| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20251208050620.339408-1-jarkko@kernel.org> Date: Mon, 8 Dec 2025 07:06:16 +0200 From: Jarkko Sakkinen <jarkko@...nel.org> To: linux-integrity@...r.kernel.org Cc: tpm2@...ts.linux.dev, Jarkko Sakkinen <jarkko@...nel.org>, James Bottomley <James.Bottomley@...senPartnership.com>, Mimi Zohar <zohar@...ux.ibm.com>, David Howells <dhowells@...hat.com>, Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, keyrings@...r.kernel.org (open list:KEYS-TRUSTED), linux-security-module@...r.kernel.org (open list:SECURITY SUBSYSTEM), linux-kernel@...r.kernel.org (open list) Subject: [PATCH v7 0/3] Optimize tpm2_read_public() calls The main goal is fairly straight-forwrd here. The aim of these patches is optimize the number of tpm2_read_public() calls to the bare minimum. ## About dropping 'parentName' attribute for ASN.1 keys from the patch set I wrote this section as a remainder as I have facts fresh in my mind so that I can return them as soon as there is working group for the ASN.1 specification. We really need to have this in the spec. I dropped [1] given that [2] is landing shortly to IETF draft process, according to James Bottomley [3]. We will return to [1] as soon as draft process is open for comments. Still, that attribute is super important, and here is why. This will cause a overhead as tpm2_unseal_trusted needs to do an unnecessary (from pure technical perspective) TPM2_ReadPublic command to acquire TPM name of the parent. This is obviously known at the time of creation of a key but the information is not stored anywhere by the key format. It also aligns badly with TCG specifications as Table 6 of architecture spec explicitly defines a reference (or name) for transient keys, persistent keys and NV indexes to be TPM_ALG_ID concatenated together with the hash of TPMT_PUBLIC. I.e. the file format is using exactly the opposite what should be use as reference for keys than what it should use. Other benefits are of course auto-discovery of parent for a key file, which is nasty to do without the name pre-stored. [1] https://lore.kernel.org/linux-integrity/20251207173210.93765-3-jarkko@kernel.org/ [2] https://www.hansenpartnership.com/draft-bottomley-tpm2-keys.txt [3] https://lore.kernel.org/linux-integrity/89d90617ba9b7a5eff1d5fad6bb9773033d3c18c.camel@HansenPartnership.com/ Jarkko Sakkinen (3): tpm2-sessions: Define TPM2_NAME_MAX_SIZE KEYS: trusted: Re-orchestrate tpm2_read_public() calls tpm2-sessions: Remove AUTH_MAX_NAMES drivers/char/tpm/tpm2-cmd.c | 3 +- drivers/char/tpm/tpm2-sessions.c | 116 ++++++-------------- include/linux/tpm.h | 19 +++- security/keys/trusted-keys/trusted_tpm2.c | 124 ++++++++++++++-------- 4 files changed, 133 insertions(+), 129 deletions(-) -- 2.39.5
Powered by blists - more mailing lists