| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <89d90617ba9b7a5eff1d5fad6bb9773033d3c18c.camel@HansenPartnership.com> Date: Sun, 07 Dec 2025 15:33:17 +0900 From: James Bottomley <James.Bottomley@...senPartnership.com> To: Jarkko Sakkinen <jarkko@...nel.org>, linux-integrity@...r.kernel.org Cc: Peter Huewe <peterhuewe@....de>, Jason Gunthorpe <jgg@...pe.ca>, Mimi Zohar <zohar@...ux.ibm.com>, David Howells <dhowells@...hat.com>, Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, open list <linux-kernel@...r.kernel.org>, "open list:KEYS-TRUSTED" <keyrings@...r.kernel.org>, "open list:SECURITY SUBSYSTEM" <linux-security-module@...r.kernel.org> Subject: Re: [PATCH] KEYS: trusted: Re-orchestrate tpm2_read_public() calls On Fri, 2025-12-05 at 02:49 +0200, Jarkko Sakkinen wrote: > On Fri, Dec 05, 2025 at 01:20:30AM +0200, Jarkko Sakkinen wrote: > > On Fri, Dec 05, 2025 at 12:31:27AM +0200, Jarkko Sakkinen wrote: > > > tpm2_load_cmd() and tpm2_unseal_cmd() use the same parent, and > > > calls to > > > tpm_buf_append_name() cause the exact same TPM2_ReadPublic > > > command to be > > > sent to the chip, causing unnecessary traffic. > > > > > > 1. Export tpm2_read_public in order to make it callable from > > > 'trusted_tpm2'. > > > 2. Re-orchestrate tpm2_seal_trusted() and tpm2_unseal_trusted() > > > in order to > > > halve the name resolutions required: > > > 2a. Move tpm2_read_public() calls into trusted_tpm2. > > > 2b. Pass TPM name to tpm_buf_append_name(). > > > 2c. Rework tpm_buf_append_name() to use the pre-resolved name. > > > > > > Signed-off-by: Jarkko Sakkinen <jarkko@...nel.org> > > > > If ASN.1 blob would contain also name of the parent then zero > > tpm2_read_public() calls would be required i.e., the main > > bottleneck here inherits from the limitations of the file format > > itself. > > Along the lines of attached patch. Well firstly [6] is already being taken by the creation data proposal, so this would introduce an incompatibility between the kernel and the spec, but secondly, if you want something like this in the spec before it goes to the IETF you really need to propose it now. The problem with this particular addition is that it would be Linux Kernel specific. All the current TSSs already do a cached read public under the covers when they add the session wrappings so the user facing API they expose has nowhere to insert (or easily extract) a name field and thus TSS based implementations would have no incentive to either output or consume this field. That's not to say the standard can't have additions for crazy or niche use cases (that's what the rsaParent flag is: a one off to support a niche SUSE use case) but it would be hard to persuade user implementations to do this so the kernel would have to interoperate with the case where it didn't exist anyway. The standard use today is with permanent handles for parents, where the parent is created on the fly, so the name is actually returned from TPM2_CreatePrimary for this use case. It should be a simple matter to bring the kernel implementation up to doing this as well. Regards, James
Powered by blists - more mailing lists