From: Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
To: James Bottomley
<James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
Cc: linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org,
open list <linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: [PATCH v2 1/2] tpm2: add session handle context saving and restoring to the space code
Date: Tue, 31 Jan 2017 15:15:17 +0200 [thread overview]
Message-ID: <20170131131517.ewudypkagux2bg6e@intel.com> (raw)
In-Reply-To: <1485814477.2518.30.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
On Mon, Jan 30, 2017 at 02:14:37PM -0800, James Bottomley wrote:
> On Mon, 2017-01-30 at 23:45 +0200, Jarkko Sakkinen wrote:
> > On Sun, Jan 29, 2017 at 02:36:58PM -0800, James Bottomley wrote:
> [...]
> > > > 2. Can it really return both TPM_RC_HANDLE and
> > > > TPM_RC_REFERENCE_H0?
> > >
> > > Yes, it seems that a session that doesn't exist (because it's been
> > > flushed) then it returns TPM_RC_REFERNCE_H0, but if the context has
> > > a sequence mismatch (because it's been flushed and reloaded) then
> > > we get TPM_RC_HANDLE.
> > >
> > > James
> >
> > If it is flushed, wouldn't you just get TPM_RC_REFERENCE_H0 when you
> > try to TPM2_ContextLoad? The "and reloaded" does not make sense to
> > me. Once a session is flushed it cannot be reloaded.
> >
> > Maybe you meant to say "beause it's been saved and reloaded"? That
> > would make more sense and fits better what I see in the Commands
> > specification.
>
> I mean if you load a prior context instead of the current one for an
> existing handle, effectively a replay, you get TPM_RC_HANDLE.
>
> James
Thanks for clarifying this.
/Jarkko
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
WARNING: multiple messages have this Message-ID (diff)
From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: James Bottomley <James.Bottomley@HansenPartnership.com>
Cc: linux-security-module@vger.kernel.org,
tpmdd-devel@lists.sourceforge.net,
open list <linux-kernel@vger.kernel.org>
Subject: Re: [tpmdd-devel] [PATCH v2 1/2] tpm2: add session handle context saving and restoring to the space code
Date: Tue, 31 Jan 2017 15:15:17 +0200 [thread overview]
Message-ID: <20170131131517.ewudypkagux2bg6e@intel.com> (raw)
In-Reply-To: <1485814477.2518.30.camel@HansenPartnership.com>
On Mon, Jan 30, 2017 at 02:14:37PM -0800, James Bottomley wrote:
> On Mon, 2017-01-30 at 23:45 +0200, Jarkko Sakkinen wrote:
> > On Sun, Jan 29, 2017 at 02:36:58PM -0800, James Bottomley wrote:
> [...]
> > > > 2. Can it really return both TPM_RC_HANDLE and
> > > > TPM_RC_REFERENCE_H0?
> > >
> > > Yes, it seems that a session that doesn't exist (because it's been
> > > flushed) then it returns TPM_RC_REFERNCE_H0, but if the context has
> > > a sequence mismatch (because it's been flushed and reloaded) then
> > > we get TPM_RC_HANDLE.
> > >
> > > James
> >
> > If it is flushed, wouldn't you just get TPM_RC_REFERENCE_H0 when you
> > try to TPM2_ContextLoad? The "and reloaded" does not make sense to
> > me. Once a session is flushed it cannot be reloaded.
> >
> > Maybe you meant to say "beause it's been saved and reloaded"? That
> > would make more sense and fits better what I see in the Commands
> > specification.
>
> I mean if you load a prior context instead of the current one for an
> existing handle, effectively a replay, you get TPM_RC_HANDLE.
>
> James
Thanks for clarifying this.
/Jarkko
next prev parent reply other threads:[~2017-01-31 13:15 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-28 0:31 [PATCH 0/2] Add session handling to tpm spaces James Bottomley
2017-01-28 0:31 ` James Bottomley
[not found] ` <1485563481.3229.39.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2017-01-28 0:32 ` [PATCH v2 1/2] tpm2: add session handle context saving and restoring to the space code James Bottomley
2017-01-28 0:32 ` James Bottomley
2017-01-29 21:39 ` [tpmdd-devel] " Jarkko Sakkinen
[not found] ` <20170129213957.zx6v6g42kwcabc6y-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-01-29 22:36 ` James Bottomley
2017-01-29 22:36 ` [tpmdd-devel] " James Bottomley
[not found] ` <1485729418.2491.10.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2017-01-30 21:45 ` Jarkko Sakkinen
2017-01-30 21:45 ` [tpmdd-devel] " Jarkko Sakkinen
[not found] ` <20170130214526.56e4ai2k6zhzvgy4-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-01-30 22:14 ` James Bottomley
2017-01-30 22:14 ` [tpmdd-devel] " James Bottomley
[not found] ` <1485814477.2518.30.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2017-01-31 13:15 ` Jarkko Sakkinen [this message]
2017-01-31 13:15 ` Jarkko Sakkinen
[not found] ` <1485563558.3229.41.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2017-01-30 0:35 ` Ken Goldman
2017-01-30 0:35 ` Ken Goldman
2017-01-30 0:55 ` [tpmdd-devel] " James Bottomley
2017-01-30 21:46 ` Jarkko Sakkinen
2017-01-31 16:21 ` Jarkko Sakkinen
2017-01-31 16:21 ` [tpmdd-devel] " Jarkko Sakkinen
[not found] ` <20170131162115.vptki5ykmpnx27ym-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-01-31 16:27 ` Jarkko Sakkinen
2017-01-31 16:27 ` [tpmdd-devel] " Jarkko Sakkinen
2017-01-31 22:55 ` James Bottomley
2017-01-31 22:55 ` [tpmdd-devel] " James Bottomley
[not found] ` <1485903340.3199.107.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2017-02-01 22:11 ` Ken Goldman
2017-01-28 0:33 ` [PATCH 2/2] tpm2-space: add handling for global session exhaustion James Bottomley
[not found] ` <1485563634.3229.43.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2017-01-29 22:02 ` Jarkko Sakkinen
2017-01-29 22:02 ` [tpmdd-devel] " Jarkko Sakkinen
2017-01-29 22:03 ` Jarkko Sakkinen
[not found] ` <20170129220219.oqv7fuofvcqy3gzh-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-01-31 23:24 ` James Bottomley
2017-01-31 23:24 ` [tpmdd-devel] " James Bottomley
2017-02-01 10:29 ` Jarkko Sakkinen
2017-02-01 22:17 ` Ken Goldman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170131131517.ewudypkagux2bg6e@intel.com \
--to=jarkko.sakkinen-vuqaysv1563yd54fqh9/ca@public.gmane.org \
--cc=James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.