On Fri, Jan 27, 2017 at 04:49:36PM -0500, Ken Goldman wrote: > On 1/25/2017 8:04 PM, James Bottomley wrote: > > > This leads to a problem: we have to have access to the session context > > to pull this trick, and that means we have to disallow TPM users from > > calling ContextSave on a session otherwise they could DoS us by > > inducing an unremediable TPM_RC_CONTEXT_GAP error (simply by keeping > > the saved session and never loading it). > > I think it's perfectly acceptable to block applications from calling > context save for sessions. I don't know of any use case that would > require it. > > (There are definitely use cases for context save on transient objects, > but they don't have the replay / gap issue.)
We should probably block the following from /dev/tpms0 by default: 1. ContextLoad for sessions. 2. ContextSave for sessions. 3. Vendor specific commands. /Jarkko ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ tpmdd-devel mailing list tpmdd-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/tpmdd-devel