From: Kees Cook <keescook@chromium.org>
To: Evan Green <evgreen@chromium.org>
Cc: LKML <linux-kernel@vger.kernel.org>,
Gwendal Grignou <gwendal@chromium.org>,
Eric Biggers <ebiggers@kernel.org>,
Matthew Garrett <mgarrett@aurora.tech>,
Jarkko Sakkinen <jarkko@kernel.org>,
Mimi Zohar <zohar@linux.ibm.com>,
linux-integrity@vger.kernel.org, Pavel Machek <pavel@ucw.cz>,
apronin@chromium.org, Daniil Lunev <dlunev@google.com>,
"Rafael J. Wysocki" <rjw@rjwysocki.net>,
Linux PM <linux-pm@vger.kernel.org>,
Jonathan Corbet <corbet@lwn.net>,
"James E.J. Bottomley" <jejb@linux.ibm.com>,
Len Brown <len.brown@intel.com>,
"Rafael J. Wysocki" <rafael@kernel.org>
Subject: Re: [PATCH v2 07/10] PM: hibernate: Use TPM-backed keys to encrypt image
Date: Fri, 23 Sep 2022 21:31:56 -0700 [thread overview]
Message-ID: <202209232130.ED110D8F7D@keescook> (raw)
In-Reply-To: <CAE=gft4twDMw8zpp1o0hv+SFFQtGNxkAivBg0VC2Pax1ez7qzg@mail.gmail.com>
On Fri, Sep 23, 2022 at 03:23:43PM -0700, Evan Green wrote:
> On Tue, Sep 20, 2022 at 4:16 PM Kees Cook <keescook@chromium.org> wrote:
> > On Tue, Aug 23, 2022 at 03:25:23PM -0700, Evan Green wrote:
> > > [...]
> > > + ret = key_instantiate_and_link(key, keyinfo, strlen(keyinfo) + 1, NULL,
> > > + NULL);
> >
> > You want to keep the trailing NUL byte here so it's easier to read back
> > later? Reading it back will need to verify the trailing NUL regardless.
> > (Does this get read back?)
>
> Are you referring to the trailing nul on keyinfo? The keyinfo string
> is only used within this function, as key_instantiate_and_link()
> receives it as a parameter string. I can see that
> trusted_instantiate() also null-terminates the buffer defensively for
> itself, but it still seemed prudent to hand in a terminated string. I
> can remove the + 1 if you think it's better.
No, I like having the trailing NUL byte -- it seems more robust that
way. I just wanted to understand who the consumer was going to be. I'm
clear now; thank you! :)
--
Kees Cook
next prev parent reply other threads:[~2022-09-24 4:32 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-08-23 22:25 [PATCH v2 00/10] Encrypted Hibernation Evan Green
2022-08-23 22:25 ` [PATCH v2 01/10] tpm: Add support for in-kernel resetting of PCRs Evan Green
2022-08-26 2:59 ` Jarkko Sakkinen
2022-09-07 17:02 ` Evan Green
2022-09-08 5:22 ` Jarkko Sakkinen
2022-08-23 22:25 ` [PATCH v2 02/10] tpm: Allow PCR 23 to be restricted to kernel-only use Evan Green
2022-08-26 3:02 ` Jarkko Sakkinen
2022-09-07 17:03 ` Evan Green
2022-09-13 12:26 ` Stefan Berger
2022-09-20 4:50 ` Jarkko Sakkinen
2022-09-21 15:35 ` Evan Green
2022-09-21 18:02 ` Jarkko Sakkinen
2022-09-21 18:05 ` Jarkko Sakkinen
2022-09-21 19:02 ` Evan Green
2022-08-23 22:25 ` [PATCH v2 03/10] security: keys: trusted: Include TPM2 creation data Evan Green
2022-09-20 23:04 ` Kees Cook
2022-09-23 22:22 ` Evan Green
2022-08-23 22:25 ` [PATCH v2 04/10] security: keys: trusted: Allow storage of PCR values in " Evan Green
2022-08-24 11:56 ` Ben Boeckel
2022-08-24 17:34 ` Evan Green
2022-08-23 22:25 ` [PATCH v2 05/10] security: keys: trusted: Verify " Evan Green
2022-09-20 23:06 ` Kees Cook
2022-09-23 22:23 ` Evan Green
2022-08-23 22:25 ` [PATCH v2 06/10] PM: hibernate: Add kernel-based encryption Evan Green
2022-09-20 23:09 ` Kees Cook
2022-08-23 22:25 ` [PATCH v2 07/10] PM: hibernate: Use TPM-backed keys to encrypt image Evan Green
2022-09-20 23:16 ` Kees Cook
2022-09-23 22:23 ` Evan Green
2022-09-24 4:31 ` Kees Cook [this message]
2022-08-23 22:25 ` [PATCH v2 08/10] PM: hibernate: Mix user key in encrypted hibernate Evan Green
2022-08-23 22:25 ` [PATCH v2 09/10] PM: hibernate: Verify the digest encryption key Evan Green
2022-08-23 22:25 ` [PATCH v2 10/10] PM: hibernate: seal the encryption key with a PCR policy Evan Green
2022-09-20 23:24 ` Kees Cook
2022-08-31 18:34 ` [PATCH v2 00/10] Encrypted Hibernation Limonciello, Mario
2022-09-07 17:03 ` Evan Green
2022-09-20 8:46 ` Pavel Machek
2022-09-20 16:39 ` Evan Green
2022-09-21 18:09 ` Jason Gunthorpe
2022-09-20 22:52 ` Kees Cook
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202209232130.ED110D8F7D@keescook \
--to=keescook@chromium.org \
--cc=apronin@chromium.org \
--cc=corbet@lwn.net \
--cc=dlunev@google.com \
--cc=ebiggers@kernel.org \
--cc=evgreen@chromium.org \
--cc=gwendal@chromium.org \
--cc=jarkko@kernel.org \
--cc=jejb@linux.ibm.com \
--cc=len.brown@intel.com \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pm@vger.kernel.org \
--cc=mgarrett@aurora.tech \
--cc=pavel@ucw.cz \
--cc=rafael@kernel.org \
--cc=rjw@rjwysocki.net \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).