From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga07.intel.com ([134.134.136.100]:41428 "EHLO mga07.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755541AbeEJBmR (ORCPT ); Wed, 9 May 2018 21:42:17 -0400 Date: Thu, 10 May 2018 04:42:10 +0300 From: Jarkko Sakkinen To: Jason Gunthorpe Cc: "David R. Bild" , Greg Kroah-Hartman , Peter Huewe , linux-usb@vger.kernel.org, linux-integrity@vger.kernel.org Subject: Re: [PATCH v3 2/2] usb: misc: xapea00x: perform platform initialization of TPM Message-ID: <20180510014210.GK6190@linux.intel.com> References: <20180430125418.31344-1-david.bild@xaptum.com> <20180504130022.5231-3-david.bild@xaptum.com> <20180504190638.ikqhdvcqccakzdjd@ziepe.ca> <20180506150229.jvbkvq7hlxbgmsgn@ziepe.ca> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii In-Reply-To: <20180506150229.jvbkvq7hlxbgmsgn@ziepe.ca> Sender: linux-integrity-owner@vger.kernel.org List-ID: On Sun, May 06, 2018 at 09:02:29AM -0600, Jason Gunthorpe wrote: > On Fri, May 04, 2018 at 03:19:21PM -0500, David R. Bild wrote: > > Setting the platform hierarchy password to a random discarded value > > (and the dictionary lockout reset) is really the only special work > > done here. The other steps (startup, self test, etc.) are done by the > > TPM subsystem if needed. > > > > So easy option would be for the TPM subsystem to set the platform > > hierarchy password to a random value during device registration, if > > needed. It could either > > This would probably make more sense, I'm not opposed at least > > > This wouldn't require a significant change to the TPM subsystem > > internals and would let me drop nearly the entire second patch from > > this series. (I think the dictionary lockout reset can be done via > > the already exported "tpm_send(...)" function.) > > Sounds like a much better approach to me. > > Jason Yes this part but I have absolutely zero understanding about what was explained before this part (the *longer* part in the email). /Jarkko From mboxrd@z Thu Jan 1 00:00:00 1970 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Subject: [v3,2/2] usb: misc: xapea00x: perform platform initialization of TPM From: Jarkko Sakkinen Message-Id: <20180510014210.GK6190@linux.intel.com> Date: Thu, 10 May 2018 04:42:10 +0300 To: Jason Gunthorpe Cc: "David R. Bild" , Greg Kroah-Hartman , Peter Huewe , linux-usb@vger.kernel.org, linux-integrity@vger.kernel.org List-ID: T24gU3VuLCBNYXkgMDYsIDIwMTggYXQgMDk6MDI6MjlBTSAtMDYwMCwgSmFzb24gR3VudGhvcnBl IHdyb3RlOgo+IE9uIEZyaSwgTWF5IDA0LCAyMDE4IGF0IDAzOjE5OjIxUE0gLTA1MDAsIERhdmlk IFIuIEJpbGQgd3JvdGU6Cj4gPiBTZXR0aW5nIHRoZSBwbGF0Zm9ybSBoaWVyYXJjaHkgcGFzc3dv cmQgdG8gYSByYW5kb20gZGlzY2FyZGVkIHZhbHVlCj4gPiAoYW5kIHRoZSBkaWN0aW9uYXJ5IGxv Y2tvdXQgcmVzZXQpIGlzIHJlYWxseSB0aGUgb25seSBzcGVjaWFsIHdvcmsKPiA+IGRvbmUgaGVy ZS4gVGhlIG90aGVyIHN0ZXBzIChzdGFydHVwLCBzZWxmIHRlc3QsIGV0Yy4pIGFyZSBkb25lIGJ5 IHRoZQo+ID4gVFBNIHN1YnN5c3RlbSBpZiBuZWVkZWQuCj4gPiAKPiA+IFNvIGVhc3kgb3B0aW9u IHdvdWxkIGJlIGZvciB0aGUgVFBNIHN1YnN5c3RlbSB0byBzZXQgdGhlIHBsYXRmb3JtCj4gPiBo aWVyYXJjaHkgcGFzc3dvcmQgdG8gYSByYW5kb20gdmFsdWUgZHVyaW5nIGRldmljZSByZWdpc3Ry YXRpb24sIGlmCj4gPiBuZWVkZWQuICBJdCBjb3VsZCBlaXRoZXIKPiAKPiBUaGlzIHdvdWxkIHBy b2JhYmx5IG1ha2UgbW9yZSBzZW5zZSwgSSdtIG5vdCBvcHBvc2VkIGF0IGxlYXN0Cj4gCj4gPiBU aGlzIHdvdWxkbid0IHJlcXVpcmUgYSBzaWduaWZpY2FudCBjaGFuZ2UgdG8gdGhlIFRQTSBzdWJz eXN0ZW0KPiA+IGludGVybmFscyBhbmQgd291bGQgbGV0IG1lIGRyb3AgbmVhcmx5IHRoZSBlbnRp cmUgc2Vjb25kIHBhdGNoIGZyb20KPiA+IHRoaXMgc2VyaWVzLiAgKEkgdGhpbmsgdGhlIGRpY3Rp b25hcnkgbG9ja291dCByZXNldCBjYW4gYmUgZG9uZSB2aWEKPiA+IHRoZSBhbHJlYWR5IGV4cG9y dGVkICJ0cG1fc2VuZCguLi4pIiBmdW5jdGlvbi4pCj4gCj4gU291bmRzIGxpa2UgYSBtdWNoIGJl dHRlciBhcHByb2FjaCB0byBtZS4KPiAKPiBKYXNvbgoKWWVzIHRoaXMgcGFydCBidXQgSSBoYXZl IGFic29sdXRlbHkgemVybyB1bmRlcnN0YW5kaW5nIGFib3V0IHdoYXQgd2FzCmV4cGxhaW5lZCBi ZWZvcmUgdGhpcyBwYXJ0ICh0aGUgKmxvbmdlciogcGFydCBpbiB0aGUgZW1haWwpLgoKL0phcmtr bwotLS0KVG8gdW5zdWJzY3JpYmUgZnJvbSB0aGlzIGxpc3Q6IHNlbmQgdGhlIGxpbmUgInVuc3Vi c2NyaWJlIGxpbnV4LXVzYiIgaW4KdGhlIGJvZHkgb2YgYSBtZXNzYWdlIHRvIG1ham9yZG9tb0B2 Z2VyLmtlcm5lbC5vcmcKTW9yZSBtYWpvcmRvbW8gaW5mbyBhdCAgaHR0cDovL3ZnZXIua2VybmVs Lm9yZy9tYWpvcmRvbW8taW5mby5odG1sCg==