From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: linux-integrity@vger.kernel.org
Cc: linux-crypto@vger.kernel.org
Subject: [RFC 0/2] add integrity and security to TPM2 transactions
Date: Fri, 02 Mar 2018 22:04:54 -0800 [thread overview]
Message-ID: <1520057094.27452.16.camel@HansenPartnership.com> (raw)
By now, everybody knows we have a problem with the TPM2_RS_PW easy
button on TPM2 in that transactions on the TPM bus can be intercepted
and altered. The way to fix this is to use real sessions for HMAC
capabilities to ensure integrity and to use parameter and response
encryption to ensure confidentiality of the data flowing over the TPM
bus.
This RFC is about adding a simple API which can ensure the above
properties as a layered addition to the existing TPM handling code.
Eventually we can add this to the random number generator, the PCR
extensions and the trusted key handling, but this all depends on the
conversion to tpm_buf which is not yet upstream, so I've constructed a
second patch which demonstrates the new API in a test module for those
who wish to play with it.
This series is also dependent on additions to the crypto subsystem to
fix problems in the elliptic curve key handling and add the Cipher
FeedBack encryption scheme:
https://marc.info/?l=linux-crypto-vger&m=151994371015475
---
James Bottomley (2):
tpm2-sessions: Add full HMAC and encrypt/decrypt session handling
tpm2-sessions: NOT FOR COMMITTING add sessions testing
drivers/char/tpm/Kconfig | 3 +
drivers/char/tpm/Makefile | 3 +-
drivers/char/tpm/tpm-chip.c | 1 +
drivers/char/tpm/tpm.h | 22 +
drivers/char/tpm/tpm2-cmd.c | 22 +-
drivers/char/tpm/tpm2-sessions-test.c | 178 +++++++
drivers/char/tpm/tpm2-sessions.c | 907 ++++++++++++++++++++++++++++++++++
drivers/char/tpm/tpm2-sessions.h | 55 +++
drivers/char/tpm/tpm2b.h | 82 +++
9 files changed, 1260 insertions(+), 13 deletions(-)
create mode 100644 drivers/char/tpm/tpm2-sessions-test.c
create mode 100644 drivers/char/tpm/tpm2-sessions.c
create mode 100644 drivers/char/tpm/tpm2-sessions.h
create mode 100644 drivers/char/tpm/tpm2b.h
--
2.12.3
next reply other threads:[~2018-03-03 6:04 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-03 6:04 James Bottomley [this message]
[not found] ` <1520057175.27452.18.camel@HansenPartnership.com>
2018-03-05 11:35 ` [PATCH 1/2] tpm2-sessions: Add full HMAC and encrypt/decrypt session handling Jarkko Sakkinen
2018-03-05 11:50 ` Jarkko Sakkinen
2018-03-05 14:58 ` James Bottomley
2018-03-05 17:41 ` Jarkko Sakkinen
2018-03-05 14:04 ` [RFC 0/2] add integrity and security to TPM2 transactions Jason Gunthorpe
2018-03-05 15:42 ` James Bottomley
2018-04-08 20:28 ` Ken Goldman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1520057094.27452.16.camel@HansenPartnership.com \
--to=james.bottomley@hansenpartnership.com \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox