From: Jarkko Sakkinen <jarkko@kernel.org>
To: Jonathan McDowell <noodles@earth.li>
Cc: linux-integrity@vger.kernel.org, stable@vger.kernel.or,
Chris Fenner <cfenn@google.com>, Peter Huewe <peterhuewe@gmx.de>,
Jason Gunthorpe <jgg@ziepe.ca>,
David Howells <dhowells@redhat.com>,
Paul Moore <paul@paul-moore.com>,
James Morris <jmorris@namei.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
James Bottomley <James.Bottomley@hansenpartnership.com>,
open list <linux-kernel@vger.kernel.org>,
"open list:KEYS/KEYRINGS" <keyrings@vger.kernel.org>,
"open list:SECURITY SUBSYSTEM"
<linux-security-module@vger.kernel.org>
Subject: Re: [PATCH] tpm: Disable TPM2_TCG_HMAC by default
Date: Thu, 18 Sep 2025 22:12:20 +0300 [thread overview]
Message-ID: <aMxZlHn9bfa5LGEU@kernel.org> (raw)
In-Reply-To: <aMxV9fB0E72QQY2G@earth.li>
On Thu, Sep 18, 2025 at 07:56:53PM +0100, Jonathan McDowell wrote:
> On Mon, Aug 25, 2025 at 11:32:23PM +0300, Jarkko Sakkinen wrote:
> > After reading all the feedback, right now disabling the TPM2_TCG_HMAC
> > is the right call.
> >
> > Other views discussed:
> >
> > A. Having a kernel command-line parameter or refining the feature
> > otherwise. This goes to the area of improvements. E.g., one
> > example is my own idea where the null key specific code would be
> > replaced with a persistent handle parameter (which can be
> > *unambigously* defined as part of attestation process when
> > done correctly).
> >
> > B. Removing the code. I don't buy this because that is same as saying
> > that HMAC encryption cannot work at all (if really nitpicking) in
> > any form. Also I disagree on the view that the feature could not
> > be refined to something more reasoable.
> >
> > Also, both A and B are worst options in terms of backporting.
> >
> > Thus, this is the best possible choice.
>
> I think this is reasonable; it's adding runtime overhead and not adding
> enough benefit to be the default upstream.
Yes, I think this is a balanced change. I agree what you say and at the
same time this gives more space to refine it something usable. Right now
it is much harder to tackle those issue, as it is part of the default
config. By looking at things from this angle, the change is also
benefical for the feature itself (in the long run).
> Reviewed-By: Jonathan McDowell <noodles@earth.li>
Thank you! I appreciate this and will append this to the commit.
BR, Jarkko
next prev parent reply other threads:[~2025-09-18 19:12 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-08-25 20:32 [PATCH] tpm: Disable TPM2_TCG_HMAC by default Jarkko Sakkinen
2025-09-18 18:56 ` Jonathan McDowell
2025-09-18 19:12 ` Jarkko Sakkinen [this message]
2025-09-18 19:50 ` Chris Fenner
2025-09-18 20:52 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aMxZlHn9bfa5LGEU@kernel.org \
--to=jarkko@kernel.org \
--cc=James.Bottomley@hansenpartnership.com \
--cc=cfenn@google.com \
--cc=dhowells@redhat.com \
--cc=jgg@ziepe.ca \
--cc=jmorris@namei.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=noodles@earth.li \
--cc=paul@paul-moore.com \
--cc=peterhuewe@gmx.de \
--cc=serge@hallyn.com \
--cc=stable@vger.kernel.or \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).