From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "James Bottomley" <James.Bottomley@HansenPartnership.com>,
"Herbert Xu" <herbert@gondor.apana.org.au>
Cc: <linux-integrity@vger.kernel.org>, <keyrings@vger.kernel.org>,
<Andreas.Fuchs@infineon.com>,
"James Prestwood" <prestwoj@gmail.com>,
"David Woodhouse" <dwmw2@infradead.org>,
"Eric Biggers" <ebiggers@kernel.org>,
"David S. Miller" <davem@davemloft.net>,
"open list:CRYPTO API" <linux-crypto@vger.kernel.org>,
"open list" <linux-kernel@vger.kernel.org>,
"Peter Huewe" <peterhuewe@gmx.de>,
"Jason Gunthorpe" <jgg@ziepe.ca>,
"Mimi Zohar" <zohar@linux.ibm.com>,
"David Howells" <dhowells@redhat.com>,
"Paul Moore" <paul@paul-moore.com>,
"James Morris" <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
"open list:SECURITY SUBSYSTEM"
<linux-security-module@vger.kernel.org>
Subject: Re: [PATCH v2 4/6] KEYS: trusted: Move tpm2_key_decode() to the TPM driver
Date: Wed, 22 May 2024 00:17:13 +0300 [thread overview]
Message-ID: <D1FMVEJWGLEW.14QGHPAYPHQG1@kernel.org> (raw)
In-Reply-To: <cc3d952f8295b52b052fbffe009b796ffb45707a.camel@HansenPartnership.com>
On Tue May 21, 2024 at 9:18 PM EEST, James Bottomley wrote:
> On Tue, 2024-05-21 at 06:16 +0300, Jarkko Sakkinen wrote:
> [...]
> > diff --git a/include/crypto/tpm2_key.h b/include/crypto/tpm2_key.h
> > new file mode 100644
> > index 000000000000..acf41b2e0c92
> > --- /dev/null
> > +++ b/include/crypto/tpm2_key.h
> > @@ -0,0 +1,33 @@
> > +/* SPDX-License-Identifier: GPL-2.0-only */
> > +#ifndef __LINUX_TPM2_KEY_H__
> > +#define __LINUX_TPM2_KEY_H__
> > +
> > +#include <linux/slab.h>
> > +
> > +/*
> > + * TPM2 ASN.1 key
> > + */
> > +struct tpm2_key {
> > + u32 parent;
> > + const u8 *blob;
> > + u32 blob_len;
> > + const u8 *pub;
> > + u32 pub_len;
> > + const u8 *priv;
> > + u32 priv_len;
> > +};
> > +
> > +int tpm2_key_decode(const u8 *src, u32 src_len, struct tpm2_key
> > *key,
> > + u32 max_key_len);
>
> I don't think this is a good idea. Trusted keys already have a pre-
> defined max payload size (MAX_BLOB_SIZE in include/keys/trusted-type.h)
> and I've already had to increase this several times because once you
> get policy attached to a key, it can get pretty big (over a page).
> Exactly the same thing will happen to asymmetric keys as well, so it
> does make sense that they share the same maximum (probably in a more
> generic header, though).
ECDSA and RSA have different space requirements. With that solution you
actually max out space requirements given same cap for everything.
Even tpm2_key_ecdsa should use a different value than tpm2_key_rsa to
save memory.
> Since the code already right sizes the allocation and all we check with
> this is whether it's over a pre-defined maximum, it's way easier if
> that maximum is defined in a header rather than passed in in several
> places making increasing the maximum really hard because you have to
> chase all the threading.
You don't save a single byte of memory with any constant that dictates
the size requirements for multiple modules in two disjoint subsystems.
You are maximizing the use of memory.
> James
BR, Jarkko
next prev parent reply other threads:[~2024-05-21 21:17 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-05-21 3:16 [PATCH v2 0/6] KEYS: asymmetric: tpm2_key_rsa Jarkko Sakkinen
2024-05-21 3:16 ` [PATCH v2 1/6] crypto: rsa-pkcs1pad: export rsa1_asn_lookup() Jarkko Sakkinen
2024-05-21 3:16 ` [PATCH v2 2/6] lib: Expand asn1_encode_integer() to variable size integers Jarkko Sakkinen
2024-05-21 5:36 ` [EXTERNAL] " Bharat Bhushan
[not found] ` < <SN7PR18MB5314CFBD18B011F292809EBFE3EA2@SN7PR18MB5314.namprd18.prod.outlook.com>
2024-05-21 6:21 ` Jarkko Sakkinen
2024-05-21 3:16 ` [PATCH v2 3/6] tpm: Export tpm2_load_context() Jarkko Sakkinen
2024-05-21 3:16 ` [PATCH v2 4/6] KEYS: trusted: Move tpm2_key_decode() to the TPM driver Jarkko Sakkinen
2024-05-21 18:18 ` James Bottomley
2024-05-21 21:17 ` Jarkko Sakkinen [this message]
2024-05-21 21:44 ` David Howells
2024-05-21 21:59 ` James Bottomley
2024-05-21 22:45 ` Jarkko Sakkinen
2024-05-21 22:59 ` Jarkko Sakkinen
2024-05-21 22:42 ` Jarkko Sakkinen
2024-05-21 3:16 ` [PATCH v2 5/6] tpm: tpm2_key: Extend parser to TPM_LoadableKey Jarkko Sakkinen
2024-05-21 5:47 ` [EXTERNAL] " Bharat Bhushan
[not found] ` < <SN7PR18MB53140F4341BC441C1C11586EE3EA2@SN7PR18MB5314.namprd18.prod.outlook.com>
2024-05-21 7:13 ` Jarkko Sakkinen
2024-05-21 3:16 ` [PATCH v2 6/6] keys: asymmetric: ASYMMETRIC_TPM2_KEY_RSA_SUBTYPE Jarkko Sakkinen
2024-05-21 7:25 ` [EXTERNAL] " Bharat Bhushan
[not found] ` < <SN7PR18MB531494159D3996799475209DE3EA2@SN7PR18MB5314.namprd18.prod.outlook.com>
2024-05-21 7:38 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D1FMVEJWGLEW.14QGHPAYPHQG1@kernel.org \
--to=jarkko@kernel.org \
--cc=Andreas.Fuchs@infineon.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=dwmw2@infradead.org \
--cc=ebiggers@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=jgg@ziepe.ca \
--cc=jmorris@namei.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=peterhuewe@gmx.de \
--cc=prestwoj@gmail.com \
--cc=serge@hallyn.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.