From: Ben Boeckel <me@benboeckel.net>
To: James Bottomley <James.Bottomley@hansenpartnership.com>
Cc: linux-integrity@vger.kernel.org,
Jarkko Sakkinen <jarkko@kernel.org>,
keyrings@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>
Subject: Re: [PATCH v2 09/11] KEYS: trusted: Add session encryption protection to the seal/unseal path
Date: Sun, 29 Jan 2023 08:06:19 -0500 [thread overview]
Message-ID: <Y9ZvS9PozyX5AxpZ@farprobe> (raw)
In-Reply-To: <20230124175516.5984-10-James.Bottomley@HansenPartnership.com>
On Tue, Jan 24, 2023 at 12:55:14 -0500, James Bottomley wrote:
> If some entity is snooping the TPM bus, the can see the data going in
^^^ they
> to be sealed and the data coming out as it is unsealed. Add parameter
> and response encryption to these cases to ensure that no secrets are
> leaked even if the bus is snooped.
>
> As part of doing this conversion it was discovered that policy
> sessions can't work with HMAC protected authority because of missing
> pieces (the tpm Nonce). I've added code to work the same way as
> before, which will result in potential authority exposure (while still
> adding security for the command and the returned blob), and a fixme to
> redo the API to get rid of this security hole.
--Ben
next prev parent reply other threads:[~2023-01-29 13:06 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-24 17:55 [PATCH v2 00/11] add integrity and security to TPM2 transactions James Bottomley
2023-01-24 17:55 ` [PATCH v2 01/11] tpm: move buffer handling from static inlines to real functions James Bottomley
2023-01-24 19:57 ` kernel test robot
2023-01-25 14:01 ` James Bottomley
2023-01-24 17:55 ` [PATCH v2 02/11] tpm: add buffer handling for TPM2B types James Bottomley
2023-01-24 17:55 ` [PATCH v2 03/11] tpm: add cursor based buffer functions for response parsing James Bottomley
2023-01-24 17:55 ` [PATCH v2 04/11] tpm: add buffer function to point to returned parameters James Bottomley
2023-01-24 17:55 ` [PATCH v2 05/11] tpm: export the context save and load commands James Bottomley
2023-01-24 17:55 ` [PATCH v2 06/11] tpm: Add full HMAC and encrypt/decrypt session handling code James Bottomley
2023-01-24 20:48 ` kernel test robot
2023-01-24 23:11 ` kernel test robot
2023-01-25 12:59 ` James Bottomley
2023-02-03 6:06 ` Yujie Liu
2023-02-08 2:49 ` Jarkko Sakkinen
2023-02-10 14:48 ` James Bottomley
2023-02-13 7:45 ` Jarkko Sakkinen
2023-02-13 9:31 ` Yujie Liu
2023-02-14 13:54 ` Ard Biesheuvel
2023-02-14 14:28 ` James Bottomley
2023-02-14 14:36 ` Ard Biesheuvel
2023-02-16 14:52 ` James Bottomley
2023-02-17 8:49 ` Ard Biesheuvel
2023-02-14 14:34 ` James Bottomley
2023-02-17 21:51 ` Jarkko Sakkinen
2023-02-08 4:35 ` James Bottomley
2023-01-25 6:03 ` kernel test robot
2023-01-24 17:55 ` [PATCH v2 07/11] tpm: add hmac checks to tpm2_pcr_extend() James Bottomley
2023-01-24 17:55 ` [PATCH v2 08/11] tpm: add session encryption protection to tpm2_get_random() James Bottomley
2023-01-24 17:55 ` [PATCH v2 09/11] KEYS: trusted: Add session encryption protection to the seal/unseal path James Bottomley
2023-01-29 13:06 ` Ben Boeckel [this message]
2023-01-24 17:55 ` [PATCH v2 10/11] tpm: add the null key name as a sysfs export James Bottomley
2023-01-24 17:55 ` [PATCH v2 11/11] Documentation: add tpm-security.rst James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y9ZvS9PozyX5AxpZ@farprobe \
--to=me@benboeckel.net \
--cc=James.Bottomley@hansenpartnership.com \
--cc=ardb@kernel.org \
--cc=jarkko@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.