On Fri, 2018-08-24 at 09:25 +0300, Jarkko Sakkinen wrote:
> On Fri, Aug 24, 2018 at 09:24:34AM +0300, Jarkko Sakkinen wrote:
> > On Tue, Aug 21, 2018 at 12:30:04PM -0600, Jason Gunthorpe wrote:
> > > On Tue, Aug 21, 2018 at 04:56:56PM +0100, David Howells wrote:
> > > > Add newly registered TPMs
On Mon, 2017-08-14 at 13:56 +0300, Jarkko Sakkinen wrote:
> > > Since the main concern about this change is breaking old systems that
> > > might potentially have other peripherals hanging off the LPC bus, can
> > > we define a new Kconfig option, with the default as 'N'?
> > >
> > > Mimi
> >
>
On Mon, 2017-08-14 at 13:56 +0300, Jarkko Sakkinen wrote:
> > > > I would like to see tpm_msleep() wrapper to replace current msleep()
> > > > usage across the subsystem before considering this. I.e. wrapper that
> > > > internally uses usleep_range(). This way we can mechanically convert
> > > >
On Fri, 2017-08-11 at 14:14 +0300, Jarkko Sakkinen wrote:
> On Wed, Aug 09, 2017 at 11:00:36PM +0200, Peter Huewe wrote:
> > Hi Ken,
> > (again speaking only on my behalf, not my employer)
> >
> > > Does anyone know of platforms where this occurs?
> > > I suspect (but not sure) that the days of
On Wed, 2017-07-05 at 11:18 -0400, Ken Goldman wrote:
> On 6/28/2017 1:28 PM, Jarkko Sakkinen wrote:
> > On Mon, Jun 26, 2017 at 08:33:59AM -0400, Mimi Zohar wrote:
> >> On Sat, 2017-06-24 at 11:03 +0200, Jarkko Sakkinen wrote:
> >>> On Wed, Jun 21, 2017 at 04:29:3
On Wed, 2017-06-28 at 20:28 +0300, Jarkko Sakkinen wrote:
> On Mon, Jun 26, 2017 at 08:33:59AM -0400, Mimi Zohar wrote:
> > On Sat, 2017-06-24 at 11:03 +0200, Jarkko Sakkinen wrote:
> > > On Wed, Jun 21, 2017 at 04:29:35PM +0200, Roberto Sassu wrote:
> >
> &g
On Wed, 2017-06-21 at 16:29 +0200, Roberto Sassu wrote:
> This patch introduces the new structure tpm_pcr_bank_info to store
> information regarding PCR banks. The next patch will replace the array of
> TPM algorithms IDs with an array of the new structure.
>
> tpm_pcr_bank_info contains the TPM
On Mon, 2017-06-26 at 16:56 +0200, Roberto Sassu wrote:
> On 6/26/2017 2:33 PM, Mimi Zohar wrote:
> > On Sat, 2017-06-24 at 11:03 +0200, Jarkko Sakkinen wrote:
> >> On Wed, Jun 21, 2017 at 04:29:35PM +0200, Roberto Sassu wrote:
> >
> >
> >> To move this forw
On Sat, 2017-06-24 at 11:03 +0200, Jarkko Sakkinen wrote:
> On Wed, Jun 21, 2017 at 04:29:35PM +0200, Roberto Sassu wrote:
> To move this forward and be more constructive here's how I see it
> should be done (along the lines, draft):
>
> int tpm_pcr_extend(u32 chip_num, int pcr_idx, unsigned
On Tue, 2017-05-30 at 09:28 +0200, Roberto Sassu wrote:
> On 5/30/2017 5:29 AM, Mimi Zohar wrote:
> > On Fri, 2017-05-05 at 16:21 +0200, Roberto Sassu wrote:
> >> @@ -876,29 +925,46 @@ static int tpm1_pcr_extend(struct tpm_chip *chip,
> >> int pcr_idx, const u8 *ha
On Fri, 2017-05-05 at 16:21 +0200, Roberto Sassu wrote:
> pcrlock() has been modified to pass the correct arguments
> to tpm_pcr_extend(): the pointer of a tpm2_digest structure containing
> a random value generated by tpm_get_random() and the size of the array (1).
If the number of arguments is
On Fri, 2017-05-05 at 16:21 +0200, Roberto Sassu wrote:
> The tpm_pcr_extend() definition has been modified to take an array of
> tpm2_digest structures, and the size of the array as arguments.
>
> The function now checks if callers provided a digests for each active
> PCR bank (or a SHA1 digest
Hi Jarkko,
On Wed, 2017-04-05 at 15:16 +0300, Jarkko Sakkinen wrote:
> On Wed, Mar 29, 2017 at 12:24:48PM +0200, Roberto Sassu wrote:
> > tpm_pcr_extend() was originally designed to extend a TPM 1.2 PCR with
> > a SHA1 digest. With TPM 2.0, multiple hash algorithms can be supported,
> > but, at
On Fri, 2017-03-10 at 17:28 +0100, Roberto Sassu wrote:
> On 3/10/2017 4:36 PM, Ken Goldman wrote:
> > It's not a TCG standard, just a way of making sure the unused PCR bank
> > doesn't remain at zero, permitting forged measurements.
> >
> > As for the verifier, I ignore the bank I'm not
On Wed, 2017-03-08 at 18:11 +0100, Roberto Sassu wrote:
> On 3/8/2017 5:29 PM, Mimi Zohar wrote:
> > The reason for extending multiple TPM banks is to prevent user space
> > from being able to extend unused TPM banks with whatever they want and
> > then quote those banks, base
On Thu, 2017-03-02 at 10:33 +0200, Jarkko Sakkinen wrote:
> On Fri, Feb 24, 2017 at 12:29:02PM -0500, Mimi Zohar wrote:
> > On Fri, 2017-02-24 at 19:01 +0200, Jarkko Sakkinen wrote:
> > > On Thu, Feb 23, 2017 at 06:46:18PM -0500, Mimi Zohar wrote:
> > > > Commi
On Fri, 2017-02-17 at 20:45 +0200, Jarkko Sakkinen wrote:
> On Fri, Feb 17, 2017 at 07:46:38AM -0500, Mimi Zohar wrote:
> > Hi James,
> >
> > On Wed, 2017-02-15 at 20:09 +0200, Jarkko Sakkinen wrote:
> > > On Wed, Feb 15, 2017 at 11:56:23AM -0500, Stefan Berger
oblem where IMA gets errors with every PCR Extend.
> >
> > Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
> > Signed-off-by: Stefan Berger <stef...@linux.vnet.ibm.com>
> > Acked-by: Mimi Zohar <zo...@us.ibm.com>
>
> R
On Wed, 2017-02-01 at 12:30 +0200, Jarkko Sakkinen wrote:
> On Tue, Jan 31, 2017 at 05:31:50PM -0500, Mimi Zohar wrote:
> > On Wed, 2017-02-01 at 08:46 +1100, James Morris wrote:
> > > On Tue, 31 Jan 2017, Jarkko Sakkinen wrote:
> > >
> > > > James,
>
On Wed, 2017-02-01 at 08:46 +1100, James Morris wrote:
> On Tue, 31 Jan 2017, Jarkko Sakkinen wrote:
>
> > James,
> >
> > The discussion is about two features:
> >
> > 1. Extension to tpm_pcr_extend() (used by IMA) to extend all PCR banks
> >instead of just SHA-1 banks. It is recommended by
On Tue, 2017-01-03 at 00:15 +0200, Jarkko Sakkinen wrote:
> On Fri, Dec 30, 2016 at 02:02:28PM -0500, Nayna Jain wrote:
> > IMA extends its hash measurements in the TPM PCRs, based on policy.
> > The existing in-kernel TPM extend function extends only the SHA1
> > PCR bank. TPM 2.0 defines
On Tue, 2016-06-07 at 01:38 +0100, Matthew Garrett wrote:
> On Mon, Jun 06, 2016 at 08:35:55PM -0400, Mimi Zohar wrote:
>
> > Did you consider submitting this as an Linux Security Summit (LSS)
> > discussion topic?
>
> Yes, I've submitted something for that, bu
On Tue, 2016-01-05 at 09:43 +, Fuchs, Andreas wrote:
> > > I'd like to get a list of people interested to work on some conceptual
> > > stuff
> > > first though.
> >
> > I don't care in what process the patches are implemented. I can review
> > and test patches once there is something real
23 matches
Mail list logo