From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: "Fuchs, Andreas" <andreas.fuchs@sit.fraunhofer.de>
Cc: "tpmdd-devel@lists.sourceforge.net"
<tpmdd-devel@lists.sourceforge.net>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
David Howells <dhowells@redhat.com>,
"gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>,
"open list:KEYS-TRUSTED" <linux-security-module@vger.kernel.org>,
"open list:KEYS-TRUSTED" <keyrings@vger.kernel.org>,
James Morris <james.l.morris@oracle.com>,
David Safford <safford@us.ibm.com>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
josh@joshtripplet.org, richard.l.maliszewski@intel.com,
monty.wiseman@intel.com
Subject: Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips
Date: Mon, 5 Oct 2015 16:17:33 +0300 [thread overview]
Message-ID: <20151005131733.GA4459@intel.com> (raw)
In-Reply-To: <9F48E1A823B03B4790B7E6E69430724D9D7AEAB1@EXCH2010A.sit.fraunhofer.de>
I don't mean to be impolite but could line up your replies properly
and avoid top-posting. I'd recommend 72 chars per line. Thanks.
On Mon, Oct 05, 2015 at 12:20:47PM +0000, Fuchs, Andreas wrote:
> That's why I propose to give the context-save-blob into the kernel. It
> does not require any TPM2_Load of the key-chain or TPM2_CreatePrimary
> prior to key usage.
>
> BTW, in the current TSS2-model context-save-blobs are the preferred
> way for "moving/copying" loaded objects between two applications or
> threads. The TSS2 crew did not see any value in having a "libdrm-like"
> flink() call. Since you have to transfer the handle anyways,
> transferring those few bytes of blob are actually just as easy and
> management inside the daemon becomes way simple without flink()ing...
> ;-)
>
> Regarding the in-kernel "minimal resource manager": AFAIK there is
> already a tpm-mutex inside the kernel. We could use that mutex and
> then have the algorithm:
>
> [SNIP]
I don't care about one purpose hacks. Second, I don't care about pseudo
code (at least not for "too big things"). It has tendency to mask
unexpected details. If you want to propose something, please go through
the patch process.
> We don't need anything more fancy than this. And it should even
> guarantee that the old values are still present after mutex_release,
> so (opposed to a full-blown resource-manager) we do not need to keep
> track and rewrite virtual handles inside the user-space commands.
>
> IMHO, this should be lightweight enough even for the most embedded of
> applications, since the 2*2k blobs are only allocated on demand...
It's still unnecessary functionality and increases the kernel image size
and every hack requires maintenance. It would probably end up needing
compilation flag as there exists efforts like:
https://tiny.wiki.kernel.org/
My simple and stupid solution does not *prevent* adding better
synchronization. I would go with that and implement access broker
properly and not for just one use case later on.
> ChromeOS with 1.2 uses a forked patched TrouSerS, right ?
> I don't know about 2.0 though...
Yup, patched to use UDP sockets.
> Cheers,
> Andreas
/Jarkko
next prev parent reply other threads:[~2015-10-05 13:17 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-02 8:38 [PATCH 0/4] Basic trusted keys support for TPM 2.0 Jarkko Sakkinen
2015-10-02 8:38 ` [PATCH 1/4] tpm: introduce struct tpm_buf Jarkko Sakkinen
2015-10-02 8:38 ` [PATCH 2/4] trusted: move struct trusted_key_options to trusted-type.h Jarkko Sakkinen
2015-10-02 8:38 ` [PATCH 3/4] tpm: seal/unseal for TPM 2.0 Jarkko Sakkinen
2015-10-13 17:34 ` Jason Gunthorpe
2015-10-13 19:49 ` Jarkko Sakkinen
2015-10-02 8:38 ` [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips Jarkko Sakkinen
2015-10-03 10:00 ` [tpmdd-devel] " Fuchs, Andreas
2015-10-03 10:26 ` Jarkko Sakkinen
2015-10-03 10:35 ` Jarkko Sakkinen
2015-10-04 18:57 ` Fuchs, Andreas
2015-10-05 8:37 ` Jarkko Sakkinen
2015-10-05 9:00 ` Fuchs, Andreas
2015-10-05 11:56 ` Jarkko Sakkinen
2015-10-05 12:20 ` Fuchs, Andreas
2015-10-05 13:17 ` Jarkko Sakkinen [this message]
2015-10-05 13:36 ` Fuchs, Andreas
2015-10-05 13:57 ` Jarkko Sakkinen
2015-10-05 14:13 ` Fuchs, Andreas
2015-10-05 14:28 ` Jarkko Sakkinen
2015-10-05 15:20 ` Arthur, Will C
2015-10-06 6:22 ` Fuchs, Andreas
2015-10-06 12:26 ` Jarkko Sakkinen
2015-10-06 13:16 ` Fuchs, Andreas
2015-10-06 15:05 ` Jarkko Sakkinen
2015-10-07 10:04 ` Fuchs, Andreas
2015-10-07 10:25 ` Jarkko Sakkinen
2015-10-07 10:32 ` Fuchs, Andreas
2015-10-07 11:15 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151005131733.GA4459@intel.com \
--to=jarkko.sakkinen@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=andreas.fuchs@sit.fraunhofer.de \
--cc=dhowells@redhat.com \
--cc=gregkh@linuxfoundation.org \
--cc=james.l.morris@oracle.com \
--cc=josh@joshtripplet.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=monty.wiseman@intel.com \
--cc=richard.l.maliszewski@intel.com \
--cc=safford@us.ibm.com \
--cc=serge@hallyn.com \
--cc=tpmdd-devel@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.