| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Oct 2014 11:59:04 -0700 From: Andy Lutomirski <luto@...capital.net> To: Stefan Berger <stefanb@...ux.vnet.ibm.com> Cc: Jason Gunthorpe <jgunthorpe@...idianresearch.com>, Peter Huewe <PeterHuewe@....de>, keyrings@...ux-nfs.org, jarkko.sakkinnen@...ux.intel.com, "ksummit-discuss@...ts.linuxfoundation.org" <ksummit-discuss@...ts.linuxfoundation.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, LSM List <linux-security-module@...r.kernel.org>, tpmdd-devel@...ts.sourceforge.net, James Morris <james.l.morris@...cle.com>, linux-ima-devel@...ts.sourceforge.net, trousers-tech@...ts.sourceforge.net Subject: Re: [tpmdd-devel] [TrouSerS-tech] [Ksummit-discuss] TPM MiniSummit @ LinuxCon Europe On Tue, Oct 7, 2014 at 11:47 AM, Stefan Berger <stefanb@...ux.vnet.ibm.com> wrote: > On 10/07/2014 02:02 PM, Jason Gunthorpe wrote: >> >> On Tue, Oct 07, 2014 at 01:54:41PM -0400, Stefan Berger wrote: >> >>> Why add the complexity of swapping of authenticated sessions and keys >>> into the kernel if you can handle this in userspace? You need a library >>> that is aware of the number of key slots and slots for sessions in the >>> TPM and swaps them in at out when applications need them. Trousers is >>> such a library that was designed to cope with the limitations of the >>> device and make its functionality available to all applications that >>> want to access it. >> >> How does trousers work with the kernel when the kernel is also using >> TPM key slots for IMA/keyring/whatever? > > > IIRC it only uses a single key slot and swaps all keys in and out of that > one. If the kernel was to fill up all key (and sessions) slots, TSS would > probably not work anymore. > > Another argument for the TSS is that you also wouldn't want applications to > swap out each others keys and sessions and leave them out or assume that > they would always cleanup if they do not currently need them. That argument seems backwards. If you're worried about applications (or trousers itself!) failing to clean up, then shouldn't the kernel driver clean up orphaned key slots itself? Also, what protects the kernel from having slot 0 get stomped on or, worse, inappropriately used by a misbehaving or malicious user program? Is the authorization session mechanism really secure against intentional abuse by users of the same machine? --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists