From mboxrd@z Thu Jan 1 00:00:00 1970 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Subject: [v3,2/2] usb: misc: xapea00x: perform platform initialization of TPM From: "David R. Bild" Message-Id: Date: Thu, 10 May 2018 09:09:47 -0500 To: Jarkko Sakkinen Cc: Greg Kroah-Hartman , Peter Huewe , linux-usb@vger.kernel.org, linux-integrity@vger.kernel.org List-ID: T24gVHVlLCBNYXkgOCwgMjAxOCBhdCA1OjQ3IEFNLCBKYXJra28gU2Fra2luZW4KPGphcmtrby5z YWtraW5lbkBsaW51eC5pbnRlbC5jb20+IHdyb3RlOgo+Cj4gT24gRnJpLCBNYXkgMDQsIDIwMTgg YXQgMDg6MDA6MjJBTSAtMDUwMCwgRGF2aWQgUi4gQmlsZCB3cm90ZToKPiA+IE5vcm1hbGx5IHRo ZSBzeXN0ZW0gcGxhdGZvcm0gKGkuZS4sIEJJT1MvVUVGSSBmb3IgeDg2KSBpcyByZXNwb25zaWJs ZQo+ID4gZm9yIHBlcmZvcm1pbmcgaW5pdGlhbGl6YXRpb24gb2YgdGhlIFRQTS4gIEZvciB0aGVz ZSBtb2R1bGVzLCB0aGUgaG9zdAo+ID4ga2VybmVsIGlzIHRoZSBwbGF0Zm9ybSwgc28gd2UgcGVy Zm9ybSB0aGUgaW5pdGlhbGl6YXRpb24gaW4gdGhlIGRyaXZlcgo+ID4gYmVmb3JlIHJlZ2lzdGVy aW5nIHRoZSBUUE0gd2l0aCB0aGUga2VybmVsIFRQTSBzdWJzeXN0ZW0uCj4gPgo+ID4gVGhlIGlu aXRpYWxpemF0aW9uIGNvbnNpc3RzIG9mIGlzc3VpbmcgdGhlIFRQTSBzdGFydHVwIGNvbW1hbmQs Cj4gPiBydW5uaW5nIHRoZSBUUE0gc2VsZi10ZXN0LCBhbmQgc2V0dGluZyB0aGUgVFBNIHBsYXRm b3JtIGhpZXJhcmNoeQo+ID4gYXV0aG9yaXphdGlvbiB0byBhIHJhbmRvbSwgdW5zYXZlZCB2YWx1 ZSBzbyB0aGF0IGl0IGNhbiBuZXZlciBiZSB1c2VkCj4gPiBhZnRlciB0aGUgZHJpdmVyIGhhcyBs b2FkZWQuCj4gPgo+ID4gU2lnbmVkLW9mZi1ieTogRGF2aWQgUi4gQmlsZCA8ZGF2aWQuYmlsZEB4 YXB0dW0uY29tPgo+Cj4gSGF2ZSB5b3UgY2hlY2tlZCB3aGF0IHRoZSBUUE0gZHJpdmVyIGFscmVh ZHkgZG9lcz8KCgpZZXMuICBJdCBkb2VzIHRoZSBzdGFydHVwIGFuZCBzZWxmLXRlc3QuCgogSG93 ZXZlciwgdGhpcyBkcml2ZXIgc2V0cyB0aGUgcGxhdGZvcm0gaGllcmFyY2h5IHBhc3N3b3JkICpi ZWZvcmUqCmdpdmluZyB0aGUgVFBNIHRvIHRoZSBUUE0gZHJpdmVyICh0aHVzLCBiZWZvcmUgdGhl IFRQTSBkcml2ZXIgY2FuIGRvCnRoZSBzdGFydHVwIGFuZCBzZWxmLXRlc3QpLiAgU3RhcnR1cCBh bmQgc2VsZi10ZXN0IGFyZSBwcmVyZXF1aXNpdGVzCmZvciBzZXR0aW5nIHRoZSBwbGF0Zm9ybSBo aWVyYXJjaHkgcGFzc3dvcmQsIHNvIHRoaXMgZHJpdmVyIGRvZXMgdGhvc2UKaXRzZWxmIHRvby4K CkJlc3QsCkRhdmlkCi0tLQpUbyB1bnN1YnNjcmliZSBmcm9tIHRoaXMgbGlzdDogc2VuZCB0aGUg bGluZSAidW5zdWJzY3JpYmUgbGludXgtdXNiIiBpbgp0aGUgYm9keSBvZiBhIG1lc3NhZ2UgdG8g bWFqb3Jkb21vQHZnZXIua2VybmVsLm9yZwpNb3JlIG1ham9yZG9tbyBpbmZvIGF0ICBodHRwOi8v dmdlci5rZXJuZWwub3JnL21ham9yZG9tby1pbmZvLmh0bWwK From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-wm0-f65.google.com ([74.125.82.65]:37872 "EHLO mail-wm0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S934609AbeEJOJt (ORCPT ); Thu, 10 May 2018 10:09:49 -0400 Received: by mail-wm0-f65.google.com with SMTP id l1-v6so4657719wmb.2 for ; Thu, 10 May 2018 07:09:48 -0700 (PDT) MIME-Version: 1.0 In-Reply-To: <20180508104736.GA6132@linux.intel.com> References: <20180430125418.31344-1-david.bild@xaptum.com> <20180504130022.5231-3-david.bild@xaptum.com> <20180508104736.GA6132@linux.intel.com> From: "David R. Bild" Date: Thu, 10 May 2018 09:09:47 -0500 Message-ID: Subject: Re: [PATCH v3 2/2] usb: misc: xapea00x: perform platform initialization of TPM To: Jarkko Sakkinen Cc: Greg Kroah-Hartman , Peter Huewe , linux-usb@vger.kernel.org, linux-integrity@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Sender: linux-integrity-owner@vger.kernel.org List-ID: On Tue, May 8, 2018 at 5:47 AM, Jarkko Sakkinen wrote: > > On Fri, May 04, 2018 at 08:00:22AM -0500, David R. Bild wrote: > > Normally the system platform (i.e., BIOS/UEFI for x86) is responsible > > for performing initialization of the TPM. For these modules, the host > > kernel is the platform, so we perform the initialization in the driver > > before registering the TPM with the kernel TPM subsystem. > > > > The initialization consists of issuing the TPM startup command, > > running the TPM self-test, and setting the TPM platform hierarchy > > authorization to a random, unsaved value so that it can never be used > > after the driver has loaded. > > > > Signed-off-by: David R. Bild > > Have you checked what the TPM driver already does? Yes. It does the startup and self-test. However, this driver sets the platform hierarchy password *before* giving the TPM to the TPM driver (thus, before the TPM driver can do the startup and self-test). Startup and self-test are prerequisites for setting the platform hierarchy password, so this driver does those itself too. Best, David