On Thu, Jun 29, 2017 at 6:28 AM, Jarkko Sakkinen <[email protected]> wrote: > On Sun, 2017-06-25 at 14:53 -0700, Josh Zimmerman wrote: >> This patchset causes all devices in the tpm class to issue TPM2_Shutdown >> when the system is shutting down. >> >> As a prerequisite, it adds a "shutdown" method to "struct class". >> >> Since this bug can cause users to be locked out of their TPMs, I'd like >> this patch included in at least 4.4 and 4.9. 4.1 is nice-to-have but not >> essential. >> >> gregkh Acked the proposal for stable in v3 of this patch. >> >> drivers/base/core.c | 6 +++++- >> drivers/char/tpm/tpm-chip.c | 34 ++++++++++++++++++++++++++++++++++ >> drivers/char/tpm/tpm-sysfs.c | 3 +++ >> include/linux/device.h | 2 ++ >> 4 files changed, 44 insertions(+), 1 deletion(- > > Josh, > > Reviewed-by: Jarkko Sakkinen <[email protected]> > > I'll rebase my next after testing (and add also Tested-by). > > I have one question as you are more familiar with the issue a hand. > What if you just cut the power from the device, does this affect > DA counter?
Just cut power without a TPM2_Shutdown, you mean? Yes, it does. "To prevent this type of attack, at TPM2_Startup(), the TPM checks if it is starting after an orderly shutdown. If not, and failedTries is not already equal to maxTries, then the TPM will increment failedTries by one" The key, I think, is that shutdowns are assumed to be disorderly unless there's an explicit TPM2_Shutdown that indicates otherwise. (this is from 19.8.6 of https://trustedcomputinggroup.org/wp-content/uploads/TPM-Rev-2.0-Part-1-Architecture-01.38.pdf) > /Jarkko ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ tpmdd-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
