From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ken Goldman Subject: Re: [PATCH] tpm-emulator: add a TPM emulator pass through -> DA lockout Date: Tue, 10 Jan 2017 14:24:22 -0500 Message-ID: References: <1483923513.2644.1.camel@HansenPartnership.com> <20170109154945.GA28023@obsidianresearch.com> <1483978982.2448.7.camel@HansenPartnership.com> <20170109165416.GA13960@obsidianresearch.com> <1483981445.2398.4.camel@HansenPartnership.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1483981445.2398.4.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tpmdd-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org To: tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org List-Id: tpmdd-devel@lists.sourceforge.net On 1/9/2017 12:04 PM, James Bottomley wrote: > I didn't really see a need to use an emulated TPM in the kernel until > Jarkko's smoke tests caused a DA lockout on my physical TPM at which > point not impacting all my other TPM based stuff while playing with > the kernel suddenly seemed important. FYI, set (or leave empty) lockout auth. Then you can use TPM2_DictionaryAttackLockReset() to reset the DA lockout. (I still wholly endorse use of the SW TPM for debug. Debugging using a HW TPM is difficult.) ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today. http://sdm.link/xeonphi