From: Ben Boeckel <me@benboeckel.net>
To: James Bottomley <James.Bottomley@hansenpartnership.com>
Cc: linux-integrity@vger.kernel.org,
Jarkko Sakkinen <jarkko@kernel.org>,
keyrings@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>
Subject: Re: [PATCH v2 09/11] KEYS: trusted: Add session encryption protection to the seal/unseal path
Date: Sun, 29 Jan 2023 08:06:19 -0500 [thread overview]
Message-ID: <Y9ZvS9PozyX5AxpZ@farprobe> (raw)
In-Reply-To: <20230124175516.5984-10-James.Bottomley@HansenPartnership.com>
On Tue, Jan 24, 2023 at 12:55:14 -0500, James Bottomley wrote:
> If some entity is snooping the TPM bus, the can see the data going in
^^^ they
> to be sealed and the data coming out as it is unsealed. Add parameter
> and response encryption to these cases to ensure that no secrets are
> leaked even if the bus is snooped.
>
> As part of doing this conversion it was discovered that policy
> sessions can't work with HMAC protected authority because of missing
> pieces (the tpm Nonce). I've added code to work the same way as
> before, which will result in potential authority exposure (while still
> adding security for the command and the returned blob), and a fixme to
> redo the API to get rid of this security hole.
--Ben
next prev parent reply other threads:[~2023-01-29 13:06 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-24 17:55 [PATCH v2 00/11] add integrity and security to TPM2 transactions James Bottomley
2023-01-24 17:55 ` [PATCH v2 01/11] tpm: move buffer handling from static inlines to real functions James Bottomley
2023-01-24 19:57 ` kernel test robot
2023-01-25 14:01 ` James Bottomley
2023-01-24 17:55 ` [PATCH v2 02/11] tpm: add buffer handling for TPM2B types James Bottomley
2023-01-24 17:55 ` [PATCH v2 03/11] tpm: add cursor based buffer functions for response parsing James Bottomley
2023-01-24 17:55 ` [PATCH v2 04/11] tpm: add buffer function to point to returned parameters James Bottomley
2023-01-24 17:55 ` [PATCH v2 05/11] tpm: export the context save and load commands James Bottomley
2023-01-24 17:55 ` [PATCH v2 06/11] tpm: Add full HMAC and encrypt/decrypt session handling code James Bottomley
2023-01-24 20:48 ` kernel test robot
2023-01-24 23:11 ` kernel test robot
2023-01-25 12:59 ` James Bottomley
2023-02-03 6:06 ` Yujie Liu
2023-02-08 2:49 ` Jarkko Sakkinen
2023-02-10 14:48 ` James Bottomley
2023-02-13 7:45 ` Jarkko Sakkinen
2023-02-13 9:31 ` Yujie Liu
2023-02-14 13:54 ` Ard Biesheuvel
2023-02-14 14:28 ` James Bottomley
2023-02-14 14:36 ` Ard Biesheuvel
2023-02-16 14:52 ` James Bottomley
2023-02-17 8:49 ` Ard Biesheuvel
2023-02-14 14:34 ` James Bottomley
2023-02-17 21:51 ` Jarkko Sakkinen
2023-02-08 4:35 ` James Bottomley
2023-01-25 6:03 ` kernel test robot
2023-01-24 17:55 ` [PATCH v2 07/11] tpm: add hmac checks to tpm2_pcr_extend() James Bottomley
2023-01-24 17:55 ` [PATCH v2 08/11] tpm: add session encryption protection to tpm2_get_random() James Bottomley
2023-01-24 17:55 ` [PATCH v2 09/11] KEYS: trusted: Add session encryption protection to the seal/unseal path James Bottomley
2023-01-29 13:06 ` Ben Boeckel [this message]
2023-01-24 17:55 ` [PATCH v2 10/11] tpm: add the null key name as a sysfs export James Bottomley
2023-01-24 17:55 ` [PATCH v2 11/11] Documentation: add tpm-security.rst James Bottomley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y9ZvS9PozyX5AxpZ@farprobe \
--to=me@benboeckel.net \
--cc=James.Bottomley@hansenpartnership.com \
--cc=ardb@kernel.org \
--cc=jarkko@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).