-Shan > -----邮件原件----- > 发件人: Greg KH [mailto:gregkh@xxxxxxxxxxxxxxxxxxx] > 发送时间: 2020年12月15日 17:24 > 收件人: Shan Chen <chenshan@xxxxxxxx> > 抄送: alikernel-developer@xxxxxxxxxxxxxxxxx; Roberto Sassu > <roberto.sassu@xxxxxxxxxx>; Yuanchen Ma <mayuanchen@xxxxxxxx>; Hao > Feng <fenghao@xxxxxxxx>; Zhiwei Ying <yingzhiwei@xxxxxxxx>; > stable@xxxxxxxxxxxxxxx; Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> > 主题: Re: [PATCH AliOS 4.19 v3 11/15] KEYS: trusted: allow module init if TPM > is inactive or deactivated > > On Tue, Dec 15, 2020 at 04:29:18PM +0800, Shan wrote: > > From: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > > > commit 2d6c25215ab26bb009de3575faab7b685f138e92 upstream. > > > > Commit c78719203fc6 ("KEYS: trusted: allow trusted.ko to initialize > > w/o a > > TPM") allows the trusted module to be loaded even if a TPM is not > > found, to avoid module dependency problems. > > > > However, trusted module initialization can still fail if the TPM is > > inactive or deactivated. tpm_get_random() returns an error. > > > > This patch removes the call to tpm_get_random() and instead extends > > the PCR specified by the user with zeros. The security of this > > alternative is equivalent to the previous one, as either option > > prevents with a PCR update unsealing and misuse of sealed data by a user > space process. > > > > Even if a PCR is extended with zeros, instead of random data, it is > > still computationally infeasible to find a value as input for a new > > PCR extend operation, to obtain again the PCR value that would allow > unsealing. > > > > Cc: stable@xxxxxxxxxxxxxxx > > Fixes: 240730437deb ("KEYS: trusted: explicitly use tpm_chip > > structure...") > > Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx> > > Reviewed-by: Tyler Hicks <tyhicks@xxxxxxxxxxxxx> > > Suggested-by: Mimi Zohar <zohar@xxxxxxxxxxxxx> > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> > > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx> > > > > Signed-off-by: mayuanchen <mayuanchen@xxxxxxxx> > > Change-Id: Iada0e052c2ab4a0fbc2db4ac2690da3115d985c6 > > Signed-off-by: Shan <chenshan@xxxxxxxx> > > --- > > security/keys/trusted.c | 13 ------------- > > 1 file changed, 13 deletions(-) > > Why is this being sent to the stable list? Do you want this backported to > 4.19.y? If so, why, and what is the change-id stuff in there for? > > confused, > > greg k-h Sorry for the disturbing, it's not meant for the kernel community. We're backporting this commit for some private usage, and carelessly sent out this mail as git send-email automatically cc'ed the sob listed addresses. Have had the cc suppressed. pls ignore. Thanks! Shan
