[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170102193320.trawto65nkjccbao@intel.com>
Date: Mon, 2 Jan 2017 21:33:20 +0200
From: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
To: James Bottomley <James.Bottomley@...senPartnership.com>
Cc: tpmdd-devel@...ts.sourceforge.net,
linux-security-module@...r.kernel.org,
open list <linux-kernel@...r.kernel.org>
Subject: Re: [tpmdd-devel] [PATCH RFC 0/4] RFC: in-kernel resource manager
On Mon, Jan 02, 2017 at 08:36:20AM -0800, James Bottomley wrote:
> On Mon, 2017-01-02 at 15:22 +0200, Jarkko Sakkinen wrote:
> > This patch set adds support for TPM spaces that provide a context
> > for isolating and swapping transient objects. This patch set does
> > not yet include support for isolating policy and HMAC sessions but
> > it is trivial to add once the basic approach is settled (and that's
> > why I created an RFC patch set).
>
> The approach looks fine to me. The only basic query I have is about
> the default: shouldn't it be with resource manager on rather than off?
> I can't really think of a use case that wants the RM off (even if
> you're running your own, having another doesn't hurt anything, and it's
> still required to share with in-kernel uses).
This is a valid question and here's a longish explanation.
In TPM2_GetCapability and maybe couple of other commands you can get
handles in the response body. I do not want to have special cases in the
kernel for response bodies because there is no a generic way to do the
substitution. What's worse, new commands in the standard future
revisions could have such commands requiring special cases. In addition,
vendor specific commans could have handles in the response bodies.
It's better to leverage that to the user space. I would do only simple
and fail-safe stuff in the kernel.
Turning RM on by default would raise a backwards compatibility issue.
>
> > There's a test script for trying out TPM spaces in
> >
> > git://git.infradead.org/users/jjs/tpm2-scripts.git
> >
> > A simple smoke test can be run by
> >
> > sudo python -m unittest -v tpm2_smoke.SpaceTest
>
> I've also added an enabling patch to the tss
>
> https://build.opensuse.org/package/view_file/home:jejb1:Tumbleweed/tss2/0002-tssProperties-add-TPM_USE_RESOURCE_MANAGER.patch?expand=1
>
> And with that, I've TPM 2 enabled both gnome-keyring and openssl:
>
> https://build.opensuse.org/package/show/home:jejb1:Tumbleweed/gnome-keyring
> https://build.opensuse.org/package/show/home:jejb1:Tumbleweed/openssl_tpm_engine
>
> I'm running them in production on my day to day laptop and so far
> everything's working nicely (better than 1.2, in fact, since tcsd
> periodically crashes necessitating a restart of everything).
Great, thanks for doing this!
> So you can definitely add my Tested-By.
Thank you.
> James
/Jarkko
Powered by blists - more mailing lists