From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "James Bottomley" <James.Bottomley@HansenPartnership.com>,
"Lino Sanfilippo" <l.sanfilippo@kunbus.com>,
"Alexander Steffen" <Alexander.Steffen@infineon.com>,
"Daniel P. Smith" <dpsmith@apertussolutions.com>,
"Jason Gunthorpe" <jgg@ziepe.ca>,
"Sasha Levin" <sashal@kernel.org>,
<linux-integrity@vger.kernel.org>, <linux-kernel@vger.kernel.org>
Cc: "Ross Philipson" <ross.philipson@oracle.com>,
"Kanth Ghatraju" <kanth.ghatraju@oracle.com>,
"Peter Huewe" <peterhuewe@gmx.de>
Subject: Re: [PATCH 1/3] tpm: protect against locality counter underflow
Date: Fri, 23 Feb 2024 01:49:17 +0200 [thread overview]
Message-ID: <CZC0DCWSO6EW.2TWZ7DKGPZB41@kernel.org> (raw)
In-Reply-To: <354bf802d27ea995858e41dd90d9a83ffc6739aa.camel@HansenPartnership.com>
On Thu Feb 22, 2024 at 11:06 AM EET, James Bottomley wrote:
> On Wed, 2024-02-21 at 19:43 +0000, Jarkko Sakkinen wrote:
> > On Wed Feb 21, 2024 at 12:37 PM UTC, James Bottomley wrote:
> > > On Tue, 2024-02-20 at 22:31 +0000, Jarkko Sakkinen wrote:
> [...]
> > > > I cannot recall out of top of my head can
> > > > you have two localities open at same time.
> > >
> > > I think there's a misunderstanding about what localities are:
> > > they're effectively an additional platform supplied tag to a
> > > command. Each command can therefore have one and only one
> > > locality. The TPM doesn't
> >
> > Actually this was not unclear at all. I even read the chapters from
> > Ariel Segall's yesterday as a refresher.
> >
> > I was merely asking that if TPM_ACCESS_X is not properly cleared and
> > you se TPM_ACCESS_Y where Y < X how does the hardware react as the
> > bug report is pretty open ended and not very clear of the steps
> > leading to unwanted results.
>
> So TPM_ACCESS_X is *not* a generic TPM thing, it's a TIS interface
> specific thing. Now the TIS interface seems to be dominating, so
> perhaps it is the correct programming model for us to follow, but not
> all current TPMs adhere to it.
I know, I only have CRB based TPMs in my host machines but here the
context is TIS interface so in this scope it's what we care about.
We're trying to fix a bug here, not speculate what additional
features could be done with localities.
BR, Jarkko
next prev parent reply other threads:[~2024-02-22 23:49 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20240131170824.6183-1-dpsmith@apertussolutions.com>
2024-01-31 17:08 ` [PATCH 1/3] tpm: protect against locality counter underflow Daniel P. Smith
2024-02-01 22:21 ` Jarkko Sakkinen
2024-02-02 3:08 ` Lino Sanfilippo
2024-02-12 20:05 ` Jarkko Sakkinen
2024-02-19 17:54 ` Daniel P. Smith
2024-02-20 18:42 ` Alexander Steffen
2024-02-20 19:04 ` Jarkko Sakkinen
2024-02-20 20:54 ` Lino Sanfilippo
2024-02-20 22:23 ` Jarkko Sakkinen
2024-02-20 23:19 ` Lino Sanfilippo
2024-02-21 0:40 ` Jarkko Sakkinen
2024-02-23 1:58 ` Daniel P. Smith
2024-02-23 12:58 ` Jarkko Sakkinen
2024-02-25 11:23 ` Daniel P. Smith
2024-02-26 9:39 ` Jarkko Sakkinen
2024-02-20 22:26 ` Jarkko Sakkinen
2024-02-20 22:31 ` Jarkko Sakkinen
2024-02-20 23:26 ` Lino Sanfilippo
2024-02-21 0:42 ` Jarkko Sakkinen
2024-02-21 12:37 ` James Bottomley
2024-02-21 19:43 ` Jarkko Sakkinen
2024-02-21 19:45 ` Jarkko Sakkinen
2024-02-22 9:06 ` James Bottomley
2024-02-22 23:49 ` Jarkko Sakkinen [this message]
2024-02-23 1:57 ` Daniel P. Smith
2024-02-23 20:40 ` Jarkko Sakkinen
2024-02-23 20:42 ` Jarkko Sakkinen
2024-02-23 1:57 ` Daniel P. Smith
2024-02-23 20:50 ` Jarkko Sakkinen
2024-02-20 22:57 ` ross.philipson
2024-02-20 23:10 ` Jarkko Sakkinen
2024-02-20 23:13 ` Jarkko Sakkinen
2024-02-23 1:56 ` Daniel P. Smith
2024-02-23 20:44 ` Jarkko Sakkinen
2024-02-24 2:34 ` Lino Sanfilippo
2024-02-26 9:38 ` Jarkko Sakkinen
2024-02-23 1:55 ` Daniel P. Smith
2024-02-26 12:43 ` Alexander Steffen
2024-02-24 2:06 ` Lino Sanfilippo
2024-02-23 0:01 ` Jarkko Sakkinen
2024-01-31 17:08 ` [PATCH 2/3] tpm: ensure tpm is in known state at startup Daniel P. Smith
2024-02-01 22:33 ` Jarkko Sakkinen
2024-02-19 19:17 ` Daniel P. Smith
2024-02-19 20:17 ` Jarkko Sakkinen
2024-01-31 17:08 ` [PATCH 3/3] tpm: make locality request return value consistent Daniel P. Smith
2024-02-01 22:49 ` Jarkko Sakkinen
2024-02-19 20:29 ` Daniel P. Smith
2024-02-19 20:45 ` Jarkko Sakkinen
2024-02-20 18:57 ` Alexander Steffen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CZC0DCWSO6EW.2TWZ7DKGPZB41@kernel.org \
--to=jarkko@kernel.org \
--cc=Alexander.Steffen@infineon.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=dpsmith@apertussolutions.com \
--cc=jgg@ziepe.ca \
--cc=kanth.ghatraju@oracle.com \
--cc=l.sanfilippo@kunbus.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=peterhuewe@gmx.de \
--cc=ross.philipson@oracle.com \
--cc=sashal@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.