lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 29 Nov 2019 12:05:16 -0800
From:   James Bottomley <jejb@...ux.ibm.com>
To:     "Zhao, Shirley" <shirley.zhao@...el.com>,
        Mimi Zohar <zohar@...ux.ibm.com>,
        Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
        Jonathan Corbet <corbet@....net>
Cc:     "linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>,
        "keyrings@...r.kernel.org" <keyrings@...r.kernel.org>,
        "linux-doc@...r.kernel.org" <linux-doc@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "'Mauro Carvalho Chehab'" <mchehab+samsung@...nel.org>,
        "Zhu, Bing" <bing.zhu@...el.com>,
        "Chen, Luhai" <luhai.chen@...el.com>
Subject: Re: One question about trusted key of keyring in Linux kernel.

On Fri, 2019-11-29 at 01:40 +0000, Zhao, Shirley wrote:
> Hi, James, 
> 
> Maybe the TPM command confused you. 

Well you did seem to be saying we had a problem in the TPM sealed key
subsystem.

> The question is I use keyctl command sealed a trusted key with PCR
> policy, but load it failed after reboot. 
> I don't know why it was loaded failed. I use TPM command to help find
> it, it report policy check failed. 

Right, so your question seems to be why after a reboot, the TPM policy
no longer works to authorize the key even from user space?  My best
guess would be the PCR value you've sealed it to changed over the
reboot for some reason.

> So my question is how to load the PCR policy sealed trusted key
> correctly?

You have to set the sealing release policy to something you know will
be invariant across reboots for an unseal to happen reliably.  However,
usually you also want the unseal to fail if something you don't like
changes, so you set the policy to be something that's invariant unless
that happens.  Not really knowing what your conditions are we can't
really tell you what your policy should look like.

> How to use policydigest and policyhandle correctly. 

I've no real idea how the tpm2_ commands work, but the tsspolicy
commands all have man pages which do a pretty good explanation.  If I
infer how your tpm2_ commands seem to be working, I think
you're sealing to a pcr7 hash?  pcr7 is the one that's supposed to
measure the secure boot path and properties and as such shouldn't
change across reboots, so I think your problem becomes finding out why
it changed.

James

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ