On Sat Nov 2, 2024 at 8:22 AM EET, Jarkko Sakkinen wrote:
> DRTM needs to be able to set the locality used by kernel. Provide
> TPM_IOC_SET_LOCALITY operation for this purpose. It is enabled only if
> the kernel command-line has 'tpm.set_locality_enabled=1'. The operation
> is one-shot allowed only
DRTM needs to be able to set the locality used by kernel. Provide
TPM_IOC_SET_LOCALITY operation for this purpose. It is enabled only if
the kernel command-line has 'tpm.set_locality_enabled=1'. The operation
is one-shot allowed only for tpm_tis for the moment.
Signed-off-by: Jarkko Sakkinen
---
On Sat Nov 2, 2024 at 3:37 AM EET, Jarkko Sakkinen wrote:
> DRTM needs to be able to set the locality used by kernel. Provide
> TPM_IOC_SET_LOCALITY operation for this purpose. It is enabled only if
> the kernel command-line has 'tpm.set_locality_enabled=1'. The operation
> is one-shot allowed only
DRTM needs to be able to set the locality used by kernel. Provide
TPM_IOC_SET_LOCALITY operation for this purpose. It is enabled only if
the kernel command-line has 'tpm.set_locality_enabled=1'. The operation
is one-shot allowed only for tpm_tis for the moment.
Signed-off-by: Jarkko Sakkinen
---
On Sat Nov 2, 2024 at 12:04 AM EET, Thomas Gleixner wrote:
> On Fri, Nov 01 2024 at 23:19, Jarkko Sakkinen wrote:
> > On Fri Nov 1, 2024 at 11:13 PM EET, Jarkko Sakkinen wrote:
> >> I think we can sort them out independently as long as we find a
> >> conclusion how to address locality change.
> >
>
On Fri, Nov 01 2024 at 23:19, Jarkko Sakkinen wrote:
> On Fri Nov 1, 2024 at 11:13 PM EET, Jarkko Sakkinen wrote:
>> I think we can sort them out independently as long as we find a
>> conclusion how to address locality change.
>
> And to be fair: there was no reaction from anyone. It is mostly x86
On Fri Nov 1, 2024 at 11:50 PM EET, Jarkko Sakkinen wrote:
> On Fri Nov 1, 2024 at 12:06 PM EET, Jarkko Sakkinen wrote:
> > On Fri Sep 13, 2024 at 11:05 PM EEST, Ross Philipson wrote:
> > > Expose a sysfs interface to allow user mode to set and query the default
> > > locality set for the TPM chip.
On Fri Nov 1, 2024 at 12:06 PM EET, Jarkko Sakkinen wrote:
> On Fri Sep 13, 2024 at 11:05 PM EEST, Ross Philipson wrote:
> > Expose a sysfs interface to allow user mode to set and query the default
> > locality set for the TPM chip.
> >
> > Signed-off-by: Ross Philipson
>
> Must be read-only. Shou
On Fri Nov 1, 2024 at 11:13 PM EET, Jarkko Sakkinen wrote:
> On Fri Nov 1, 2024 at 10:34 PM EET, Thomas Gleixner wrote:
> > On Fri, Nov 01 2024 at 12:28, Jarkko Sakkinen wrote:
> > > On Fri Sep 13, 2024 at 11:04 PM EEST, Ross Philipson wrote:
> > >> A quick note on terminology. The larger open sour
On Fri Nov 1, 2024 at 10:34 PM EET, Thomas Gleixner wrote:
> On Fri, Nov 01 2024 at 12:28, Jarkko Sakkinen wrote:
> > On Fri Sep 13, 2024 at 11:04 PM EEST, Ross Philipson wrote:
> >> A quick note on terminology. The larger open source project itself is
> >> called
> >> TrenchBoot, which is hosted
On Fri, Nov 01 2024 at 12:28, Jarkko Sakkinen wrote:
> On Fri Sep 13, 2024 at 11:04 PM EEST, Ross Philipson wrote:
>> A quick note on terminology. The larger open source project itself is called
>> TrenchBoot, which is hosted on Github (links below). The kernel feature
>> enabling
>> the use of Dy
> diff --git a/Documentation/security/launch-integrity/index.rst
> b/Documentation/security/launch-integrity/index.rst
> new file mode 100644
> +++ b/Documentation/security/launch-integrity/index.rst
...
> +This document serves to establish a common understanding of what a system
> +launch is, the
On Fri Nov 1, 2024 at 1:08 AM EET, Thomas Gleixner wrote:
> On Fri, Nov 01 2024 at 00:37, Jarkko Sakkinen wrote:
> > On Thu Oct 31, 2024 at 9:25 PM EET, Thomas Gleixner wrote:
> >> So this looks pretty reasonable to me by now and I'm inclined to take it
> >> through the tip x86 tree, but that needs
On Fri Sep 13, 2024 at 11:04 PM EEST, Ross Philipson wrote:
> The larger focus of the TrenchBoot project (https://github.com/TrenchBoot) is
> to
> enhance the boot security and integrity in a unified manner. The first area of
> focus has been on the Trusted Computing Group's Dynamic Launch for
>
On Fri Sep 13, 2024 at 11:05 PM EEST, Ross Philipson wrote:
> Expose a sysfs interface to allow user mode to set and query the default
> locality set for the TPM chip.
>
> Signed-off-by: Ross Philipson
Must be read-only. Should be decided per power cycle.
BR, Jarkko
On Fri Sep 13, 2024 at 11:05 PM EEST, Ross Philipson wrote:
> Curently the locality is hard coded to 0 but for DRTM support, access
> is needed to localities 1 through 4.
Why?
>
> Signed-off-by: Ross Philipson
BR, Jarkko
On Fri Sep 13, 2024 at 11:05 PM EEST, Ross Philipson wrote:
> From: "Daniel P. Smith"
>
> The function tpm_tis_request_locality() is expected to return the locality
> value that was requested, or a negative error code upon failure. If it is
> called
> while locality_count of struct tis_data is no
On Fri Sep 13, 2024 at 11:05 PM EEST, Ross Philipson wrote:
> From: "Daniel P. Smith"
>
> When tis_tis_core initializes, it assumes all localities are closed. There
> are cases when this may not be the case. This commit addresses this by
The second sentence is just a claim. Please explain.
> ens
On Fri Sep 13, 2024 at 11:05 PM EEST, Ross Philipson wrote:
> From: "Daniel P. Smith"
>
> Commit 933bfc5ad213 introduced the use of a locality counter to control when a
> locality request is allowed to be sent to the TPM. In the commit, the counter
> is indiscriminately decremented. Thus creating
On Fri Nov 1, 2024 at 11:18 AM EET, Jarkko Sakkinen wrote:
> On Fri Nov 1, 2024 at 10:50 AM EET, Ard Biesheuvel wrote:
> > On Fri, 1 Nov 2024 at 01:40, Jarkko Sakkinen wrote:
> > >
> > > On Fri Nov 1, 2024 at 2:33 AM EET, Jarkko Sakkinen wrote:
> > > > On Fri Nov 1, 2024 at 1:08 AM EET, Thomas Gle
On Fri Nov 1, 2024 at 10:50 AM EET, Ard Biesheuvel wrote:
> On Fri, 1 Nov 2024 at 01:40, Jarkko Sakkinen wrote:
> >
> > On Fri Nov 1, 2024 at 2:33 AM EET, Jarkko Sakkinen wrote:
> > > On Fri Nov 1, 2024 at 1:08 AM EET, Thomas Gleixner wrote:
> > > > On Fri, Nov 01 2024 at 00:37, Jarkko Sakkinen wr
On Fri, 1 Nov 2024 at 01:40, Jarkko Sakkinen wrote:
>
> On Fri Nov 1, 2024 at 2:33 AM EET, Jarkko Sakkinen wrote:
> > On Fri Nov 1, 2024 at 1:08 AM EET, Thomas Gleixner wrote:
> > > On Fri, Nov 01 2024 at 00:37, Jarkko Sakkinen wrote:
> > > > On Thu Oct 31, 2024 at 9:25 PM EET, Thomas Gleixner wro
22 matches
Mail list logo
