should not design products
    based on this document.

... so I hope the plan is not to merge these until the final spec is
published.

Secondly, the spec is very vague as to the workings of the SMC call, and
does not define:

 * That the SMC call follows the SMC Calling Convention [3]
 * The parameters to the SMC call
 * The return value(s) of the SMC call

... which I believe should be clarified in the spec before we make
assumptions regarding these in the Linux driver. Otherwise, this is
liable to vary in practice.

Thanks,
Mark.

[1] https://trustedcomputinggroup.org/specifications-public-review/
[2] https://trustedcomputinggroup.org/wp-content/uploads/TCG_ACPIGeneralSpecification-Family-1.2-and-2.0-Ver1.2-Rev8_public-revie....pdf 
[3] http://infocenter.arm.com/help/topic/com.arm.doc.den0028b/ARM_DEN0028B_SMC_Calling_Convention.pdf

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ