lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <202209201620.A886373@keescook>
Date:   Tue, 20 Sep 2022 16:24:22 -0700
From:   Kees Cook <keescook@...omium.org>
To:     Evan Green <evgreen@...omium.org>
Cc:     linux-kernel@...r.kernel.org, gwendal@...omium.org,
        Eric Biggers <ebiggers@...nel.org>,
        Matthew Garrett <mgarrett@...ora.tech>, jarkko@...nel.org,
        zohar@...ux.ibm.com, linux-integrity@...r.kernel.org,
        Pavel Machek <pavel@....cz>, apronin@...omium.org,
        dlunev@...gle.com, rjw@...ysocki.net, linux-pm@...r.kernel.org,
        corbet@....net, jejb@...ux.ibm.com, Hao Wu <hao.wu@...rik.com>,
        Len Brown <len.brown@...el.com>,
        Matthew Garrett <matthewgarrett@...gle.com>,
        "Rafael J. Wysocki" <rafael@...nel.org>, axelj <axelj@...s.com>
Subject: Re: [PATCH v2 10/10] PM: hibernate: seal the encryption key with a
 PCR policy

On Tue, Aug 23, 2022 at 03:25:26PM -0700, Evan Green wrote:
> The key blob is not secret, and by default the TPM will happily unseal
> it regardless of system state. We can protect against that by sealing
> the secret with a PCR policy - if the current PCR state doesn't match,
> the TPM will refuse to release the secret. For now let's just seal it to
> PCR 23. In the long term we may want a more flexible policy around this,
> such as including PCR 7 for PCs or 0 for Chrome OS.
> 
> Sourced-from: Matthew Garrett <mjg59@...gle.com>

If it's a total rewrite, I'd say use:

Suggested-by: Matthew Garrett <...>
Link: https://lore.kernel.org/of/what/it/was/based/on

If it's built on an existing patch, I'd say use:

Co-developed-by: Matthew Garrett <...>
Signed-off-by: Matthew Garrett <...>

But I defer to what Matthew thinks. :)

Also, if you don't hear from Matthew, maybe ping his mjg59@...f.ucam.org
address.

-Kees

-- 
Kees Cook

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ