lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 11 Jan 2019 20:28:00 +0000
From:   "Safford, David (GE Global Research)" <david.safford@...com>
To:     Stefan Berger <stefanb@...ux.vnet.ibm.com>,
        "linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>,
        "jarkko.sakkinen@...ux.intel.com" <jarkko.sakkinen@...ux.intel.com>
CC:     "linux-security-module@...r.kernel.org" 
        <linux-security-module@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: [PATCH 0/5] Extend TPM PPI interface to support revision 1.3

> -----Original Message-----
> From: linux-integrity-owner@...r.kernel.org <linux-integrity-
> owner@...r.kernel.org> On Behalf Of Stefan Berger
> Sent: Wednesday, January 09, 2019 5:11 PM
> To: linux-integrity@...r.kernel.org; jarkko.sakkinen@...ux.intel.com
> Cc: linux-security-module@...r.kernel.org; linux-kernel@...r.kernel.org;
> Stefan Berger <stefanb@...ux.vnet.ibm.com>
> Subject: EXT: [PATCH 0/5] Extend TPM PPI interface to support revision 1.3
> 
> This series of patches extends the TPM subsystem's PPI support to support
> TPM PPI revision 1.3 where more commands are supported (up to 101) and
> the TPM 2 command code '23' takes an additional parameter.
> 
> For the command code '23' see this document here on document page 39:
> https://trustedcomputinggroup.org/wp-content/uploads/Physical-
> Presence-Interface_1-30_0-52.pdf
> 
>    Stefan

You might mention that this is an important feature, as on at least some
systems, ppi function 23 is the only way to enable/disable PCR banks.

I have tested this patch set on my HP Spectre laptop, and I am finally
able to turn the sha-1 bank on and off. Much appreciated!

Tested-by: David Safford <david.safford@...com>

> 
> Stefan Berger (5):
>   tpm: ppi: pass function revision ID to tpm_eval_dsm()
>   tpm: ppi: rename TPM_PPI_REVISION_ID to TPM_PPI_REVISION_1
>   tpm: ppi: Display up to 101 operations as define for version 1.3
>   tpm: ppi: Possibly show command parameter if TPM PPI 1.3 is used
>   tpm: ppi: Enable submission of optional command parameter for PPI 1.3
> 
>  drivers/char/tpm/tpm_ppi.c | 78 ++++++++++++++++++++++++++++--------
> --
>  1 file changed, 58 insertions(+), 20 deletions(-)
> 
> --
> 2.17.1

Powered by blists - more mailing lists