From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: "Fuchs, Andreas" <andreas.fuchs@sit.fraunhofer.de>
Cc: "tpmdd-devel@lists.sourceforge.net"
<tpmdd-devel@lists.sourceforge.net>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
David Howells <dhowells@redhat.com>,
"gregkh@linuxfoundation.org" <gregkh@linuxfoundation.org>,
"open list:KEYS-TRUSTED" <linux-security-module@vger.kernel.org>,
"open list:KEYS-TRUSTED" <keyrings@vger.kernel.org>,
James Morris <james.l.morris@oracle.com>,
David Safford <safford@us.ibm.com>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"Serge E. Hallyn" <serge@hallyn.com>,
"josh@joshtripplet.org" <josh@joshtripplet.org>,
"richard.l.maliszewski@intel.com"
<richard.l.maliszewski@intel.com>,
"monty.wiseman@intel.com" <monty.wiseman@intel.com>,
will.c.arthur@intel.com
Subject: Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips
Date: Mon, 5 Oct 2015 16:57:03 +0300 [thread overview]
Message-ID: <20151005135703.GA6196@intel.com> (raw)
In-Reply-To: <9F48E1A823B03B4790B7E6E69430724D9D7AEBD5@EXCH2010A.sit.fraunhofer.de>
On Mon, Oct 05, 2015 at 01:36:18PM +0000, Fuchs, Andreas wrote:
> > It's still unnecessary functionality and increases the kernel image size
> > and every hack requires maintenance. It would probably end up needing
> > compilation flag as there exists efforts like:
> >
> > https://tiny.wiki.kernel.org/
> >
> > My simple and stupid solution does not *prevent* adding better
> > synchronization. I would go with that and implement access broker
> > properly and not for just one use case later on.
>
> Unfortunately, I'm not able to write up some code for this myself atm.
> Other priorities unfortunately.
>
> I was just pointing out, that the proposed patch will not fit in with
> the current approach in TSS2.0, before this user-facing kernel API is
> set in stone and _corrected_ new syscalls need to be added later.
Why you would want new system calls? Do you know how hard it is to get
new system calls accepted? It's usually nearly impossible to get new
system calls in. You are going wrong direction there.
I do not see why couldn't survive in TSS 2.0 implementation for a while
without in-kernel access broker even if the world isn't perfect and
improve from that when the support becomes available. I'm not frankly
following your rationale here.
On the other hand I see use for the kernel images without access broker
in small embdedded devices.
I CC'd to Will Arthur as he has been working with TSS 2.0 for along
time just in case.
> Also, the pseudo-code proposal should be a proper minimal access broker
> that should solve most accesses to TPM transient objects down the road.
> Session-brokering is a different beast of course.
I don't mean to be rude but pseudo code doesn't matter much. We know
what is required from an access broker in terms of TPM 2.0 commands and
locking. Only working code matters at this point.
I still don't see why you couldn't add access broker later on. The patch
set does not make the API worse than it is right now.
> Cheers,
> Andreas
/Jarkko
next prev parent reply other threads:[~2015-10-05 13:57 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-02 8:38 [PATCH 0/4] Basic trusted keys support for TPM 2.0 Jarkko Sakkinen
2015-10-02 8:38 ` [PATCH 1/4] tpm: introduce struct tpm_buf Jarkko Sakkinen
2015-10-02 8:38 ` [PATCH 2/4] trusted: move struct trusted_key_options to trusted-type.h Jarkko Sakkinen
2015-10-02 8:38 ` [PATCH 3/4] tpm: seal/unseal for TPM 2.0 Jarkko Sakkinen
2015-10-13 17:34 ` Jason Gunthorpe
2015-10-13 19:49 ` Jarkko Sakkinen
2015-10-02 8:38 ` [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips Jarkko Sakkinen
2015-10-03 10:00 ` [tpmdd-devel] " Fuchs, Andreas
2015-10-03 10:26 ` Jarkko Sakkinen
2015-10-03 10:35 ` Jarkko Sakkinen
2015-10-04 18:57 ` Fuchs, Andreas
2015-10-05 8:37 ` Jarkko Sakkinen
2015-10-05 9:00 ` Fuchs, Andreas
2015-10-05 11:56 ` Jarkko Sakkinen
2015-10-05 12:20 ` Fuchs, Andreas
2015-10-05 13:17 ` Jarkko Sakkinen
2015-10-05 13:36 ` Fuchs, Andreas
2015-10-05 13:57 ` Jarkko Sakkinen [this message]
2015-10-05 14:13 ` Fuchs, Andreas
2015-10-05 14:28 ` Jarkko Sakkinen
2015-10-05 15:20 ` Arthur, Will C
2015-10-06 6:22 ` Fuchs, Andreas
2015-10-06 12:26 ` Jarkko Sakkinen
2015-10-06 13:16 ` Fuchs, Andreas
2015-10-06 15:05 ` Jarkko Sakkinen
2015-10-07 10:04 ` Fuchs, Andreas
2015-10-07 10:25 ` Jarkko Sakkinen
2015-10-07 10:32 ` Fuchs, Andreas
2015-10-07 11:15 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20151005135703.GA6196@intel.com \
--to=jarkko.sakkinen@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=andreas.fuchs@sit.fraunhofer.de \
--cc=dhowells@redhat.com \
--cc=gregkh@linuxfoundation.org \
--cc=james.l.morris@oracle.com \
--cc=josh@joshtripplet.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=monty.wiseman@intel.com \
--cc=richard.l.maliszewski@intel.com \
--cc=safford@us.ibm.com \
--cc=serge@hallyn.com \
--cc=tpmdd-devel@lists.sourceforge.net \
--cc=will.c.arthur@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).