| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <9F48E1A823B03B4790B7E6E69430724D9D7AEBD5@EXCH2010A.sit.fraunhofer.de> Date: Mon, 5 Oct 2015 13:36:18 +0000 From: "Fuchs, Andreas" <andreas.fuchs@....fraunhofer.de> To: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com> CC: "tpmdd-devel@...ts.sourceforge.net" <tpmdd-devel@...ts.sourceforge.net>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, David Howells <dhowells@...hat.com>, "gregkh@...uxfoundation.org" <gregkh@...uxfoundation.org>, "open list:KEYS-TRUSTED" <linux-security-module@...r.kernel.org>, "open list:KEYS-TRUSTED" <keyrings@...r.kernel.org>, James Morris <james.l.morris@...cle.com>, "David Safford" <safford@...ibm.com>, "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>, "Serge E. Hallyn" <serge@...lyn.com>, "josh@...htripplet.org" <josh@...htripplet.org>, "richard.l.maliszewski@...el.com" <richard.l.maliszewski@...el.com>, "monty.wiseman@...el.com" <monty.wiseman@...el.com> Subject: RE: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips > > Regarding the in-kernel "minimal resource manager": AFAIK there is > > already a tpm-mutex inside the kernel. We could use that mutex and > > then have the algorithm: > > > > [SNIP] > > I don't care about one purpose hacks. Second, I don't care about pseudo > code (at least not for "too big things"). It has tendency to mask > unexpected details. If you want to propose something, please go through > the patch process. > > > We don't need anything more fancy than this. And it should even > > guarantee that the old values are still present after mutex_release, > > so (opposed to a full-blown resource-manager) we do not need to keep > > track and rewrite virtual handles inside the user-space commands. > > > > IMHO, this should be lightweight enough even for the most embedded of > > applications, since the 2*2k blobs are only allocated on demand... > > It's still unnecessary functionality and increases the kernel image size > and every hack requires maintenance. It would probably end up needing > compilation flag as there exists efforts like: > > https://tiny.wiki.kernel.org/ > > My simple and stupid solution does not *prevent* adding better > synchronization. I would go with that and implement access broker > properly and not for just one use case later on. Unfortunately, I'm not able to write up some code for this myself atm. Other priorities unfortunately. I was just pointing out, that the proposed patch will not fit in with the current approach in TSS2.0, before this user-facing kernel API is set in stone and _corrected_ new syscalls need to be added later. Also, the pseudo-code proposal should be a proper minimal access broker that should solve most accesses to TPM transient objects down the road. Session-brokering is a different beast of course. Cheers, Andreas-- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists