Re: [PATCH 1/3] tpm: Disable TCG_TPM2_HMAC by default

linux-security-module.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "James Bottomley" <James.Bottomley@HansenPartnership.com>,
	"Vitor Soares" <ivitro@gmail.com>,
	<linux-integrity@vger.kernel.org>
Cc: <keyrings@vger.kernel.org>, "Peter Huewe" <peterhuewe@gmx.de>,
	"Jason Gunthorpe" <jgg@ziepe.ca>,
	"Mimi Zohar" <zohar@linux.ibm.com>,
	"David Howells" <dhowells@redhat.com>,
	"Paul Moore" <paul@paul-moore.com>,
	"James Morris" <jmorris@namei.org>,
	"Serge E. Hallyn" <serge@hallyn.com>,
	<linux-kernel@vger.kernel.org>,
	<linux-security-module@vger.kernel.org>
Subject: Re: [PATCH 1/3] tpm: Disable TCG_TPM2_HMAC by default
Date: Wed, 22 May 2024 17:39:36 +0300	[thread overview]
Message-ID: <D1G91ISGEB3K.35SA67CPX59JE@kernel.org> (raw)
In-Reply-To: <0d925d801d8988bb55afa476fb0564b052d54e62.camel@HansenPartnership.com>

On Wed May 22, 2024 at 5:20 PM EEST, James Bottomley wrote:
> On Wed, 2024-05-22 at 17:11 +0300, Jarkko Sakkinen wrote:
> > For tpm_crb we should actually disable HMAC at some point. It is
> > essentially a performance regression for it.
>
> You'd think that, because of the shared buffer and no bus, but you
> never quite know.  For instance several confidential computing early
> implementations used the crb interface set up by qemu (i.e. over shared
> buffers which are readable by the host).  For them the only way to get
> security is with sessions.  Even with the default Intel CRB, the TPM
> transaction isn't handled directly by the main CPU, it's offloaded to
> the ME (which we all know google loves because of its tight security
> boundary).  It is entirely possible to imagine a software interposer
> running in the ME snooping the CRB buffer.  A very different type of
> attack from the LPB interposer, but plausible non the less.
>
> James

Should have put "consider". I've tested with crb and spi and have
not noticed anything get stuck. One more reason to run tests with
that Celeron CPU from 2018...

BR, Jarkko

next prev parent reply	other threads:[~2024-05-22 14:39 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-05-19 23:51 [PATCH 0/3] KEYS: trusted: bug fixes Jarkko Sakkinen
2024-05-19 23:51 ` [PATCH 1/3] tpm: Disable TCG_TPM2_HMAC by default Jarkko Sakkinen
2024-05-21  7:03   ` Vitor Soares
2024-05-21  7:10     ` Jarkko Sakkinen
2024-05-21 12:33       ` James Bottomley
2024-05-21 13:00         ` Jarkko Sakkinen
2024-05-21 13:11           ` Jarkko Sakkinen
2024-05-21 13:16             ` Jarkko Sakkinen
2024-05-22  8:18         ` Vitor Soares
2024-05-22 12:01           ` Jarkko Sakkinen
2024-05-22 13:17             ` Vitor Soares
2024-05-22 13:31               ` Vitor Soares
2024-05-22 14:11               ` Jarkko Sakkinen
2024-05-22 14:20                 ` James Bottomley
2024-05-22 14:39                   ` Jarkko Sakkinen [this message]
2024-05-22 13:35           ` James Bottomley
2024-05-22 14:13             ` Jarkko Sakkinen
2024-05-22 14:58               ` Vitor Soares
2024-05-22 16:11                 ` Jarkko Sakkinen
2024-05-23  7:59                   ` Vitor Soares
2024-05-27 14:51                     ` Jarkko Sakkinen
2024-05-27 15:01                       ` Jarkko Sakkinen
2024-05-27 15:12                         ` Jarkko Sakkinen
2024-05-27 15:34                           ` Jarkko Sakkinen
2024-05-27 17:57                             ` James Bottomley
2024-05-27 19:53                               ` Jarkko Sakkinen
2024-05-27 20:01                                 ` Jarkko Sakkinen
2024-05-27 21:36                                 ` James Bottomley
2024-05-27 23:17                                   ` Jarkko Sakkinen
2024-05-27 23:44                                     ` James Bottomley
2024-05-28  1:04                                       ` Jarkko Sakkinen
2024-05-28  1:07                                         ` Jarkko Sakkinen
2024-05-19 23:51 ` [PATCH 2/3] KEYS: trusted: Fix memory leak in tpm2_key_encode() Jarkko Sakkinen
2024-05-19 23:51 ` [PATCH 3/3] KEYS: trusted: Do not use WARN when encode fails Jarkko Sakkinen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=D1G91ISGEB3K.35SA67CPX59JE@kernel.org \
    --to=jarkko@kernel.org \
    --cc=James.Bottomley@HansenPartnership.com \
    --cc=dhowells@redhat.com \
    --cc=ivitro@gmail.com \
    --cc=jgg@ziepe.ca \
    --cc=jmorris@namei.org \
    --cc=keyrings@vger.kernel.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=paul@paul-moore.com \
    --cc=peterhuewe@gmx.de \
    --cc=serge@hallyn.com \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).