Lines Matching +full:send +full:- +full:not +full:- +full:empty

1 .. SPDX-License-Identifier: GPL-2.0-only
12 ------------
22 -----------------------------------------------
42 ---------------------------
44 Since the attacker can send their own commands to the TPM, they can
45 send arbitrary PCR extends and thus disrupt the measurement system,
56    the PCRs and then send down their own measurements which would
68 ----------------
77 ---------------------------------------
86 either hierarchy would not have some type of authorization.
104 name, which is what is exported via sysfs so user-space can run the
112 --------------
116 hands to user-space the name of the derived null seed key which can
117 then be verified by certification in user-space.  Therefore, this chain
129 ------------------
136 known (and usually empty).  Thus, every HMAC session used by the
141 tpm_chip for every in-kernel use of the TPM.  Currently, because of a
142 lack of de-gapping in the in-kernel resource manager, the session must
144 session may also be reused for the in-kernel HMAC, encryption and
148 ----------------
150 For every in-kernel operation we use null primary salted HMAC to
167 requires the EK hierarchy password, but a pre-generated version of the
189 decryption HMAC session salted to the EK primary (which also does not
191 the encrypted parameter and thus the TPM will not be able to perform
202 /sys/class/tpm/tpm0/null_name.  If the names do not match, the TPM is
212 .. _TPM Genie: https://www.nccgroup.trust/globalassets/about-us/us/documents/tpm-genie.pdf
213 …ws Bitlocker TPM: https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-net…
214 …d Linux disk encryption: https://www.secura.com/blog/tpm-sniffing-attacks-against-non-bitlocker-ta…
215 …l Profile: https://trustedcomputinggroup.org/resource/tcg-ek-credential-profile-for-tpm-family-2-0/
216 …ovisioning Guidance: https://trustedcomputinggroup.org/resource/tcg-tpm-v2-0-provisioning-guidance/