lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <f1597630-88ad-4530-8f3c-5437b297e268@intel.com>
Date: Sat, 14 Sep 2024 23:53:51 -0500
From: "Xing, Cedric" <cedric.xing@...el.com>
To: James Bottomley <James.Bottomley@...senPartnership.com>, Dan Williams
	<dan.j.williams@...el.com>, Samuel Ortiz <sameo@...osinc.com>, Lukas Wunner
	<lukas@...ner.de>, Dionna Amalie Glaze <dionnaglaze@...gle.com>, Qinkun Bao
	<qinkun@...gle.com>, Mikko Ylinen <mikko.ylinen@...ux.intel.com>, "Kuppuswamy
 Sathyanarayanan" <sathyanarayanan.kuppuswamy@...ux.intel.com>
CC: <linux-kernel@...r.kernel.org>, <linux-coco@...ts.linux.dev>
Subject: Re: [PATCH RFC 3/3] tsm: Add TVM Measurement Sample Code

On 9/14/2024 12:10 PM, James Bottomley wrote:
> On Sat, 2024-09-14 at 11:36 -0500, Xing, Cedric wrote:
>> I have considered this before. But I'm not sure how to
>> (define/describe criteria to) match an MR with its log format.
> 
> This is already defined for every existing log format ... why would you
> have to define it again?
> 
>>   Also, MRs are arch dependent and may also vary from gen to gen. I'm
>> afraid this might bring in more chaos than order.
> 
> I think I understand this. All measurement registers are simply
> equivalent to PCRs in terms of the mathematical definition of how they
> extend.  Exactly what measurements go into a PCR and how they are
> logged is defined in various standards.  The TCG ones are fairly fixed
> now, but if Intel wants to keep redefining the way its measurements
> work, the logical thing to do is tie this to a version number and make
> measuring the version the first log entry so the tools know how to
> differentiate.
> 
I’m not sure if I understand this correctly. Are you suggesting we 
continue using the event definitions from the existing TCG specs with 
just a simple RTMR-to-PCR map? That’s exactly the issue we’re trying to 
address. The current specs don’t cover new applications. For example, 
how to describe the event of launching a container measured to a 
specific SHA-256 digest in CoCo? Defining new event types would require 
revising the specs, which is a high barrier for most applications. While 
TPM has been widely adopted, its use has been mostly limited to pre-boot 
scenarios. The lack of OS applications leveraging TPM is partly due to 
this limitation IMHO.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ