| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 12 Oct 2014 20:03:25 -0400 From: Mimi Zohar <zohar@...ux.vnet.ibm.com> To: Andy Lutomirski <luto@...capital.net> Cc: Stefan Berger <stefanb@...ux.vnet.ibm.com>, keyrings@...ux-nfs.org, jarkko.sakkinnen@...ux.intel.com, "ksummit-discuss@...ts.linuxfoundation.org" <ksummit-discuss@...ts.linuxfoundation.org>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, LSM List <linux-security-module@...r.kernel.org>, tpmdd-devel@...ts.sourceforge.net, James Morris <james.l.morris@...cle.com>, linux-ima-devel@...ts.sourceforge.net, trousers-tech@...ts.sourceforge.net, Peter Huewe <PeterHuewe@....de> Subject: Re: [tpmdd-devel] [TrouSerS-tech] [Ksummit-discuss] TPM MiniSummit @ LinuxCon Europe On Tue, 2014-10-07 at 11:59 -0700, Andy Lutomirski wrote: > On Tue, Oct 7, 2014 at 11:47 AM, Stefan Berger > <stefanb@...ux.vnet.ibm.com> wrote: > > On 10/07/2014 02:02 PM, Jason Gunthorpe wrote: > >> > >> On Tue, Oct 07, 2014 at 01:54:41PM -0400, Stefan Berger wrote: > >> > >>> Why add the complexity of swapping of authenticated sessions and keys > >>> into the kernel if you can handle this in userspace? You need a library > >>> that is aware of the number of key slots and slots for sessions in the > >>> TPM and swaps them in at out when applications need them. Trousers is > >>> such a library that was designed to cope with the limitations of the > >>> device and make its functionality available to all applications that > >>> want to access it. > >> > >> How does trousers work with the kernel when the kernel is also using > >> TPM key slots for IMA/keyring/whatever? > > > > > > IIRC it only uses a single key slot and swaps all keys in and out of that > > one. If the kernel was to fill up all key (and sessions) slots, TSS would > > probably not work anymore. > > > > Another argument for the TSS is that you also wouldn't want applications to > > swap out each others keys and sessions and leave them out or assume that > > they would always cleanup if they do not currently need them. > > That argument seems backwards. If you're worried about applications > (or trousers itself!) failing to clean up, then shouldn't the kernel > driver clean up orphaned key slots itself? As I understand it, this isn't an issue of "cleaning up", but of mediating the limited resources, by "swapping" keys in and out as needed. Mimi > Also, what protects the kernel from having slot 0 get stomped on or, > worse, inappropriately used by a misbehaving or malicious user > program? Is the authorization session mechanism really secure against > intentional abuse by users of the same machine? > > --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists