lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <439c3a66a995429f6c8603640477580e17d03104.camel@HansenPartnership.com>
Date: Mon, 27 May 2024 19:44:38 -0400
From: James Bottomley <James.Bottomley@...senPartnership.com>
To: Jarkko Sakkinen <jarkko@...nel.org>, Vitor Soares <ivitro@...il.com>, 
	linux-integrity@...r.kernel.org
Cc: keyrings@...r.kernel.org, Peter Huewe <peterhuewe@....de>, Jason
 Gunthorpe <jgg@...pe.ca>, Mimi Zohar <zohar@...ux.ibm.com>, David Howells
 <dhowells@...hat.com>, Paul Moore <paul@...l-moore.com>, James Morris
 <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, 
 linux-kernel@...r.kernel.org, linux-security-module@...r.kernel.org
Subject: Re: [PATCH 1/3] tpm: Disable TCG_TPM2_HMAC by default

On Tue, 2024-05-28 at 02:17 +0300, Jarkko Sakkinen wrote:
> On Tue May 28, 2024 at 12:36 AM EEST, James Bottomley wrote:
> > On Mon, 2024-05-27 at 22:53 +0300, Jarkko Sakkinen wrote:
> > > On Mon May 27, 2024 at 8:57 PM EEST, James Bottomley wrote:
> > > > On Mon, 2024-05-27 at 18:34 +0300, Jarkko Sakkinen wrote:
> > [...]
> > > > > While looking at code I started to wanted what was the
> > > > > reasoning for adding *undocumented* "TPM2_OA_TMPL" in
> > > > > include/linux/tpm.h.It should really be in tpm2-sessions.c
> > > > > and named something like TPM2_NULL_KEY_OA or similar.
> > > > 
> > > > Well, because you asked for it. I originally had all the flags
> > > > spelled out and I'm not a fan of this obscurity, but you have
> > > > to do stuff like this to get patches accepted:
> > > > 
> > > > https://lore.kernel.org/linux-integrity/CZCKTWU6ZCC9.2UTEQPEVICYHL@suppilovahvero/
> > > 
> > > I still think the constant does make sense.
> > 
> > I'm not so sure.  The TCG simply defines it as a collection of
> > flags and every TPM tool set I've seen simply uses a list of flags
> > as well.  The original design was that the template would be in
> > this one place and everything else would call into it.  I think the
> > reason all template construction looks similar is for ease of
> > auditing (it's easy to get things, particularly the flags, wrong).
> > 
> > If it only has one use case, it should be spelled out but if
> > someone else would use it then it should be in the tpm.h shared
> > header.
> 
> It is used only in tpm2-sessions.c and for the null key so there it
> should be. And it is also lacking the associated documentation. Now
> both name and context it is used is lost.

The comment above the whole thing says what it is and where it comes
from:

	/*
	 * create the template.  Note: in order for userspace to
	 * verify the security of the system, it will have to create
	 * and certify this NULL primary, meaning all the template
	 * parameters will have to be identical, so conform exactly to
	 * the TCG TPM v2.0 Provisioning Guidance for the SRK ECC
	 * key H template (H has zero size unique points)
	 */

If we put the broken out flags back it's all fully documented.

James


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ