Linux-Security-Module Archive on lore.kernel.org
 help / color / Atom feed
From: James Bottomley <James.Bottomley@HansenPartnership.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: linux-integrity@vger.kernel.org, linux-crypto@vger.kernel.org,
	linux-security-module@vger.kernel.org
Subject: Re: [PATCH v6 00/12] add integrity and security to TPM2 transactions
Date: Tue, 10 Sep 2019 17:29:38 +0100
Message-ID: <1568132978.22959.6.camel@HansenPartnership.com> (raw)
In-Reply-To: <20190910162132.GA11338@linux.intel.com>

On Tue, 2019-09-10 at 17:21 +0100, Jarkko Sakkinen wrote:
> On Mon, Sep 09, 2019 at 01:16:48PM +0100, James Bottomley wrote:
> > Link to previous cover letter:
> > 
> > https://lore.kernel.org/linux-integrity/1540193596.3202.7.camel@Han
> > senPartnership.com/
> > 
> > This is marked v6 instead of v5 because I did a v5 after feedback
> > on v4
> > but didn't get around to posting it and then had to rework the
> > whole of
> > the kernel space handling while I was on holiday.  I also added the
> > documentation of how the whole thing works and the rationale for
> > doing
> > it in tpm-security.rst (patch 11).  The main reason for doing this
> > now
> > is so we have something to discuss at Plumbers.
> > 
> > The new patch set implements the various splits requested, but the
> > main
> > changes are that the kernel space is gone and is replaced by a
> > context
> > save and restore of the generated null seed.  This is easier to
> > handle
> > than a full kernel space given the new threading for TPM spaces,
> > but
> > conceptually it is still very like a space.  I've also made whether
> > integrity and encryption is turned on a Kconfig option.
> > 
> > James
> 
> So... is there a changelog for the revisions?

Well, yes, standard way: they're in the individual patches under the '-
--' prefixed with v6:

James


  reply index

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-09 12:16 James Bottomley
2019-09-09 12:17 ` [PATCH v6 01/12] tpm-buf: move from static inlines to real functions James Bottomley
2019-09-09 12:18 ` [PATCH v6 02/12] tpm-buf: add handling for TPM2B types James Bottomley
2019-09-09 12:19 ` [PATCH v6 03/12] tpm-buf: add cursor based functions for response parsing James Bottomley
2019-09-09 12:19 ` [PATCH v6 04/12] tpm2-space: export the context save and load commands James Bottomley
2019-09-09 12:20 ` [PATCH v6 05/12] tpm2-sessions: Add full HMAC and encrypt/decrypt session handling James Bottomley
2019-09-09 12:21 ` [PATCH v6 06/12] tpm-buf: add tpm_buf_parameters() James Bottomley
2019-09-09 12:22 ` [PATCH v6 07/12] tpm2: add hmac checks to tpm2_pcr_extend() James Bottomley
2019-09-09 12:22 ` [PATCH v6 08/12] tpm2: add session encryption protection to tpm2_get_random() James Bottomley
2019-09-09 12:23 ` [PATCH v6 09/12] trusted keys: Add session encryption protection to the seal/unseal path James Bottomley
2019-09-09 12:24 ` [PATCH v6 10/12] tpm: add the null key name as a tpm2 sysfs variable James Bottomley
2019-09-09 12:25 ` [PATCH v6 11/12] Documentation: add tpm-security.rst James Bottomley
2019-09-09 12:26 ` [PATCH v6 12/12] tpm2-sessions: NOT FOR COMMITTING add sessions testing James Bottomley
2019-09-10 16:21 ` [PATCH v6 00/12] add integrity and security to TPM2 transactions Jarkko Sakkinen
2019-09-10 16:29   ` James Bottomley [this message]
2019-09-11  8:42   ` Jarkko Sakkinen
2019-09-11  9:40     ` Jarkko Sakkinen

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1568132978.22959.6.camel@HansenPartnership.com \
    --to=james.bottomley@hansenpartnership.com \
    --cc=jarkko.sakkinen@linux.intel.com \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Security-Module Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-security-module/0 linux-security-module/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-security-module linux-security-module/ https://lore.kernel.org/linux-security-module \
		linux-security-module@vger.kernel.org linux-security-module@archiver.kernel.org
	public-inbox-index linux-security-module


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-security-module


AGPL code for this site: git clone https://public-inbox.org/ public-inbox