From: Sumit Garg <sumit.garg@linaro.org>
To: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: "Zhu, Bing" <bing.zhu@intel.com>,
Shyam Saini <shyamsaini@linux.microsoft.com>,
"alex.bennee@linaro.org" <alex.bennee@linaro.org>,
"code@tyhicks.com" <code@tyhicks.com>,
"Matti.Moell@opensynergy.com" <Matti.Moell@opensynergy.com>,
"arnd@linaro.org" <arnd@linaro.org>,
"hmo@opensynergy.com" <hmo@opensynergy.com>,
"joakim.bech@linaro.org" <joakim.bech@linaro.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-mmc@vger.kernel.org" <linux-mmc@vger.kernel.org>,
"linux-scsi@vger.kernel.org" <linux-scsi@vger.kernel.org>,
"maxim.uvarov@linaro.org" <maxim.uvarov@linaro.org>,
"ruchika.gupta@linaro.org" <ruchika.gupta@linaro.org>,
"Winkler, Tomas" <tomas.winkler@intel.com>,
"ulf.hansson@linaro.org" <ulf.hansson@linaro.org>,
"Huang, Yang" <yang.huang@intel.com>,
"jens.wiklander@linaro.org" <jens.wiklander@linaro.org>,
"op-tee@lists.trustedfirmware.org"
<op-tee@lists.trustedfirmware.org>
Subject: Re: [PATCH v2 0/4] rpmb subsystem, uapi and virtio-rpmb driver
Date: Thu, 1 Jun 2023 11:18:54 +0530 [thread overview]
Message-ID: <CAFA6WYPKeJYTzvnZkoL_dw6uXSkhAh6uxoEOWHYU7oLNRDRWaA@mail.gmail.com> (raw)
In-Reply-To: <CAC_iWjKAdimEH0SsC_z9QuFS4sGLp2BVzx03s+RKvcLXY25kuQ@mail.gmail.com>
On Thu, 1 Jun 2023 at 11:02, Ilias Apalodimas
<ilias.apalodimas@linaro.org> wrote:
>
> Hi Bing
>
> On Thu, 1 Jun 2023 at 04:03, Zhu, Bing <bing.zhu@intel.com> wrote:
> >
> > As an alternative, Is it possible to change ftpm design not to depend on RPMB access at the earlier/boot stage? Because to my understanding, typically PCRs don't require persistent/NV storage (for example, before RPMB or tee-supplicant is ready, use TEE memory instead as temporary storage)
>
> I am not entirely sure this will solve our problem here. You are
> right that we shouldn't depend on the supplicant to extend PCRs. But
> what happens if an object is sealed against certain PCR values? We
> are back to the same problem
+1
Temporary storage may be a stop gap solution for some use-cases but
having a fast path access to RPMB via kernel should be our final goal.
I would suggest we start small with the MMC subsystem to expose RPMB
access APIs for OP-TEE driver rather than a complete RPMB subsystem.
-Sumit
>
> Thanks
> /Ilias
> >
> > Bing
> >
> > IPAS Security Brown Belt (https://www.credly.com/badges/69ea809f-3a96-4bc7-bb2f-442c1b17af26)
> > System Software Engineering
> > Software and Advanced Technology Group
> > Zizhu Science Park, Shanghai, China
> >
> > -----Original Message-----
> > From: Shyam Saini <shyamsaini@linux.microsoft.com>
> > Sent: Thursday, June 1, 2023 3:10 AM
> > To: alex.bennee@linaro.org
> > Cc: code@tyhicks.com; Matti.Moell@opensynergy.com; arnd@linaro.org; Zhu, Bing <bing.zhu@intel.com>; hmo@opensynergy.com; ilias.apalodimas@linaro.org; joakim.bech@linaro.org; linux-kernel@vger.kernel.org; linux-mmc@vger.kernel.org; linux-scsi@vger.kernel.org; maxim.uvarov@linaro.org; ruchika.gupta@linaro.org; Winkler, Tomas <tomas.winkler@intel.com>; ulf.hansson@linaro.org; Huang, Yang <yang.huang@intel.com>; sumit.garg@linaro.org; jens.wiklander@linaro.org; op-tee@lists.trustedfirmware.org
> > Subject: [PATCH v2 0/4] rpmb subsystem, uapi and virtio-rpmb driver
> >
> > Hi Alex,
> >
> > [ Resending, Sorry for the noise ]
> >
> > Are you still working on it or planning to resubmit it ?
> >
> > [1] The current optee tee kernel driver implementation doesn't work when IMA is used with optee implemented ftpm.
> >
> > The ftpm has dependency on tee-supplicant which comes once the user space is up and running and IMA attestation happens at boot time and it requires to extend ftpm PCRs.
> >
> > But IMA can't use PCRs if ftpm use secure emmc RPMB partition. As optee can only access RPMB via tee-supplicant(user space). So, there should be a fast path to allow optee os to access the RPMB parititon without waiting for user-space tee supplicant.
> >
> > To achieve this fast path linux optee driver and mmc driver needs some work and finally it will need RPMB driver which you posted.
> >
> > Please let me know what's your plan on this.
> >
> > [1] https://optee.readthedocs.io/en/latest/architecture/secure_storage.html
> >
> > Best Regards,
> > Shyam
next prev parent reply other threads:[~2023-06-01 5:52 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-05 9:37 [PATCH v2 0/4] rpmb subsystem, uapi and virtio-rpmb driver Alex Bennée
2022-04-05 9:37 ` [PATCH v2 1/4] rpmb: add Replay Protected Memory Block (RPMB) subsystem Alex Bennée
2022-04-05 21:59 ` Bart Van Assche
2022-04-06 11:21 ` Alex Bennée
2022-04-05 9:37 ` [PATCH v2 2/4] char: rpmb: provide a user space interface Alex Bennée
2022-06-16 15:09 ` Harald Mommer
2022-06-16 19:21 ` Arnd Bergmann
2022-04-05 9:37 ` [PATCH v2 3/4] rpmb: create virtio rpmb frontend driver Alex Bennée
2022-06-16 15:44 ` Harald Mommer
2022-04-05 9:37 ` [PATCH v2 4/4] tools rpmb: add RPBM access tool Alex Bennée
2022-06-16 13:13 ` Harald Mommer
2022-04-05 14:54 ` [PATCH v2 0/4] rpmb subsystem, uapi and virtio-rpmb driver Bean Huo
2022-04-05 15:43 ` Alex Bennée
2022-04-05 17:03 ` Bean Huo
2022-04-06 11:22 ` Alex Bennée
2022-04-06 17:19 ` Bean Huo
2022-04-06 17:32 ` Bart Van Assche
2022-04-06 18:12 ` Bean Huo
2022-04-06 20:20 ` Bart Van Assche
2022-04-07 16:28 ` Bean Huo
2022-04-06 17:27 ` Bean Huo
2022-04-22 14:21 ` Alex Bennée
[not found] ` <20230531191007.13460-1-shyamsaini@linux.microsoft.com>
2023-06-01 1:02 ` Zhu, Bing
2023-06-01 5:31 ` Ilias Apalodimas
2023-06-01 5:48 ` Sumit Garg [this message]
2023-06-02 8:25 ` Ilias Apalodimas
2023-06-12 17:06 ` Jens Wiklander
2023-06-13 0:49 ` Shyam Saini
2023-06-13 16:47 ` Shyam Saini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAFA6WYPKeJYTzvnZkoL_dw6uXSkhAh6uxoEOWHYU7oLNRDRWaA@mail.gmail.com \
--to=sumit.garg@linaro.org \
--cc=Matti.Moell@opensynergy.com \
--cc=alex.bennee@linaro.org \
--cc=arnd@linaro.org \
--cc=bing.zhu@intel.com \
--cc=code@tyhicks.com \
--cc=hmo@opensynergy.com \
--cc=ilias.apalodimas@linaro.org \
--cc=jens.wiklander@linaro.org \
--cc=joakim.bech@linaro.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mmc@vger.kernel.org \
--cc=linux-scsi@vger.kernel.org \
--cc=maxim.uvarov@linaro.org \
--cc=op-tee@lists.trustedfirmware.org \
--cc=ruchika.gupta@linaro.org \
--cc=shyamsaini@linux.microsoft.com \
--cc=tomas.winkler@intel.com \
--cc=ulf.hansson@linaro.org \
--cc=yang.huang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.