Re: [PATCH v6 06/14] x86: Add early SHA support for Secure Launch early measurements

From: Matthew Garrett
Date: Fri May 12 2023 - 07:05:45 EST

Next message: Roger Quadros: "Re: [PATCH v2 1/2] dt-bindings: cdns,usb3: Add clock and reset"
Previous message: David Laight: "RE: [PATCH v2 2/2] RISC-V: lib: Optimize memset performance"
In reply to: Jarkko Sakkinen: "Re: [PATCH v6 06/14] x86: Add early SHA support for Secure Launch early measurements"
Next in thread: Ard Biesheuvel: "Re: [PATCH v6 06/14] x86: Add early SHA support for Secure Launch early measurements"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 09, 2023 at 06:21:44PM -0700, Eric Biggers wrote:

> SHA-1 is insecure. Why are you still using SHA-1? Don't TPMs support SHA-2
> now?

TXT is supported on some TPM 1.2 systems as well. TPM 2 systems are also
at the whim of the firmware in terms of whether the SHA-2 banks are
enabled. But even if the SHA-2 banks are enabled, if you suddenly stop
extending the SHA-1 banks, a malicious actor can later turn up and
extend whatever they want into them and present a SHA-1-only
attestation. Ideally whatever is handling that attestation should know
whether or not to expect an attestation with SHA-2, but the easiest way
to maintain security is to always extend all banks.

Next message: Roger Quadros: "Re: [PATCH v2 1/2] dt-bindings: cdns,usb3: Add clock and reset"
Previous message: David Laight: "RE: [PATCH v2 2/2] RISC-V: lib: Optimize memset performance"
In reply to: Jarkko Sakkinen: "Re: [PATCH v6 06/14] x86: Add early SHA support for Secure Launch early measurements"
Next in thread: Ard Biesheuvel: "Re: [PATCH v6 06/14] x86: Add early SHA support for Secure Launch early measurements"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]