| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 31 May 2023 12:10:07 -0700
From: Shyam Saini <shyamsaini@...ux.microsoft.com>
To: alex.bennee@...aro.org
Cc: code@...icks.com, Matti.Moell@...nsynergy.com, arnd@...aro.org,
bing.zhu@...el.com, hmo@...nsynergy.com,
ilias.apalodimas@...aro.org, joakim.bech@...aro.org,
linux-kernel@...r.kernel.org, linux-mmc@...r.kernel.org,
linux-scsi@...r.kernel.org, maxim.uvarov@...aro.org,
ruchika.gupta@...aro.org, tomas.winkler@...el.com,
ulf.hansson@...aro.org, yang.huang@...el.com,
sumit.garg@...aro.org, jens.wiklander@...aro.org,
op-tee@...ts.trustedfirmware.org
Subject: [PATCH v2 0/4] rpmb subsystem, uapi and virtio-rpmb driver
Hi Alex,
[ Resending, Sorry for the noise ]
Are you still working on it or planning to resubmit it ?
[1] The current optee tee kernel driver implementation doesn't work when IMA is used with optee implemented ftpm.
The ftpm has dependency on tee-supplicant which comes once the user space is up and running and IMA attestation happens at boot time and it requires to extend ftpm PCRs.
But IMA can't use PCRs if ftpm use secure emmc RPMB partition. As optee can only access RPMB via tee-supplicant(user space). So, there should be a fast path to allow optee os to access the RPMB parititon without waiting for user-space tee supplicant.
To achieve this fast path linux optee driver and mmc driver needs some work and finally it will need RPMB driver which you posted.
Please let me know what's your plan on this.
[1] https://optee.readthedocs.io/en/latest/architecture/secure_storage.html
Best Regards,
Shyam
Powered by blists - more mailing lists