[Skiboot] [PATCH 3/3] libstb/tpm: block access to unknown i2c devs on the tpm bus
stewart at flamingspork.com
Wed Dec 4 02:54:38 AEDT 2019
On Mon, Dec 2, 2019, at 9:46 PM, Oliver O'Halloran wrote:
> Our favourite TPM is capable of listening on multiple I2C bus addresses
> and although this feature is supposed to be disabled by default we have
> some systems in the wild where the TPM appears to be listening on these
> secondary addresses.
> The secondary addresses are also susceptible to the bus-lockup problem
> that we see with certain traffic patterns to the "main" TPM address.
> We don't know what addresses the TPM might be listening on it's best to
> take a conservitve approach and only allow traffic to I2C bus addresses
> that we are explicitly told about by firmware.
> This is only required on the TPM bus, so this patch extends the existing
> TPM workaround to also check that a DT node exists for any I2C bus
> address the OS wants to talk to. If there isn't one, we don't forward
> the I2C request to the bus and return an I2C timeout error to the OS.
> Signed-off-by: Oliver O'Halloran <oohall at gmail.com>
The gift that keeps on giving.
Acked-by: Stewart Smith <stewart at flamingspork.com>
More information about the Skiboot