From: jarkko.sakkinen@linux.intel.com (Jarkko Sakkinen)
To: linux-security-module@vger.kernel.org
Subject: [RFC 0/5] add integrity and security to TPM2 transactions
Date: Sat, 10 Mar 2018 14:49:48 +0200 [thread overview]
Message-ID: <18e2f4debbbc05ed4169d3eb263479df91941aa0.camel@linux.intel.com> (raw)
In-Reply-To: <1520465374.4894.12.camel@HansenPartnership.com>
On Wed, 2018-03-07 at 15:29 -0800, James Bottomley wrote:
> By now, everybody knows we have a problem with the TPM2_RS_PW easy
> button on TPM2 in that transactions on the TPM bus can be intercepted
> and altered. The way to fix this is to use real sessions for HMAC
> capabilities to ensure integrity and to use parameter and response
> encryption to ensure confidentiality of the data flowing over the TPM
> bus.
>
> This RFC is about adding a simple API which can ensure the above
> properties as a layered addition to the existing TPM handling code.
> Eventually we can add this to the random number generator, the PCR
> extensions and the trusted key handling, but this all depends on the
> conversion to tpm_buf which is not yet upstream, so I've constructed a
> second patch which demonstrates the new API in a test module for those
> who wish to play with it.
>
> This series is also dependent on additions to the crypto subsystem to
> fix problems in the elliptic curve key handling and add the Cipher
> FeedBack encryption scheme:
>
> https://marc.info/?l=linux-crypto-vger&m=151994371015475
>
> In the second version, I added security HMAC to our PCR extend and
> encryption to the returned random number generators and also extracted
> the parsing and tpm2b construction API into a new file.
>
> James
Might take up until end of next week before I have time to try this out.
Anyway, I'll see if I get this running on my systems before at the code
that much.
/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2018-03-10 12:49 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-07 23:29 [RFC 0/5] add integrity and security to TPM2 transactions James Bottomley
2018-03-07 23:30 ` [RFC v2 1/5] tpm-buf: create new functions for handling TPM buffers James Bottomley
2018-03-07 23:31 ` [RFC v2 2/5] tpm2-sessions: Add full HMAC and encrypt/decrypt session handling James Bottomley
2018-03-07 23:32 ` [RFC v2 3/5] tpm2: add hmac checks to tpm2_pcr_extend() James Bottomley
2018-03-07 23:33 ` [RFC v2 4/5] tpm2: add session encryption protection to tpm2_get_random() James Bottomley
2018-03-07 23:33 ` [RFC v2 5/5] tpm2-sessions: NOT FOR COMMITTING add sessions testing James Bottomley
2018-03-10 12:49 ` Jarkko Sakkinen [this message]
2018-03-10 18:29 ` [RFC 0/5] add integrity and security to TPM2 transactions James Bottomley
2018-03-12 11:00 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=18e2f4debbbc05ed4169d3eb263479df91941aa0.camel@linux.intel.com \
--to=jarkko.sakkinen@linux.intel.com \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).