From: Matthew Garrett <mjg59-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
To: James Bottomley
<James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
Cc: Grant Likely
<grant.likely-s3s/WqlpOiPyB63q8FvJNQ@public.gmane.org>,
"linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Jon Masters <jcm-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
Leif Lindholm
<leif.lindholm-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>,
Ard Biesheuvel
<ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>,
Peter Jones <pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Subject: Re: MemoryOverwriteRequestControl
Date: Tue, 5 Jul 2016 03:40:23 +0100 [thread overview]
Message-ID: <20160705024022.GA9292@srcf.ucam.org> (raw)
In-Reply-To: <1467686108.2288.43.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
On Mon, Jul 04, 2016 at 07:35:08PM -0700, James Bottomley wrote:
> On Tue, 2016-07-05 at 02:06 +0100, Matthew Garrett wrote:
> > We want to set it the moment anything secret lands in RAM. Tying it
> > to TSS doesn't get us that.
>
> Well, we do to an approximation: whenever Tspi_Data_Unbind/Unseal are
> called secrets are dumped in RAM ... it's not the only time, but it's
> one of the biggest. What the TSS doesn't know is when the secret is
> safely disposed of again. It's one of the annoying lacuna in the
> model: the TSS itself is great at managing stuff, but as soon as it
> transmits secrets beyond itself, well, that's someone else's problem.
dm-crypt secrets are typically unrelated to the TPM, so I really don't
think the TSS is the right layer to be solving this.
--
Matthew Garrett | mjg59-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org
next prev parent reply other threads:[~2016-07-05 2:40 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-04 19:37 MemoryOverwriteRequestControl Grant Likely
[not found] ` <CACxGe6s7rgTBUf7jtN6J3i3w-HvAm2rFnjjwCtWRS6oHx3ZB5A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-07-04 21:31 ` MemoryOverwriteRequestControl James Bottomley
[not found] ` <1467667917.2288.23.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2016-07-04 22:26 ` MemoryOverwriteRequestControl Matthew Garrett
[not found] ` <20160704222609.GB5160-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
2016-07-05 1:03 ` MemoryOverwriteRequestControl James Bottomley
[not found] ` <1467680635.2288.36.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2016-07-05 1:06 ` MemoryOverwriteRequestControl Matthew Garrett
[not found] ` <20160705010622.GA7974-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
2016-07-05 2:35 ` MemoryOverwriteRequestControl James Bottomley
[not found] ` <1467686108.2288.43.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2016-07-05 2:40 ` Matthew Garrett [this message]
[not found] ` <20160705024022.GA9292-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
2016-07-05 2:58 ` MemoryOverwriteRequestControl James Bottomley
[not found] ` <1467687531.2288.51.camel-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org>
2016-07-05 3:03 ` MemoryOverwriteRequestControl Matthew Garrett
[not found] ` <20160705030314.GA9597-1xO5oi07KQx4cg9Nei1l7Q@public.gmane.org>
2016-07-05 4:24 ` MemoryOverwriteRequestControl James Bottomley
2016-07-04 22:20 ` MemoryOverwriteRequestControl Matthew Garrett
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160705024022.GA9292@srcf.ucam.org \
--to=mjg59-1xo5oi07kqx4cg9nei1l7q@public.gmane.org \
--cc=James.Bottomley-d9PhHud1JfjCXq6kfMZ53/egYHeGw8Jk@public.gmane.org \
--cc=ard.biesheuvel-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=grant.likely-s3s/WqlpOiPyB63q8FvJNQ@public.gmane.org \
--cc=jcm-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=leif.lindholm-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=linux-efi-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=pjones-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).