linux-security-module.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: Jason Gunthorpe <jgg@ziepe.ca>
Cc: linux-integrity@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
	monty.wiseman@ge.com, Monty Wiseman <montywiseman32@gmail.com>,
	Matthew Garrett <mjg59@google.com>
Subject: Re: Documenting the proposal for TPM 2.0 security in the face of bus interposer attacks
Date: Mon, 19 Nov 2018 13:34:41 -0800	[thread overview]
Message-ID: <1542663281.2910.44.camel@HansenPartnership.com> (raw)
In-Reply-To: <20181119211911.GH4890@ziepe.ca>

On Mon, 2018-11-19 at 14:19 -0700, Jason Gunthorpe wrote:
[...]
> Sure, for stuff working with shared secrets, etc, this make sense.
> But PCR extends are not secret, so there is no reason to encrypt them
> on the bus.

OK, there's a miscommunication here.  I believe the current document
states twice that there's no encryption for PCR operations.  We merely
use a salted HMAC session to ensure that they're reliably received by
the TPM and not altered in-flight.

> And if someone manipulates the unencrypted PCR extend commands then
> we are back to 'the PCB is broken' and all PCR based security has
> been lost.
> 
> > In theory, but we don't seem to have one.  The theory is that TPMs
> > come provisioned according to the TCG guidance which specifies RSA
> > and EC storage keys be at 81000001 and 81000002 respectively ... it
> > just seems that the current TPM generation don't respect this, so
> > they come with no permanent keys at all.
> 
> Seems surprising.. And the use models you have don't alwaus load a
> key that could be used for this?

I think it's because Microsoft realised after the first generation of
TPM 2.0s that not having any key at all was a problem, so lots of them
shipped before the spec got updated and manufacturers are somewhat slow
to retool production lines.  My TPM 2.0 doesn't even have an EC
certificate (although Nuvoton now claims this was a manufacturing
mistake) never mind a derived primary key.

James


  reply	other threads:[~2018-11-19 21:34 UTC|newest]

Thread overview: 34+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-11-19 17:34 Documenting the proposal for TPM 2.0 security in the face of bus interposer attacks James Bottomley
2018-11-19 20:05 ` Jason Gunthorpe
2018-11-19 20:20   ` James Bottomley
2018-11-19 21:19     ` Jason Gunthorpe
2018-11-19 21:34       ` James Bottomley [this message]
2018-11-19 21:44         ` Jason Gunthorpe
2018-11-19 22:36           ` James Bottomley
2018-11-19 23:08             ` Jason Gunthorpe
2018-11-20  0:54               ` James Bottomley
2018-11-20  3:05                 ` Jason Gunthorpe
2018-11-20 17:17                   ` James Bottomley
2018-11-20 21:33                     ` Jason Gunthorpe
2018-11-20 22:34                       ` James Bottomley
2018-11-20 23:39                         ` Jason Gunthorpe
2018-11-21  2:24                           ` EXTERNAL: " Jeremy Boone
2018-11-21  5:16                             ` Jason Gunthorpe
2018-11-20 23:52                       ` Jarkko Sakkinen
2018-11-20 23:41                     ` Jarkko Sakkinen
2018-11-20 11:10 ` Jarkko Sakkinen
2018-11-20 12:41   ` Jarkko Sakkinen
2018-11-20 17:25     ` James Bottomley
2018-11-20 23:13       ` Jarkko Sakkinen
2018-11-20 23:58         ` James Bottomley
2018-11-21  0:33           ` EXTERNAL: " Jeremy Boone
2018-11-21  6:37           ` Jarkko Sakkinen
2018-11-21  5:42         ` Jason Gunthorpe
2018-11-21  7:18           ` Jarkko Sakkinen
     [not found]             ` <F10185EF-C618-45DC-B1F3-0053B8FE417F@gmail.com>
2018-11-21  9:07               ` Jarkko Sakkinen
2018-11-21  9:14             ` Jarkko Sakkinen
2018-11-20 17:23   ` James Bottomley
2018-11-20 23:12     ` Jarkko Sakkinen
2018-12-10 16:33 ` Ken Goldman
2018-12-10 17:30   ` James Bottomley
2018-12-11 21:47     ` Ken Goldman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1542663281.2910.44.camel@HansenPartnership.com \
    --to=james.bottomley@hansenpartnership.com \
    --cc=jarkko.sakkinen@linux.intel.com \
    --cc=jgg@ziepe.ca \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=mjg59@google.com \
    --cc=monty.wiseman@ge.com \
    --cc=montywiseman32@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).