| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aN0kKHvc0DRWJPbo@kernel.org> Date: Wed, 1 Oct 2025 15:52:56 +0300 From: Jarkko Sakkinen <jarkko@...nel.org> To: James Bottomley <James.Bottomley@...senpartnership.com> Cc: Jonathan McDowell <noodles@...th.li>, linux-integrity@...r.kernel.org, dpsmith@...rtussolutions.com, ross.philipson@...cle.com, Jarkko Sakkinen <jarkko.sakkinen@...nsys.com>, Roberto Sassu <roberto.sassu@...wei.com>, Peter Huewe <peterhuewe@....de>, Jason Gunthorpe <jgg@...pe.ca>, David Howells <dhowells@...hat.com>, Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, open list <linux-kernel@...r.kernel.org>, "open list:KEYS/KEYRINGS" <keyrings@...r.kernel.org>, "open list:SECURITY SUBSYSTEM" <linux-security-module@...r.kernel.org> Subject: Re: [PATCH v3 01/10] tpm: Cap the number of PCR banks On Wed, Oct 01, 2025 at 02:16:04PM +0300, Jarkko Sakkinen wrote: > On Tue, Sep 30, 2025 at 10:17:22AM -0400, James Bottomley wrote: > > On Tue, 2025-09-30 at 15:36 +0300, Jarkko Sakkinen wrote: > > > On Tue, Sep 30, 2025 at 12:09:15PM +0100, Jonathan McDowell wrote: > > > > On Mon, Sep 29, 2025 at 10:48:23PM +0300, Jarkko Sakkinen wrote: > > [...] > > > > > +#define TPM2_MAX_DIGEST_SIZE SHA512_DIGEST_SIZE > > > > > +#define TPM2_MAX_BANKS 4 > > > > > > > > Where does this max come from? It matches what I see with swtpm by > > > > default (SHA1, SHA2-256, SHA2-384, SHA-512), so I haven't seen > > > > anything that exceeds it myself. > > > > > > I've never seen hardware TPM that would have more than one or two > > > banks. We can double it to leave some room. This was tested with > > > swtpm defaults. > > > > I've got a hardware TPM that comes with 3 banks by default (it's a > > chinese one which has sha1 sha256 and sm2). swtpm isn't a good > > indicator because it's default allocation is rather pejorative (it > > disables sha1 whereas most field TPMs don't). > > > > However, if you look at how the reference implementation works, the > > user is allowed to define any number of banks they want, up to the > > number of supported hashes. The only limitation being there can't be > > >1 bank for the same hash. Field TPM implementations are allowed to > > constrain this, but most don't. The question you should be asking > > here is not how many banks does a particular implementation allow by > > default, but what's the maximum number a user could configure. > > It needs some compilation time cap as the value comes from external > device. If someone hits to that value, then it needs to be increased > but as unconstrained it's a bug. Maximum eight banks should be spacy enough for the time being (and for the foreseeable future). BR, Jarkko
Powered by blists - more mailing lists