Re: [PATCH] doc: trusted-encrypted: updates with TEE as a new trust source (update)

[Jarkko Sakkinen <jarkko@kernel.org>]

On Fri, Jan 15, 2021 at 06:15:51PM -0500, Elaine Palmer wrote:
> 
> 
> On 1/13/21 4:23 PM, Jarkko Sakkinen wrote:
> > On Tue, Jan 12, 2021 at 10:55:44AM +0530, Sumit Garg wrote:
> > > On Sun, 10 Jan 2021 at 08:46, Jarkko Sakkinen <jarkko@kernel.org> wrote:
> > > > On Mon, Jan 04, 2021 at 06:06:33PM +0530, Sumit Garg wrote:
> > > > > Hi Jarkko, On Fri, 11 Dec 2020 at 13:44, Jarkko Sakkinen
> > > > > <jarkko@kernel.org> wrote:
> > > > > > On Wed, Dec 09, 2020 at 11:42:49AM -0500, Mimi Zohar wrote:
> > > > > > > From: Elaine Palmer <erpalmer@us.ibm.com> Update
> > > > > > > trusted key documentation with additional
> > > > > > > comparisons between discrete TPMs and TEE.
> > > > > > > Signed-off-by: Elaine Palmer <erpalmer@us.ibm.com>
> > > > > > Right, so OP-TEE is not the same as TEE. I did not know
> > > > > > this and the patch set does not underline this. I
> > > > > > re-checked the patches and none of them say explicitly
> > > > > > that OP-TEE is an application living inside TEE.
> > > > > This patch-set provides a trust source based on generic TEE
> > > > > interface where underlying TEE implementations like OP-TEE
> > > > > (drivers/tee/optee/), AMD TEE (drivers/tee/amdtee/) etc. can
> > > > > easily be hooked up. And this is similar to the TPM
> > > > > interface where underlying TPM implementations like discrete
> > > > > TPM, virtual TPM, firmware TPM etc. can be easily hooked up.
> > > > > > This essentially means that the backend needs to be
> > > > > > renamed as "op_tee".
> > > > > I don't see any need for this, see above.
> > > > Right, TEE is a protocol standard, just like TPM, and OP-TEE is
> > > > one implementation of this interface? I.e. OP-TEE does not
> > > > define API that is hard bound to OP-TEE?
> > > Yes, OP-TEE doesn't define a hard bound client interface API. The
> > > client API is based on TEE client API specification [1] from
> > > GlobalPlatform. [1]
> > > http://globalplatform.org/specs-library/tee-client-api-specification/
> > > -Sumit
> > Thanks, bookmarked. No need for name change. /Jarkko
> This discussion has illustrated that even those of us who live and
> breathe this stuff could use clarification.  Shouldn't we recommend
> that the Trust Source have a hardware root of trust?  We could be
> even more specific.  For example, the documentation could recommend
> that a TPM be evaluated under "TCG Protection Profile for PC Client
> Specific TPM 2.0" or later and a TEE be evaluated under GlobalPlatform
> "TEE Protection Profile v1.3, GPD_SPE_021" or later.  Of course, our
> recommendation would not be a requirement, but it would provide
> guidance for deployment as well as precedent for future Trust Sources.

Recommend what? Not following. I don't undestand what recommending
trust sources means, and why it's written as Trust Sources.

/Jarkko

> I know where I'm getting stuck is on TEEs as a concept vs
> TEEs with specific hardware requirements and interfaces.
> The same applies to TPMs.  There are hardware TPMs that meet
> the protection profile and there are other implementations
> (e.g., vTPMs) that use the same interface, but aren't anchored in
> hardware.
> 
> I know if I were deploying a server, mobile device, or IoT device, I'd
> want to know exactly what is protecting my keys.  A generic TPM or TEE
> doesn't tell me enough.
> 
> -Elaine
> 
> 
>