disable DA mechanism. ChromeOS doesn't rely on TPM's DA mitigation to protect the device. BUG=b:178365982 TEST=build ok. TEST=On a ChromeOS MV, check if DictionaryAttackLockoutResetTPM2 fails as expected (only meaningful with the child CL.) Change-Id: I9ac58ebcd6f8b8917d2483d78019563ce9f0271f Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/tpm2/+/2757825 Commit-Queue: Leo Lai <cylai@google.com> Tested-by: Leo Lai <cylai@google.com> Reviewed-by: Andrey Pronin <apronin@chromium.org>

commit: ef08cb02d76b3a16ee50cea489be4da987e6ecc1 [log] [tgz]
author: Leo Lai <cylai@google.com> Sun Mar 14 17:19:15 2021 +0800
committer: Commit Bot <commit-bot@chromium.org> Fri Apr 16 11:10:19 2021 +0000
tree: 3695c105e4718619062805644fdcc83c15cf9de6
parent: 86e93379322f012d354b9b8a369373ed9b62718c [diff]
diff --git a/DA.c b/DA.c
index 6d82716..9a1a3eb 100644
--- a/DA.c
+++ b/DA.c

@@ -26,8 +26,11 @@
      gp.failedTries = 0;
      // TODO(vbendeb): consider finer tuning of this value (crosbug.com/p/55708)
      gp.maxTries = 200;
-     gp.recoveryTime = 1000;                  // in seconds (~16.67 minutes)
-     gp.lockoutRecovery = 1000;               // in seconds
+
+     // Disable DA mitigation mechanism.
+     gp.recoveryTime = 0;
+     gp.lockoutRecovery = 0;
+
      gp.lockOutAuthEnabled = TRUE;            // Use of lockoutAuth is enabled
      // Record persistent DA parameter changes to NV
      NvWriteReserved(NV_FAILED_TRIES, &gp.failedTries);
commit	ef08cb02d76b3a16ee50cea489be4da987e6ecc1	[log] [tgz]
author	Leo Lai <cylai@google.com>	Sun Mar 14 17:19:15 2021 +0800
committer	Commit Bot <commit-bot@chromium.org>	Fri Apr 16 11:10:19 2021 +0000
tree	3695c105e4718619062805644fdcc83c15cf9de6
parent	86e93379322f012d354b9b8a369373ed9b62718c [diff]