Jarkko Sakkinen (4):
crypto: add entry for sm3-256
tpm: choose hash algorithm for sealing when using TPM 2.0
keys, trusted: select the hash algorithm
keys, trusted: update documentation for 'hash=' option
Documentation/security/keys-trusted-encrypted.txt | 3 ++
crypto/hash_info.c
Added entry for sm3-256 to the following tables:
* hash_algo_name
* hash_digest_size
Needed for TPM 2.0 trusted key sealing.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
crypto/hash_info.c | 2 ++
include/crypto/hash_info.h | 3 +++
include/uapi
.
Jarkko Sakkinen (2):
keys, trusted: select hash algorithm for TPM2 chips
keys, trusted: seal with a policy
Documentation/security/keys-trusted-encrypted.txt | 31 ++
crypto/hash_info.c| 2 +
drivers/char/tpm/tpm.h| 10
.
* Got rid of TPM2_HASH_COUNT and moved into ARRAY_SIZE(tpm2_hash_map).
v4:
* Added missing select CRYPTO_HASH_INFO to drivers/char/tpm/Kconfig
v5:
* Minor clean ups.
* Removed dev_dbg() from tpm2-cmd.c in order to get rid of
CRYPTO_HASH_INFO dep.
Signed-off-by: Jarkko Sakkinen <jarkko.sa
Added entry for sm3-256 to the following tables:
* hash_algo_name
* hash_digest_size
Needed for TPM 2.0 trusted key sealing.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
crypto/hash_info.c | 2 ++
include/crypto/hash_info.h | 3 +++
include/uapi
of TPM2_HASH_COUNT and moved into ARRAY_SIZE(tpm2_hash_map).
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
Documentation/security/keys-trusted-encrypted.txt | 3 ++
crypto/hash_info.c| 2 ++
drivers/char/tpm/tpm.h
.
* Got rid of TPM2_HASH_COUNT and moved into ARRAY_SIZE(tpm2_hash_map).
v4:
* Added missing select CRYPTO_HASH_INFO in drivers/char/tpm/Kconfig
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
Documentation/security/keys-trusted-encrypted.txt | 3 ++
crypto/hash_
* sha384
* sha512
* sm3-256
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
Tested-by: Colin Ian King <colin.k...@canonical.com>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
---
Documentation/security/keys-trusted-encrypted.txt | 3 ++
.
Jarkko Sakkinen (3):
keys, trusted: fix: *do not* allow duplicate key options
keys, trusted: select hash algorithm for TPM2 chips
keys, trusted: seal with a TPM2 authorization policy
Documentation/security/keys-trusted-encrypted.txt | 31 +++-
crypto/hash_info.c
The reasoning is simple and obvious. Since every call site passes the
value TPM_ANY_NUM (0x) the parameter does not have right to exist.
Refined the documentation of the corresponding functions.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
drivers/char/hw_rand
On Tue, Nov 14, 2017 at 04:34:21PM +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 07, 2017 at 09:04:04AM -0700, Jason Gunthorpe wrote:
> > On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralidharan wrote:
> >
> > > I am assuming you are talking about the f
On Fri, Nov 17, 2017 at 03:28:53PM +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 14, 2017 at 04:34:21PM +0200, Jarkko Sakkinen wrote:
> > On Tue, Nov 07, 2017 at 09:04:04AM -0700, Jason Gunthorpe wrote:
> > > On Tue, Nov 07, 2017 at 08:50:44AM +0530, PrasannaKumar Muralid
houghts on this.
>
> That is certainly better than no testing.
>
> Jason
WFM too.
Tested-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
/Jarkko
On Sun, Nov 12, 2017 at 10:53:35AM +0530, PrasannaKumar Muralidharan wrote:
> Did basic check on tpm rng patch, it works fine. As it depends on this
> patch this should be working fine too.
>
> Tested-by: PrasannaKumar Muralidharan
>
> Regards,
> PrasannaKumar
Thank
On Tue, Oct 31, 2017 at 02:05:03PM -0600, Jason Gunthorpe wrote:
> The tpm-rng.c approach is completely inconsistent with how the kernel
> handles hotplug. Instead manage a hwrng device for each TPM. This will
> cause the kernel to read entropy from the TPM when it is plugged in,
> and allow
On Sun, Nov 05, 2017 at 07:27:04PM -0700, Jason Gunthorpe wrote:
> On Sun, Nov 05, 2017 at 01:05:06PM +0200, Jarkko Sakkinen wrote:
>
> > I asked to create a series for a reason. Now this doesn't apply because I
> > don't have an ancestor in my git history.
>
> It would
. In addition, this
commit refines the documentation to be up to date with the
implementation.
Suggested-by: Jason Gunthorpe <jguntho...@obsidianresearch.com> (@chip_num ->
@chip)
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
v2:
* Further defined function documenta
On Wed, Oct 25, 2017 at 08:21:16PM +0530, PrasannaKumar Muralidharan wrote:
> >> > 2. Moving struct tpm_rng to the TPM client is architecturally
> >> >uacceptable.
> >>
> >> As there was no response to the patch there is no way to know whether
> >> it is acceptable or not.
> >
> > I like the
On Wed, Oct 25, 2017 at 08:40:26PM +0530, PrasannaKumar Muralidharan wrote:
> > -struct tpm_chip *tpm_chip_find_get(int chip_num)
> > +struct tpm_chip *tpm_chip_find_get(struct tpm_chip *chip)
> > {
> > - struct tpm_chip *chip, *res = NULL;
> > + struct tpm_chip *res = NULL;
> > +
On Wed, Oct 25, 2017 at 08:15:09PM +0530, PrasannaKumar Muralidharan wrote:
> > + if (!IS_ENABLED(CONFIG_HW_RANDOM_TPM))
> > + return 0;
>
> Can #ifndef CONFIG_HW_RANDOM_TPM be used instead? That way an if
> condition can be avoided.
Nope. There is no reason to avoid the
On Wed, Oct 25, 2017 at 01:37:07PM -0600, Jason Gunthorpe wrote:
> On Wed, Oct 25, 2017 at 08:58:17PM +0200, Jarkko Sakkinen wrote:
> > On Wed, Oct 25, 2017 at 08:15:09PM +0530, PrasannaKumar Muralidharan wrote:
> > > > + if (!IS_ENABLED(CONFIG_HW_RANDOM_TPM))
> >
On Wed, Oct 25, 2017 at 01:46:33PM -0600, Jason Gunthorpe wrote:
> > struct tpm_chip *tpm_chip_find_get(u64 id)
> > {
> > struct tpm_chup *chip;
> > struct tpm_chip *res = NULL;
> > int chip_num = 0;
> > int chip_prev;
> >
> > mutex_lock(_lock);
> >
> > do {
> >
On Mon, Oct 23, 2017 at 10:31:39AM -0600, Jason Gunthorpe wrote:
> On Mon, Oct 23, 2017 at 10:07:31AM -0400, Stefan Berger wrote:
>
> > >-int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
> > >+int tpm_pcr_extend(int pcr_idx, const u8 *hash)
> > > {
> >
> >
> > I think every kernel
On Mon, Oct 23, 2017 at 10:07:31AM -0400, Stefan Berger wrote:
> I think every kernel internal TPM driver API should be called with the
> tpm_chip as a parameter. This is in foresight of namespacing of IMA where we
> want to provide the flexibility of passing a dedicated vTPM to each
> namespace
On Tue, Oct 24, 2017 at 10:05:20PM +0530, PrasannaKumar Muralidharan wrote:
> > 1. Every user in the kernel is using TPM_ANY_NUM, which means there are
> >no other users.
>
> Completely agree that there is no in kernel users yet.
And should never be. It's a bogus parameter that makes no
On Tue, Oct 24, 2017 at 10:02:00AM -0700, Dmitry Torokhov wrote:
> On Tue, Oct 24, 2017 at 9:11 AM, Jason Gunthorpe
> wrote:
> > On Tue, Oct 24, 2017 at 09:37:33PM +0530, PrasannaKumar Muralidharan wrote:
> >> Hi Jason,
> >>
> >> On 24 October 2017 at 21:25, Jason
On Tue, Oct 24, 2017 at 09:21:15PM +0530, PrasannaKumar Muralidharan wrote:
> On 24 October 2017 at 21:14, Jarkko Sakkinen
> <jarkko.sakki...@linux.intel.com> wrote:
> > On Mon, Oct 23, 2017 at 10:31:39AM -0600, Jason Gunthorpe wrote:
> >> On Mon, Oct 23, 2017 at 10:0
On Tue, Oct 24, 2017 at 03:34:49PM -0600, Jason Gunthorpe wrote:
> On Tue, Oct 24, 2017 at 12:42:35PM -0600, Jason Gunthorpe wrote:
>
> > This is compile tested only.
>
> 0day says the kconfig has a problem when randomized, here is the fix I
> will roll into a v2 in a few days:
I will probably
On Tue, Oct 24, 2017 at 12:52:08PM -0600, Jason Gunthorpe wrote:
> On Mon, Oct 23, 2017 at 02:38:14PM +0200, Jarkko Sakkinen wrote:
> > The reasoning is simple and obvious. Since every call site passes the
> > value TPM_ANY_NUM (0x) the parameter does not have right to exi
On Thu, Oct 26, 2017 at 07:40:49PM +0530, PrasannaKumar Muralidharan wrote:
> Hi Jarkko,
>
> On 26 October 2017 at 19:24, Jarkko Sakkinen
> <jarkko.sakki...@linux.intel.com> wrote:
> > Device number (the character device index) is not a stable identifier
> > for a TP
On Thu, Oct 26, 2017 at 03:54:50PM +0200, Jarkko Sakkinen wrote:
> Device number (the character device index) is not a stable identifier
> for a TPM chip. That is the reason why every call site passes
> TPM_ANY_NUM to tpm_chip_find_get().
>
> This commit changes the API in a w
. In addition, this
commit refines the documentation to be up to date with the
implementation.
Suggested-by: Jason Gunthorpe <jguntho...@obsidianresearch.com> (@chip_num ->
@chip)
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
v3:
* If chip != NULL was given to tp
On Wed, Oct 25, 2017 at 02:17:44PM -0600, Jason Gunthorpe wrote:
> On Wed, Oct 25, 2017 at 10:07:46PM +0200, Jarkko Sakkinen wrote:
>
> > The id has a nice feature that it is unique for one boot cycle you can
> > even try to get a chip that has been deleted. It has the most sta
On Wed, Jan 17, 2018 at 07:43:51PM +0530, PrasannaKumar Muralidharan wrote:
> Hi Jarkko,
>
> On 14 November 2017 at 20:02, Jarkko Sakkinen
> <jarkko.sakki...@linux.intel.com> wrote:
> > On Sun, Nov 12, 2017 at 10:53:35AM +0530, PrasannaKumar Muralidharan wrote:
> &g
On Tue, Jan 30, 2018 at 10:52:13PM +1100, James Morris wrote:
> On Tue, 30 Jan 2018, Jarkko Sakkinen wrote:
>
> > On Sat, Jan 27, 2018 at 12:20:18PM +0530, PrasannaKumar Muralidharan wrote:
> > > Hi Jarkko,
> > >
> > > On 17 November 2017 at 19:
On Sat, Jan 27, 2018 at 12:20:18PM +0530, PrasannaKumar Muralidharan wrote:
> Hi Jarkko,
>
> On 17 November 2017 at 19:27, Jarkko Sakkinen
> <jarkko.sakki...@linux.intel.com> wrote:
> > On Fri, Nov 17, 2017 at 03:28:53PM +0200, Jarkko Sakkinen wrote:
> >
&
On Sat, 2018-03-10 at 10:29 -0800, James Bottomley wrote:
> OK, you might want to wait for v3 then. I've got it working with
> sealed (trusted) keys, well except for a problem with the trusted keys
> API that means we can't protect the password for policy based keys. I
> think the API is finally
On Sat, 2018-03-10 at 14:13 -0800, James Bottomley wrote:
> By now, everybody knows we have a problem with the TPM2_RS_PW easy
> button on TPM2 in that transactions on the TPM bus can be intercepted
> and altered. The way to fix this is to use real sessions for HMAC
> capabilities to ensure
On Wed, 2018-03-07 at 15:29 -0800, James Bottomley wrote:
> By now, everybody knows we have a problem with the TPM2_RS_PW easy
> button on TPM2 in that transactions on the TPM bus can be intercepted
> and altered. The way to fix this is to use real sessions for HMAC
> capabilities to ensure
On Mon, Mar 12, 2018 at 08:57:13AM -0700, James Bottomley wrote:
> I think the way I'm going to fix the trusted key policy problem is to
> move it back into the kernel for the simple PCR lock policy (which will
> make changing from 1.2 to 2.0 seamless because the external Key API
> will then
On Sat, 2018-03-10 at 14:14 -0800, James Bottomley wrote:
> TPM_BUF_OVERFLOW= BIT(0),
> + TPM_BUF_2B = BIT(1),
Instead of re-using this I would prefer to have another enum for
buffer type. tpm_buf_init() could have the signature:
int tpm_buf_init(unsigned int
On Fri, 2018-03-16 at 13:58 +0200, Jarkko Sakkinen wrote:
> On Sat, 2018-03-10 at 14:14 -0800, James Bottomley wrote:
> > TPM_BUF_OVERFLOW= BIT(0),
> > + TPM_BUF_2B = BIT(1),
>
> Instead of re-using this I would prefer to have another e
On Fri, Mar 02, 2018 at 10:06:15PM -0800, James Bottomley wrote:
> diff --git a/drivers/char/tpm/tpm2b.h b/drivers/char/tpm/tpm2b.h
> new file mode 100644
> index ..c7726f2895aa
> --- /dev/null
> +++ b/drivers/char/tpm/tpm2b.h
> @@ -0,0 +1,82 @@
> +/* SPDX-License-Identifier: GPL-2.0
On Mon, Mar 05, 2018 at 01:35:33PM +0200, Jarkko Sakkinen wrote:
> On Fri, Mar 02, 2018 at 10:06:15PM -0800, James Bottomley wrote:
> > diff --git a/drivers/char/tpm/tpm2b.h b/drivers/char/tpm/tpm2b.h
> > new file mode 100644
> > index ..c7726f2895aa
> > ---
On Mon, Mar 05, 2018 at 06:58:32AM -0800, James Bottomley wrote:
> On Mon, 2018-03-05 at 13:35 +0200, Jarkko Sakkinen wrote:
> > On Fri, Mar 02, 2018 at 10:06:15PM -0800, James Bottomley wrote:
> > >
> > > diff --git a/drivers/char/tpm/tpm2b.h b/drivers/char/tpm/tpm2b.h
On Mon, 22 Oct 2018, James Bottomley wrote:
This separates out the old tpm_buf_... handling functions from static
inlines into tpm.h and makes them their own tpm-buf.c file. It also
adds handling for tpm2b structures and also incremental pointer
advancing parsers.
Nitpicking: when my SGX
On Mon, 22 Oct 2018, James Bottomley wrote:
This separates out the old tpm_buf_... handling functions from static
inlines into tpm.h and makes them their own tpm-buf.c file. It also
adds handling for tpm2b structures and also incremental pointer
advancing parsers.
Signed-off-by: James
On Wed, 24 Oct 2018, James Bottomley wrote:
+static void KDFa(u8 *key, int keylen, const char *label, u8 *u,
+u8 *v, int bytes, u8 *out)
Should this be in lower case? I would rename it as tpm_kdfa().
This one is defined as KDFa() in the standards and it's not TPM
specific
On Wed, 24 Oct 2018, James Bottomley wrote:
On Wed, 2018-10-24 at 02:51 +0300, Jarkko Sakkinen wrote:
I would consider sending first a patch set that would iterate the
existing session stuff to be ready for this i.e. merge in two
iterations (emphasis on the word "consider"). We ca
I would consider sending first a patch set that would iterate the existing
session stuff to be ready for this i.e. merge in two iterations
(emphasis on the word "consider"). We can probably merge the groundwork
quite fast.
/Jarkko
On Mon, 22 Oct 2018, James Bottomley wrote:
By now, everybody
On Mon, 22 Oct 2018, James Bottomley wrote:
This code adds true session based HMAC authentication plus parameter
decryption and response encryption using AES.
In order to reduce complexity it would make sense to split into two
commits: authentication and parameter encryption.
The basic
The tag in the short description does not look at all. Should be either
"tpm:" or "keys, trusted:".
On Mon, 22 Oct 2018, James Bottomley wrote:
If some entity is snooping the TPM bus, the can see the data going in
to be sealed and the data coming out as it is unsealed. Add parameter
and
On Tue, 23 Oct 2018, Ard Biesheuvel wrote:
On 23 October 2018 at 04:01, James Bottomley
wrote:
On Mon, 2018-10-22 at 19:19 -0300, Ard Biesheuvel wrote:
[...]
+static void hmac_init(struct shash_desc *desc, u8 *key, int
keylen)
+{
+ u8 pad[SHA256_BLOCK_SIZE];
+ int i;
+
+
53 matches
Mail list logo