| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1565682784-10234-1-git-send-email-sumit.garg@linaro.org>
Date: Tue, 13 Aug 2019 13:22:59 +0530
From: Sumit Garg <sumit.garg@...aro.org>
To: keyrings@...r.kernel.org, linux-integrity@...r.kernel.org,
linux-crypto@...r.kernel.org, linux-security-module@...r.kernel.org
Cc: dhowells@...hat.com, herbert@...dor.apana.org.au,
davem@...emloft.net, peterhuewe@....de, jgg@...pe.ca,
jejb@...ux.ibm.com, jarkko.sakkinen@...ux.intel.com, arnd@...db.de,
gregkh@...uxfoundation.org, zohar@...ux.ibm.com, jmorris@...ei.org,
serge@...lyn.com, casey@...aufler-ca.com,
ard.biesheuvel@...aro.org, daniel.thompson@...aro.org,
linux-kernel@...r.kernel.org, tee-dev@...ts.linaro.org,
Sumit Garg <sumit.garg@...aro.org>
Subject: [RFC/RFT v4 0/5] Add generic trusted keys framework/subsystem
This patch-set is an outcome of discussion here [1]. It has evolved very
much since v1 to create, consolidate and generalize trusted keys
subsystem.
This framework has been tested with trusted keys support provided via TEE
but I wasn't able to test it with a TPM device as I don't possess one. It
would be really helpful if others could test this patch-set using a TPM
device.
[1] https://www.mail-archive.com/linux-doc@vger.kernel.org/msg30591.html
Changes in v4:
1. Separate patch for export of tpm_buf code to include/linux/tpm.h
2. Change TPM1.x trusted keys code to use common tpm_buf
3. Keep module name as trusted.ko only
Changes in v3:
Move TPM2 trusted keys code to trusted keys subsystem.
Changes in v2:
Split trusted keys abstraction patch for ease of review.
Sumit Garg (5):
tpm: move tpm_buf code to include/linux/
KEYS: trusted: use common tpm_buf for TPM1.x code
KEYS: trusted: create trusted keys subsystem
KEYS: trusted: move tpm2 trusted keys code
KEYS: trusted: Add generic trusted keys framework
crypto/asymmetric_keys/asym_tpm.c | 2 +-
drivers/char/tpm/tpm-chip.c | 1 +
drivers/char/tpm/tpm-interface.c | 56 ---
drivers/char/tpm/tpm.h | 230 -----------
drivers/char/tpm/tpm2-cmd.c | 308 +--------------
include/keys/trusted-type.h | 45 +++
include/keys/{trusted.h => trusted_tpm.h} | 61 +--
include/linux/tpm.h | 270 ++++++++++++-
security/keys/Makefile | 2 +-
security/keys/trusted-keys/Makefile | 9 +
security/keys/trusted-keys/trusted-common.c | 343 ++++++++++++++++
.../keys/{trusted.c => trusted-keys/trusted-tpm.c} | 437 +++++----------------
security/keys/trusted-keys/trusted-tpm2.c | 378 ++++++++++++++++++
13 files changed, 1141 insertions(+), 1001 deletions(-)
rename include/keys/{trusted.h => trusted_tpm.h} (64%)
create mode 100644 security/keys/trusted-keys/Makefile
create mode 100644 security/keys/trusted-keys/trusted-common.c
rename security/keys/{trusted.c => trusted-keys/trusted-tpm.c} (72%)
create mode 100644 security/keys/trusted-keys/trusted-tpm2.c
--
2.7.4
Powered by blists - more mailing lists