On Sat May 18, 2024 at 2:21 PM EEST, Parthiban wrote: > Dear James Bottomley, > > The following crash is observed in the current mainline kernel and I have > tried the > git bisect to narrow it down. Bisect points to the below commit, which got > merged as > part of [1]. I tried reverting the below commit and the TPM loads fine. > > commit 1b6d7f9eb150305dcb0da4f7101a8d30dcdf0497 > Author: James Bottomley <[email protected]> > Date: Mon Apr 29 16:28:07 2024 -0400 > > tpm: add session encryption protection to tpm2_get_random() > > If some entity is snooping the TPM bus, they can see the random > numbers we're extracting from the TPM and do prediction attacks > against their consumers. Foil this attack by using response > encryption to prevent the attacker from seeing the random sequence. > > Signed-off-by: James Bottomley <[email protected]> > Reviewed-by: Jarkko Sakkinen <[email protected]> > Tested-by: Jarkko Sakkinen <[email protected]> > Signed-off-by: Jarkko Sakkinen <[email protected]> > > drivers/char/tpm/tpm2-cmd.c | 21 +++++++++++++++++---- > 1 file changed, 17 insertions(+), 4 deletions(-) > > [ 11.551988] tpm_tis_spi spi0.1: 2.0 TPM (device-id 0x1B, rev-id 22) > [ 11.563036] spi_master spi0: will run message pump with realtime priority
Explanation and workaround: https://lore.kernel.org/linux-integrity/[email protected]/ James, this must be fixed by: diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig index 7c0486e3199c..2d9e2c860ad9 100644 --- a/drivers/char/tpm/Kconfig +++ b/drivers/char/tpm/Kconfig @@ -34,7 +34,7 @@ if TCG_TPM config TCG_TPM2_HMAC bool "Use HMAC and encrypted transactions on the TPM bus" - default y + default n select CRYPTO_ECDH select CRYPTO_LIB_AESCFB select CRYPTO_LIB_SHA256 Distributors know how to enable this but given the high volumes of small devices still with TPM, this trend needs to be cutted. BR, Jarkko BR, Jarkko
