lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 14 Jun 2019 18:15:05 +0300
From:   Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To:     Doug Anderson <dianders@...omium.org>
Cc:     Peter Huewe <peterhuewe@....de>,
        Guenter Roeck <groeck@...omium.org>,
        Vadim Sukhomlinov <sukhomlinov@...gle.com>,
        apronin@...omium.org, Matthias Kaehlcke <mka@...omium.org>,
        Stephen Boyd <swboyd@...omium.org>,
        Arnd Bergmann <arnd@...db.de>,
        LKML <linux-kernel@...r.kernel.org>,
        Jason Gunthorpe <jgg@...pe.ca>,
        Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        linux-integrity@...r.kernel.org,
        Luigi Semenzato <semenzato@...omium.org>
Subject: Re: [PATCH] tpm: Fix TPM 1.2 Shutdown sequence to prevent future TPM
 operations

On Thu, Jun 13, 2019 at 08:20:41AM -0700, Doug Anderson wrote:
> Found the patch in your tree at
> <http://git.infradead.org/users/jjs/linux-tpmdd.git/commit/41f15a4f02092d531fb34b42a06e9a1603a7df27>.
> I'm decidedly a non-expert here, mostly just wrangling a patch that
> someone else came up with.  :-)  ...but let's see...
> 
> I think you're asking if the "Fixes" looks sane.  I guess it depends
> on what you're trying to accomplish.  Certainly what you've tagged in
> "Fixes" marks the point where it would be easiest to backport this fix
> to.  ...but I think the problem is much older than that patch.
> 
> As I understand it, this problem has existed for much longer.  I
> believe that ${SUBJECT} patch evolved from an investigation that Luigi
> Semenzato did back in 2013 when we got back some Chromebooks whose
> TPMs claimed that they had been "attacked".  Said another way, I
> believe it is an evolution of the patch <https://crrev.com/c/57988>
> ("CHROMIUM: workaround for Infineon TPM broken defensive timeout").
> 
> ...so technically someone ought to want this on all old kernels.
> Maybe keep the "Cc: stable" but remove the "Fixes"?

I guess that is what we have to do then.

/Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ