All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Analysis of TCG_TPM2_HMAC: Linux Kernel Feature for TPM Bus Security

By

todsacerdoti

4mo ago· 8 min readenInsight
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

Sesame, salt, and substance. A flagship bake.

Score100TypeanalysisSentimentneutral

Summary

The article examines the TCG_TPM2_HMAC Linux kernel feature, which adds HMAC and encryption to TPM bus communications to prevent bus snooping and interposer attacks. The author explores the technical implementation, security claims, and practical implications of this feature, noting that while it adds encryption overhead, it provides protection against both active and passive attackers on the TPM bus.

Key quotes

· 4 pulled
All encryption is end-to-end, if you're not picky about the ends.
Setting this causes us to deploy a scheme which uses request and response HMACs in addition to encryption for communicating with the TPM to prevent or detect bus snooping and interposer attacks.
Saying Y here adds some encryption overhead to all kernel to TPM transactions.
It claims to detect or prevent active and passive interposer attackers. That's one of my sleeper agent activation phrases, so I dug in.
Snippet from the RSS feed
All encryption is end-to-end, if you’re not picky about the ends. config TCG_TPM2_HMAC bool "Use HMAC and encrypted transactions on the TPM bus" default n select CRYPTO_ECDH select CRYPTO_LIB_AESCFB select CRYPTO_LIB_SHA256 select CRYPTO_LIB_UTILS help Se

You might also wanna read

Copy Fail: Critical Linux Kernel Vulnerability (CVE-2026-31431) Grants Root Access Across Major Distributions

Xint Code disclosed CVE-2026-31431, a critical Linux kernel vulnerability dubbed "Copy Fail." The bug exploits an authencesn scratch-write v

xint.io·1mo ago

Exploiting CVE-2024-50264: Using Kernel-Hack-Drill to Overcome Linux Kernel Vulnerability Challenges

This technical article details the exploitation of CVE-2024-50264, a challenging Linux kernel vulnerability that won the Pwnie Award 2025 fo

a13xp0p0v.github.io·9mo ago

North Korean Chollima Group Targets PHP Developers via Malicious Packagist Package

A malicious obfuscated JavaScript payload was discovered appended to tailwind.js in the Packagist development version dev-drewroberts/featur

socket.dev·8h ago

Restartable Sequences: A Linux Kernel Feature for Lock-Free Thread-Safe Programming

This article explores restartable sequences (rseq), a Linux kernel feature introduced in version 4.18 (circa 2018) that enables creation of

justine.lol·15h ago

Microsoft uncovers supply chain attack: Compromised @antv npm packages steal CI/CD credentials via Mini Shai-Hulud malware

Microsoft has identified an active supply chain attack targeting the @antv npm package ecosystem. A threat actor compromised an @antv mainta

microsoft.com·21h ago

npm malware targeting Claude users leaks own GitHub token, reaches 676 downloads

An npm package called "mouse5212-super-formatter" targeting Claude users acted as information-stealing malware, reaching 676 downloads befor

theregister.com·2d ago