RE: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips

From: Fuchs, Andreas
Date: Mon Oct 05 2015 - 09:37:54 EST

Next message: Vinod Koul: "Re: [PATCH v6 2/2] dmaengine: Add Xilinx AXI Central Direct Memory Access Engine driver support"
Previous message: Bartlomiej Zolnierkiewicz: "Re: [PATCH 3/3] mfd: sec-core: Disable buck voltage reset on watchdog falling edge"
In reply to: Jarkko Sakkinen: "Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips"
Next in thread: Jarkko Sakkinen: "Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> > Regarding the in-kernel "minimal resource manager": AFAIK there is
> > already a tpm-mutex inside the kernel. We could use that mutex and
> > then have the algorithm:
> >
> > [SNIP]
>
> I don't care about one purpose hacks. Second, I don't care about pseudo
> code (at least not for "too big things"). It has tendency to mask
> unexpected details. If you want to propose something, please go through
> the patch process.
>
> > We don't need anything more fancy than this. And it should even
> > guarantee that the old values are still present after mutex_release,
> > so (opposed to a full-blown resource-manager) we do not need to keep
> > track and rewrite virtual handles inside the user-space commands.
> >
> > IMHO, this should be lightweight enough even for the most embedded of
> > applications, since the 2*2k blobs are only allocated on demand...
>
> It's still unnecessary functionality and increases the kernel image size
> and every hack requires maintenance. It would probably end up needing
> compilation flag as there exists efforts like:
>
> https://tiny.wiki.kernel.org/
>
> My simple and stupid solution does not *prevent* adding better
> synchronization. I would go with that and implement access broker
> properly and not for just one use case later on.

Unfortunately, I'm not able to write up some code for this myself atm.
Other priorities unfortunately.

I was just pointing out, that the proposed patch will not fit in with
the current approach in TSS2.0, before this user-facing kernel API is
set in stone and _corrected_ new syscalls need to be added later.

Also, the pseudo-code proposal should be a proper minimal access broker
that should solve most accesses to TPM transient objects down the road.
Session-brokering is a different beast of course.

Cheers,
Andreas--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Vinod Koul: "Re: [PATCH v6 2/2] dmaengine: Add Xilinx AXI Central Direct Memory Access Engine driver support"
Previous message: Bartlomiej Zolnierkiewicz: "Re: [PATCH 3/3] mfd: sec-core: Disable buck voltage reset on watchdog falling edge"
In reply to: Jarkko Sakkinen: "Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips"
Next in thread: Jarkko Sakkinen: "Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]