Re: [PATCH v8 00/22] add integrity and security to TPM2 transactions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 4/29/24 19:49, Jarkko Sakkinen wrote:
On Tue Apr 30, 2024 at 1:26 AM EEST, Jarkko Sakkinen wrote:
Right and obviously 3rd option is to send a PR to
https://gitlab.com/jarkkojs/linux-tpmdd-test.

I.e. patch file goes to patches/qemu (BR2_GLOBAL_PATCH_DIR
points there).

Stefan, can I do a "zero QEMU changes" negative test for
changing null seed by somehow reseting swtpm? That would
be best possible option (if it is possible).

You cannot easily reset swtpm without changing 'something' and resetting the NULL seed only works when running TPM2_Startup. You could modify some TPM2 command to do what HierarchyStartup does with the nullSeed to simulate what you want.


It does not matter what side-effects it has on swtpm side
as long as the hmac path gets invalidated, as then the
device is rendered as unusable.

BR, Jarkko




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux