On Fri, Aug 15, 2025 at 10:45 AM Jarkko Sakkinen <jar...@kernel.org> wrote:
> Primary key persistent handle. I see, thanks. I think this might make it easier to ensure the driver fails-open in the "relaxed" case, but I don't think it would resolve much of the performance drawbacks (really we'd just cut out the ContextLoads, which in my testing constitute around 30ms of the total 135ms of overhead). I still don't think it really solves the threat model since the adversary can just make sure to interpose all the requests instead of just some of them. That said, it really seems prudent to disable the (seems to be? broken) feature by default for now, then re-enable it once this is confirmed working. On Fri, Aug 15, 2025 at 10:52 AM Jarkko Sakkinen <jar...@kernel.org> wrote: > This is not to admit that right now the feature is no good to anyone > but in a selected set of use cases with this modification it would > make e.g., IMA's security *worse* than it would be with the feature > enabled. Under what specific threat model would IMA's security be worse in this case? Either there is an interposer, or there isn't, right? If there is an interposer, then they can interpose all the commands including the CreatePrimary and session establishment(s) and defeat the current and proposed version of TCG_TPM2_HMAC. If there is not an interposer, then this is moot (I think). Philosophically, I think there is no such thing as "more secure"; there is only "solves a stronger threat model." For example, you could construct something called "AES-129" that you could argue is "more secure" than AES-128, but since nobody's threat model has attackers that can break 128-bit keys but not 129-bit keys, we don't use it. I try to apply this reasoning to everything I build: all security features trade-off against performance, usability, and compatibility, and I strive to justify these trade-offs with whatever specific threats that they resolve. On Fri, Aug 15, 2025 at 11:04 AM Jarkko Sakkinen <jarkko.sakki...@iki.fi> wrote: > I'm happy to make patch next week for this change too. So probably this > where I align myself to. It's just the best average IMHO. Everyone gets > exactly what they want, right? To be clear: I already have what I want (the ability to disable this feature because it seems broken to me), I'm just making recommendations as a TPM abyssal domain expert. I hope my feedback is of some use on this -- the work of dealing with interposer attackers is quite important and I appreciate the effort already put in by the team. Thanks Chris
