| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1537270212.3424.4.camel@HansenPartnership.com>
Date: Tue, 18 Sep 2018 07:30:12 -0400
From: James Bottomley <James.Bottomley@...senPartnership.com>
To: David Woodhouse <dwmw2@...radead.org>,
David Howells <dhowells@...hat.com>,
Marcel Holtmann <marcel@...tmann.org>
Cc: James Morris <jmorris@...ei.org>,
Denis Kenzior <denkenz@...il.com>, keyrings@...r.kernel.org,
linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 00/22] KEYS: Support TPM-wrapped key and crypto ops
On Tue, 2018-09-18 at 08:00 +0100, David Woodhouse wrote:
>
> On Sat, 2018-09-08 at 16:26 +0100, David Howells wrote:
> > Marcel Holtmann <marcel@...tmann.org> wrote:
> >
> > >
> > > so I have reviewed and tested this code. In addition, we have
> > > test cases for it in ELL (embedded linux library).
> >
> > I wonder if there's any practical way to add a test for this to the
> > keyutils test suite. I'm guessing it's quite tricky, given the
> > extra bits you need to emulate the TPM.
>
> Right, for a lot of userspace stuff we have the TPM emulator but for
> the kernel you might need to run in qemu, which I believe can emulate
> a TPM now (or at least, can talk to the TPM emulator, which has the
> same effect).
Actually, you don't necessarily. I use this patch:
https://marc.info/?l=tpmdd-devel&m=148392353230117
Which allows me to make a TCP connection to the software TPM running in
userspace without having to have the TPM components in qemu (or even to
run virtual). I used it to debug all the in-kernel resource manager
patches. It's TPM 2.0, but could easily be modified to work with 1.2
James
Powered by blists - more mailing lists