From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757002AbdACEGv (ORCPT ); Mon, 2 Jan 2017 23:06:51 -0500 Received: from mga06.intel.com ([134.134.136.31]:3615 "EHLO mga06.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756363AbdACEGs (ORCPT ); Mon, 2 Jan 2017 23:06:48 -0500 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,450,1477983600"; d="scan'208";a="1078462056" Date: Mon, 2 Jan 2017 21:33:20 +0200 From: Jarkko Sakkinen To: James Bottomley Cc: tpmdd-devel@lists.sourceforge.net, linux-security-module@vger.kernel.org, open list Subject: Re: [tpmdd-devel] [PATCH RFC 0/4] RFC: in-kernel resource manager Message-ID: <20170102193320.trawto65nkjccbao@intel.com> References: <20170102132213.22880-1-jarkko.sakkinen@linux.intel.com> <1483374980.2458.13.camel@HansenPartnership.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1483374980.2458.13.camel@HansenPartnership.com> Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo User-Agent: Mutt/1.6.2-neo (2016-08-21) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jan 02, 2017 at 08:36:20AM -0800, James Bottomley wrote: > On Mon, 2017-01-02 at 15:22 +0200, Jarkko Sakkinen wrote: > > This patch set adds support for TPM spaces that provide a context > > for isolating and swapping transient objects. This patch set does > > not yet include support for isolating policy and HMAC sessions but > > it is trivial to add once the basic approach is settled (and that's > > why I created an RFC patch set). > > The approach looks fine to me. The only basic query I have is about > the default: shouldn't it be with resource manager on rather than off? > I can't really think of a use case that wants the RM off (even if > you're running your own, having another doesn't hurt anything, and it's > still required to share with in-kernel uses). This is a valid question and here's a longish explanation. In TPM2_GetCapability and maybe couple of other commands you can get handles in the response body. I do not want to have special cases in the kernel for response bodies because there is no a generic way to do the substitution. What's worse, new commands in the standard future revisions could have such commands requiring special cases. In addition, vendor specific commans could have handles in the response bodies. It's better to leverage that to the user space. I would do only simple and fail-safe stuff in the kernel. Turning RM on by default would raise a backwards compatibility issue. > > > There's a test script for trying out TPM spaces in > > > > git://git.infradead.org/users/jjs/tpm2-scripts.git > > > > A simple smoke test can be run by > > > > sudo python -m unittest -v tpm2_smoke.SpaceTest > > I've also added an enabling patch to the tss > > https://build.opensuse.org/package/view_file/home:jejb1:Tumbleweed/tss2/0002-tssProperties-add-TPM_USE_RESOURCE_MANAGER.patch?expand=1 > > And with that, I've TPM 2 enabled both gnome-keyring and openssl: > > https://build.opensuse.org/package/show/home:jejb1:Tumbleweed/gnome-keyring > https://build.opensuse.org/package/show/home:jejb1:Tumbleweed/openssl_tpm_engine > > I'm running them in production on my day to day laptop and so far > everything's working nicely (better than 1.2, in fact, since tcsd > periodically crashes necessitating a restart of everything). Great, thanks for doing this! > So you can definitely add my Tested-By. Thank you. > James /Jarkko