Re: [PATCH 1/4] integrity: TPM internel kernel interface

From: Christoph Hellwig
Date: Wed Aug 13 2008 - 10:46:03 EST

Next message: Oliver Neukum: "Re: Power management for SCSI"
Previous message: Takashi Iwai: "Re: linux-next: Tree for August 13"
In reply to: Alan Cox: "Re: [PATCH 1/4] integrity: TPM internel kernel interface"
Next in thread: Kenneth Goldman: "Re: [PATCH 1/4] integrity: TPM internel kernel interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Aug 13, 2008 at 02:40:40PM +0100, Alan Cox wrote:
> > "goodies", the TCG technology does not protect against hardware
> > attacks such as replacing the TPM with a bogus device, replacing the
> > CRTM hardware, flashing the CRTM using a JTAG cable, lifting a TPM pin>
> > and asserting reset, using a JTAG cable to set breakpoints and alter
> > memory, etc.
> >
> > For this use case, the attack model is a remote, software attack. The>
> > user is not considered the attacker.
>
> Surely if I can replace your TPM with alternative hardware then I can
> also replace it with virtualised software traps.

Yes, which in fact is what most people working on TPM support use
because the real hardware is just too slow :)

> [If there is a good document on this btw please just point me there
> instead and I'll go read further]

I recommend this one:
http://www.few.vu.nl/~srijith/publications/confs/sws07-final.pdf :)

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Oliver Neukum: "Re: Power management for SCSI"
Previous message: Takashi Iwai: "Re: linux-next: Tree for August 13"
In reply to: Alan Cox: "Re: [PATCH 1/4] integrity: TPM internel kernel interface"
Next in thread: Kenneth Goldman: "Re: [PATCH 1/4] integrity: TPM internel kernel interface"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]