| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a5e0cdc4839e478d926b90bd5ba0857c@huawei.com>
Date: Mon, 2 Mar 2020 15:11:41 +0000
From: Roberto Sassu <roberto.sassu@...wei.com>
To: Mimi Zohar <zohar@...ux.ibm.com>,
"James.Bottomley@...senPartnership.com"
<James.Bottomley@...senPartnership.com>,
"jarkko.sakkinen@...ux.intel.com" <jarkko.sakkinen@...ux.intel.com>,
Dmitry Kasatkin <dmitry.kasatkin@...il.com>
CC: "linux-integrity@...r.kernel.org" <linux-integrity@...r.kernel.org>,
"linux-security-module@...r.kernel.org"
<linux-security-module@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
Silviu Vlasceanu <Silviu.Vlasceanu@...wei.com>,
"stable@...r.kernel.org" <stable@...r.kernel.org>
Subject: RE: [PATCH v3 2/8] ima: Switch to ima_hash_algo for boot aggregate
> -----Original Message-----
> From: Mimi Zohar [mailto:zohar@...ux.ibm.com]
> Sent: Monday, March 2, 2020 3:47 PM
> To: Roberto Sassu <roberto.sassu@...wei.com>;
> James.Bottomley@...senPartnership.com;
> jarkko.sakkinen@...ux.intel.com; Dmitry Kasatkin
> <dmitry.kasatkin@...il.com>
> Cc: linux-integrity@...r.kernel.org; linux-security-module@...r.kernel.org;
> linux-kernel@...r.kernel.org; Silviu Vlasceanu
> <Silviu.Vlasceanu@...wei.com>; stable@...r.kernel.org
> Subject: Re: [PATCH v3 2/8] ima: Switch to ima_hash_algo for boot
> aggregate
>
>
> > > > > On Mon, 2020-02-10 at 11:00 +0100, Roberto Sassu wrote:
> > > My initial patch attempted to use any common TPM and kernel hash
> > > algorithm to calculate the boot_aggregate. The discussion with James
> > > was pretty clear, which you even stated in the Changelog. Either we
> > > use the IMA default hash algorithm, SHA256 for TPM 2.0 or SHA1 for
> TPM
> > > 1.2 for the boot-aggregate.
> >
> > Ok, I didn't understand fully. I thought we should use the default IMA
> > algorithm and select SHA256 as fallback choice for TPM 2.0 if there is no
> > PCR bank for default algorithm.
>
> Yes, preference is given to the IMA default algorithm, but it should
> fall back to using SHA256 or SHA1, based on the TPM.
Ok. The patch already does it even if the TPM version is not checked.
For TPM 1.2, if the default algorithm is not SHA1 the patch will select
the first PCR bank (SHA1).
Should I send a new patch which explicitly checks the TPM version?
> > I additionally implemented the logic to
> > select the first PCR bank if the SHA256 PCR bank is not available but I can
> > remove it.
> >
> > SHA256 should be the minimum requirement for boot aggregate. The
> > advantage of using the default IMA algorithm is that it will be possible to
> > select stronger algorithms when they are supported by the TPM. We
> might
> > introduce a new option to specify only the algorithm for boot aggregate,
> > like James suggested to support embedded systems. Let me know which
> > option you prefer.
>
> I don't remember James saying that, but if the community really wants
> that support, then it should be upstreamed independently, as a
> separate patch. Let's first get the basics working.
Ok.
Thanks
Roberto
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Li Peng, Li Jian, Shi Yanli
Powered by blists - more mailing lists