Received: by 2002:a05:7412:cfc7:b0:fc:a2b0:25d7 with SMTP id by7csp2034429rdb; Tue, 20 Feb 2024 15:13:24 -0800 (PST) X-Forwarded-Encrypted: i=3; AJvYcCWTmd/k5IVh2QjW2x5VLvAlxtf1CHg2Lhm98X0NUvaXyhPlZvvqArX03Dp0sPE3Zxuy56oFt/lvgJfc5+DQ9jHyoy58aaUuL8w3TaqHBg== X-Google-Smtp-Source: AGHT+IFAuGHiqDAjgFDWP/T0xUoRweP9eW0ZUbF/aXkh9fOZHHOv0xd464IlkeLy0F5YaHJZHfCu X-Received: by 2002:a17:906:e246:b0:a3e:69eb:45dc with SMTP id gq6-20020a170906e24600b00a3e69eb45dcmr5484932ejb.21.1708470804776; Tue, 20 Feb 2024 15:13:24 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1708470804; cv=pass; d=google.com; s=arc-20160816; b=OtnHEjoPfuj6yrCJgjlR7Mij1TBzQ4/BQ9tGHVhXmPZSuhvcc085Mf0Uct3G496nzs quzjHr2tIbnjpO7sexwmBN114a+M4kpVQOXu/ZTrwbrnd9rr4aUzpzAH20+zxzRNQnl1 iN+mE+1Qbhr83otKCOAc+/edwOmB5sqpx/vZL700+UTl/spMHFh+CHrbY/bvW86kjzxO TFwJeqr25lQqA0Yc7SFKGXpo+lsdlLRt9xkxYf9Cmi7LlcAD8qtPXR8kx/2nZucvnnKD 1wH2dawGrMvgGEdJUsPYQ0Sab3vIk100sKd5DC4R9gWMl1+THoE3BpawrSj3TjwX4mb5 O7Kg== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=in-reply-to:references:to:from:subject:cc:message-id:date :content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:dkim-signature; bh=Bx5aVHOgsKqF3N5ZzU69S68k3jHxKEM8cqwIloXz06g=; fh=dpgB8EyO5TMj8dCPACAwVLPqFyNQLom7RlCNDy3p1Nc=; b=C9Yh03p2CdcW5kSNZ9lrqxZawzRvYzuy9McvpxmWSo4xis+ulwyE83H9uwnnxL4jEe zmu1PnYuAiCa/UiWSRrt9bOAgdIggasXZyBptOV0WfyMovlMmaUCigNNeJWCzCgQ6syg UUKrTSE1KqopQlDLPxGFpNtOOqM46Qjwtwfo1siThyyqX1iFty95eVTDCgCDOttFGikj abetoPGtgIcSPl5JPer7E4I5eiO+U+dWYd00aZBXV1J1t75GPbL/14m/XiI1bFZ+8S9F Y/Nk3n7o/iug62QcBBDT7vl7Nvd/x28FcakE7DKrZ29tkrKk3aefl0d2OZ4kFBjkn+zf 1N2A==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=P5dppUpc; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-73807-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-73807-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from am.mirrors.kernel.org (am.mirrors.kernel.org. [2604:1380:4601:e00::3]) by mx.google.com with ESMTPS id k13-20020a17090627cd00b00a3ecf85a72bsi1659337ejc.906.2024.02.20.15.13.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 20 Feb 2024 15:13:24 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel+bounces-73807-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) client-ip=2604:1380:4601:e00::3; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=P5dppUpc; arc=pass (i=1 dkim=pass dkdomain=kernel.org); spf=pass (google.com: domain of linux-kernel+bounces-73807-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:4601:e00::3 as permitted sender) smtp.mailfrom="linux-kernel+bounces-73807-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by am.mirrors.kernel.org (Postfix) with ESMTPS id 89A971F22D90 for ; Tue, 20 Feb 2024 23:13:24 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id D72AD154451; Tue, 20 Feb 2024 23:13:16 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="P5dppUpc" Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 03F6915442A; Tue, 20 Feb 2024 23:13:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708470796; cv=none; b=cMTg8Em6wMlyb6ZQN95h4u/3D4HePezXbpW8lDovytx2MsX0NuTtyTboIor8Z4+y1fLJZw+WRDIvuwHDcEgCjRlS3fto+cbPeNBYu8YdFlaGmU2wJVTa1hXjjzcaJwvy8aovs68Bm23JWzJwRMwUun1H+8Eg6JwuTKMSWI4oEVE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708470796; c=relaxed/simple; bh=3vGct6fyWaeG1D4cSXWDULBZIRqLRMImFmhMqUWov1M=; h=Mime-Version:Content-Type:Date:Message-Id:Cc:Subject:From:To: References:In-Reply-To; b=NML4AJrfNEOpw/UDbvR/LeeeprqzIEAk2UJbPYTyji9BPUuHPhBVGVEnyauFuUkBsxjtF2KNBmgYrdZdkOgcOMqCns3kE7C2LDr+30oo5STTRNO0SDuzrYVB8G2rUo+F5lvHp/QTFwDfjPsmB+Xg+8MOebpte63Mq3pW4LyGoZI= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=P5dppUpc; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 23819C433C7; Tue, 20 Feb 2024 23:13:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1708470795; bh=3vGct6fyWaeG1D4cSXWDULBZIRqLRMImFmhMqUWov1M=; h=Date:Cc:Subject:From:To:References:In-Reply-To:From; b=P5dppUpcllHI1hbII1XmHEvbfSRwtL90aBmChsdL68+YBubMgCPI0uKDR+Kb+Jy6Z U4LsvS+dlaO5XZvA1I759lDQ6OKW3ZTDKDyRMelXnG3FgSIv4dR30zaTMTTCK/SpLb YW48S8lqHjQ8lNdXpJVmBIu4Bkww6iQstYG+06vzPY1uHEEfMbSxaKseqo3Fsb5ihA NuJydKLG5JVZ4DsgJglBQMtMG9S8npQCFWDLpUGdlpcKCuD2bAaylooSgfA2ZJwIcX 9q4MAMkFbCpVUGA10TYpNz+nF6j4rkZsKqsqQXoBO0rGZRFf67MHLyLduEAsq7TLdR TO0U8fUdWyC+w== Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=UTF-8 Date: Tue, 20 Feb 2024 23:13:11 +0000 Message-Id: Cc: "Kanth Ghatraju" , "Peter Huewe" Subject: Re: [PATCH 1/3] tpm: protect against locality counter underflow From: "Jarkko Sakkinen" To: "Jarkko Sakkinen" , , "Lino Sanfilippo" , "Alexander Steffen" , "Daniel P. Smith" , "Jason Gunthorpe" , "Sasha Levin" , , X-Mailer: aerc 0.15.2 References: <20240131170824.6183-1-dpsmith@apertussolutions.com> <20240131170824.6183-2-dpsmith@apertussolutions.com> <2ba9a96e-f93b-48e2-9ca0-48318af7f9b1@kunbus.com> <91f600ef-867b-4523-89be-1c0ba34f8a4c@kunbus.com> <657ade76-98c5-4f93-9716-b471b31d07e2@oracle.com> In-Reply-To: On Tue Feb 20, 2024 at 11:10 PM UTC, Jarkko Sakkinen wrote > On Tue Feb 20, 2024 at 10:57 PM UTC, wrote: > > On 2/20/24 2:26 PM, Jarkko Sakkinen wrote: > > > On Tue Feb 20, 2024 at 8:54 PM UTC, Lino Sanfilippo wrote: > > >> for (i =3D 0; i <=3D MAX_LOCALITY; i++) > > >> __tpm_tis_relinquish_locality(priv, i); > > >=20 > > > I'm pretty unfamiliar with Intel TXT so asking a dummy question: > > > if Intel TXT uses locality 2 I suppose we should not try to > > > relinquish it, or? > > > > The TPM has five localities (0 - 4). Localities 1 - 4 are for DRTM=20 > > support. For TXT, locality 4 is hard wired to the CPU - nothing else ca= n=20 > > Locality 4 is familiar because it comes across from time to time. > > If I recall correctly DRTM should use only localities 3-4 and=20 > localities 0-2 should be reserved for the OS use. > > So this does not match what I recall unfortunately but I'm not > really expert with this stuff. > > The patches has zero explanations SINIT ACM's behaviour on > locality use and without that this cannot move forward because > there's neither way to reproduce any of this. > > Actually there's zero effort on anything related to SINIT. To put short we need a clearer sequence what Intel TXT does causing leaving localities does. If that is nailed to less abstract description then we can review this. If we know this blackbox model then there's a chance to make simulation of it e.g. with QEMU. Alternatively we need a more trivial scenario to reproduce a bug in locality handling than Intel TXT. There's no enough beef ATM to really make good decisions what sort of code change would be best for Linux. BR, Jarkko