From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ken Goldman Subject: Re: [PATCH v2 1/2] tpm2: add session handle context saving and restoring to the space code Date: Sun, 29 Jan 2017 19:35:32 -0500 Message-ID: References: <1485563481.3229.39.camel@HansenPartnership.com> <1485563558.3229.41.camel@HansenPartnership.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <1485563558.3229.41.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tpmdd-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org To: tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org Cc: linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org List-Id: tpmdd-devel@lists.sourceforge.net On 1/27/2017 7:32 PM, James Bottomley wrote: > > Sessions are also isolated during each instance of a tpm space. This > means that spaces shouldn't be able to see each other's sessions and > is enforced by ensuring that a space user may only refer to sessions > handles that are present in their own chip->session_tbl. Finally when > a space is closed, all the sessions belonging to it should be flushed > so the handles may be re-used by other spaces. This should be true for transient objects as well. ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751457AbdA3ApU (ORCPT ); Sun, 29 Jan 2017 19:45:20 -0500 Received: from [195.159.176.226] ([195.159.176.226]:48232 "EHLO blaine.gmane.org" rhost-flags-FAIL-FAIL-OK-OK) by vger.kernel.org with ESMTP id S1751011AbdA3ApN (ORCPT ); Sun, 29 Jan 2017 19:45:13 -0500 X-Injected-Via-Gmane: http://gmane.org/ To: linux-kernel@vger.kernel.org From: Ken Goldman Subject: Re: [PATCH v2 1/2] tpm2: add session handle context saving and restoring to the space code Date: Sun, 29 Jan 2017 19:35:32 -0500 Message-ID: References: <1485563481.3229.39.camel@HansenPartnership.com> <1485563558.3229.41.camel@HansenPartnership.com> Mime-Version: 1.0 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit X-Complaints-To: usenet@blaine.gmane.org User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.7.0 In-Reply-To: <1485563558.3229.41.camel@HansenPartnership.com> Cc: tpmdd-devel@lists.sourceforge.net, linux-security-module@vger.kernel.org Cc: tpmdd-devel@lists.sourceforge.net, linux-kernel@vger.kernel.org Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 1/27/2017 7:32 PM, James Bottomley wrote: > > Sessions are also isolated during each instance of a tpm space. This > means that spaces shouldn't be able to see each other's sessions and > is enforced by ensuring that a space user may only refer to sessions > handles that are present in their own chip->session_tbl. Finally when > a space is closed, all the sessions belonging to it should be flushed > so the handles may be re-used by other spaces. This should be true for transient objects as well.