[Skiboot] [PATCH v2 2/6] secvar/secboot_tpm: unify behavior for bank hash check and secboot header check
Eric Richter
erichte at linux.ibm.com
Thu Nov 4 02:41:50 AEDT 2021
>
> In conclusion, the commit seems to:
> - do what it says on the tin.
>
> - prevent a nasty error case (bank hash mismatch -> complete lockdown
> without any recovery mechanism other than a physical presence assert)
>
> - not introduce any other obvious issues. You can probably use this to
> construct a replay attack - the sort of thing you address in the next
> patch - but if you can corrupt the bank hash you can probably wipe
> the magic bytes so this hardly seems worse, and you address at least
> the obvious case in the next patch.
Just for clarity's sake: this replay attack was already possible without
this patch. With the next patch fixing that attack, there was no point
in having more confusing error cases that depending on how the PNOR was
tampered.
>
> With the caveat that I haven't compiled it or tested it at all:
> Reviewed-by: Daniel Axtens <dja at axtens.net>
>
> Kind regards,
> Daniel
>
More information about the Skiboot
mailing list