From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "Jarkko Sakkinen" <jarkko@kernel.org>,
"Stefan Berger" <stefanb@linux.ibm.com>,
<linux-integrity@vger.kernel.org>
Cc: <keyrings@vger.kernel.org>,
"James Bottomley" <James.Bottomley@HansenPartnership.com>,
"William Roberts" <bill.c.roberts@gmail.com>,
"David Howells" <dhowells@redhat.com>,
"Jason Gunthorpe" <jgg@ziepe.ca>,
"Mimi Zohar" <zohar@linux.ibm.com>
Subject: Re: [PATCH v3 0/6] Extend struct tpm_buf to support sized buffers (TPM2B)
Date: Mon, 20 Nov 2023 00:12:39 +0200 [thread overview]
Message-ID: <CX34TM0NSPYT.3I002JNUTH5NL@kernel.org> (raw)
In-Reply-To: <CX34O1F9H8AO.1FP8YF01HGAQ3@kernel.org>
On Mon Nov 20, 2023 at 12:05 AM EET, Jarkko Sakkinen wrote:
> On Wed Nov 15, 2023 at 11:56 PM EET, Stefan Berger wrote:
> >
> >
> > On 10/23/23 21:15, Jarkko Sakkinen wrote:
> >
> > > For TPM1 I tried:
> > >
> > > keyctl add trusted kmk "new 32" @u
> > >
> > > This caused TPM error 18, which AFAIK means that there is not SRK (?),
> > > which is probably an issue in my swtpm configuration, which is visible
> > > in board/qemu/start-qemu.sh.in.
> >
> > FYI: This would create a TPM 1.2 with an SRK with password 'sss':
> >
> > swtpm_setup --tpmstate=./ --create-ek-cert --take-ownership --overwrite
> > --srkpass sss --ownerpass ooo
>
> Thanks! I'll update my scripts in my BuildRoot repository.
The repository helps to verify that tpm_buf changes don't break
anything. I created it because I saw it as too high risk not to
verify tpm_buf changes properly, as everything uses them.
Any bug in HMAC session feature itself would be optimally only
local to the feature and not something that spreads everywhere.
So both the patch set itself and also the BuildRoot repository
effectively manages this risk.
BR, Jarkko
prev parent reply other threads:[~2023-11-19 22:12 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-24 1:15 [PATCH v3 0/6] Extend struct tpm_buf to support sized buffers (TPM2B) Jarkko Sakkinen
2023-10-24 1:15 ` [PATCH v3 1/6] tpm: Move buffer handling from static inlines to real functions Jarkko Sakkinen
2023-10-25 9:03 ` Jerry Snitselaar
2023-10-25 17:35 ` Jarkko Sakkinen
2023-10-26 17:10 ` Jerry Snitselaar
2023-10-26 17:55 ` James Bottomley
2023-10-26 18:19 ` Jerry Snitselaar
2023-11-05 21:59 ` Jarkko Sakkinen
2023-11-05 22:01 ` Jarkko Sakkinen
2023-11-05 22:42 ` James Bottomley
2023-11-05 21:57 ` Jarkko Sakkinen
2023-10-24 1:15 ` [PATCH v3 2/6] tpm: Store TPM buffer length Jarkko Sakkinen
2023-11-06 19:26 ` Jerry Snitselaar
2023-11-15 21:02 ` Jarkko Sakkinen
2023-11-06 19:36 ` Jerry Snitselaar
2023-11-15 21:04 ` Jarkko Sakkinen
2023-10-24 1:15 ` [PATCH v3 3/6] tpm: Detach tpm_buf_reset() from tpm_buf_init() Jarkko Sakkinen
2023-11-06 19:31 ` Jerry Snitselaar
2023-11-15 21:03 ` Jarkko Sakkinen
2023-10-24 1:15 ` [PATCH v3 4/6] tpm: Support TPM2 sized buffers (TPM2B) Jarkko Sakkinen
[not found] ` <d4157726d924a3ddad477923d6bcb4a8e6a55e60.camel@HansenPartnership.com>
2023-11-06 3:25 ` Jarkko Sakkinen
2023-11-07 17:20 ` Jerry Snitselaar
2023-11-15 21:24 ` Jarkko Sakkinen
2023-10-24 1:15 ` [PATCH v3 5/6] tpm: Add tpm_buf_read_{u8,u16,u32} Jarkko Sakkinen
2023-10-24 1:38 ` Mario Limonciello
2023-10-24 10:52 ` Jarkko Sakkinen
2023-10-27 12:24 ` James Bottomley
2023-11-06 3:22 ` Jarkko Sakkinen
2023-10-24 1:15 ` [PATCH v3 6/6] KEYS: trusted: tpm2: Use struct tpm_buf for sized buffers Jarkko Sakkinen
2023-11-15 21:56 ` [PATCH v3 0/6] Extend struct tpm_buf to support sized buffers (TPM2B) Stefan Berger
2023-11-19 22:05 ` Jarkko Sakkinen
2023-11-19 22:12 ` Jarkko Sakkinen [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CX34TM0NSPYT.3I002JNUTH5NL@kernel.org \
--to=jarkko@kernel.org \
--cc=James.Bottomley@HansenPartnership.com \
--cc=bill.c.roberts@gmail.com \
--cc=dhowells@redhat.com \
--cc=jgg@ziepe.ca \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=stefanb@linux.ibm.com \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox