Re: [tpmdd-devel] [PATCH RFC 0/4] RFC: in-kernel resource manager

On Thu, 2017-01-05 at 16:50 -0700, Jason Gunthorpe wrote: > On Thu, Jan 05, 2017 at 02:58:46PM -0800, James Bottomley wrote: > > On Thu, 2017-01-05 at 15:21 -0700, Jason Gunthorpe wrote: > > > On Thu, Jan 05, 2017 at 11:55:49AM -0800, James Bottomley wrote: > > > > > > > We don't really have that

Re: [tpmdd-devel] [PATCH RFC 0/4] RFC: in-kernel resource manager

On Thu, Jan 05, 2017 at 02:58:46PM -0800, James Bottomley wrote: > On Thu, 2017-01-05 at 15:21 -0700, Jason Gunthorpe wrote: > > On Thu, Jan 05, 2017 at 11:55:49AM -0800, James Bottomley wrote: > > > > > We don't really have that choice: Keys require authorization, so > > > you have to have an

Re: [tpmdd-devel] [PATCH RFC 0/4] RFC: in-kernel resource manager

On Thu, 2017-01-05 at 12:20 -0700, Jason Gunthorpe wrote: > On Thu, Jan 05, 2017 at 10:33:43AM -0800, James Bottomley wrote: > > > > A combo ioctl that could setup the session, issue an operation in > > > it > > > and then delete the session, for instance. > > > > This would work for encryption

Re: [tpmdd-devel] [PATCH RFC 0/4] RFC: in-kernel resource manager

On Thu, 2017-01-05 at 10:27 -0700, Jason Gunthorpe wrote: > On Thu, Jan 05, 2017 at 03:52:02PM +, Fuchs, Andreas wrote: > > Great to see this coming along so well. Thanks a lot to Jarkko ! > > > The TPM allows an application to get the list of currently loaded > > handles

Re: [tpmdd-devel] [PATCH RFC 0/4] RFC: in-kernel resource manager

Great to see this coming along so well. Thanks a lot to Jarkko ! I just wanted to point out a few things I deem important at this point: - Number of virtual handles: >From what I see there are currently 14 slots for virtual objects in the RFC >(if I'm mistaking, please correct me). I'd advice to

[tpmdd-devel] tpm_tis: broken on TPMs with a static burst count

Hi all, Commit 1107d065fdf1 (tpm_tis: Introduce intermediate layer for TPM access) broke TPM support on ThinkPad X61S (and likely also on other machines which use TPMs with a static burst count). It looks like tpm_tis code before this commit had spun on TPM_STS_DATA_AVAIL | TPM_STS_VALID status

Re: [tpmdd-devel] [gnutls-devel] Proposal for the ASN.1 form of TPM1.2 and TPM2 keys

My comment was on the claim of extendability of the format which as I explained it is simply not true. As for example I already gave the key usage extension. I am fine however with a non extendable format as you proposed. On December 26, 2016 7:13:40 PM GMT+01:00, James Bottomley

Re: [tpmdd-devel] [gnutls-devel] Proposal for the ASN.1 form of TPM1.2 and TPM2 keys

I'd like both backwards and forward compatibility actually, exactly like x509. If an informational field is added like the key usage that I mentioned, I doubt you'd like all the previous consumers incompatible. For other extensions which make the structure totally incompatible you can use the

Re: [tpmdd-devel] [gnutls-devel] Proposal for the ASN.1 form of TPM1.2 and TPM2 keys

On Fri, Dec 23, 2016 at 7:06 PM, James Bottomley wrote: > The reason this comes about is because we already have a standard form > for TPM 1.2 keys here: > http://david.woodhou.se/draft-woodhouse-cert-best-practice.html#ident-tpm > However, since I'm working

[tpmdd-devel] [PATCH] tpm/st33zp24: Remove unneeded linux/miscdevice.h include

tpm/st33zp24/st33zp24.c does not use any miscdevice so this patch remove this unnecessary inclusion. Signed-off-by: Corentin Labbe --- drivers/char/tpm/st33zp24/st33zp24.c | 1 - 1 file changed, 1 deletion(-) diff --git a/drivers/char/tpm/st33zp24/st33zp24.c

Re: [tpmdd-devel] [PATCH RFC 0/4] RFC: in-kernel resource manager

On Jan 3, 5:21pm, Ken Goldman wrote: } Subject: Re: [tpmdd-devel] [PATCH RFC 0/4] RFC: in-kernel resource manager Good morning, I hope this note finds the day going well for everyone. > On 1/3/2017 4:47 PM, Jason Gunthorpe wrote: > > > > I think we should also consider TPM 1.2 support in all of

Re: [tpmdd-devel] [gnutls-devel] Proposal for the ASN.1 form of TPM1.2 and TPM2 keys

On Sun, Dec 25, 2016 at 7:44 PM, James Bottomley wrote: >> TPMKey ::= SEQUENCE { >> typeOBJECT IDENTIFIER >> version [0] IMPLICIT INTEGER OPTIONAL >> emptyAuth [1] IMPLICIT BOOLEAN OPTIONAL >> parent

Re: [tpmdd-devel] [gnutls-devel] Proposal for the ASN.1 form of TPM1.2 and TPM2 keys

On Sat, Dec 24, 2016 at 5:13 PM, James Bottomley wrote: > I think, since it's a key format, the two above are the potential ones. > It would be TCG if they want to take it into their standard, otherwise > PKCS is RSA Inc. I wouldn't expect RSA inc to be

Re: [tpmdd-devel] [openssl-dev] [gnutls-devel] Proposal for the ASN.1 form of TPM1.2 and TPM2 keys

Bonjour, > Le 25 déc. 2016 à 19:44, James Bottomley > a écrit : > > On Sun, 2016-12-25 at 10:18 +0100, Nikos Mavrogiannopoulos wrote: >> On Sat, Dec 24, 2016 at 5:13 PM, James Bottomley >> wrote: >> >>> I think,

Re: [tpmdd-devel] [PATCH RFC 0/4] RFC: in-kernel resource manager

On 01/02/2017 09:26 PM, James Bottomley wrote: > On Mon, 2017-01-02 at 13:40 -0800, James Bottomley wrote: >> On Mon, 2017-01-02 at 21:33 +0200, Jarkko Sakkinen wrote: >>> On Mon, Jan 02, 2017 at 08:36:20AM -0800, James Bottomley wrote: On Mon, 2017-01-02 at 15:22 +0200, Jarkko Sakkinen

Re: [tpmdd-devel] [PATCH] tpm: check size of response before accessingdata

Stefan Berger wrote on 01/05/2017 07:11:24 AM: > > Check the size of the response before accesing data in > the response packet. This is to avoid accessing data beyond > the end of the response. This patch applies on top of Jarkko's tabrm tree. There are of course

[tpmdd-devel] [PATCH] tpm: check size of response before accessing data

Check the size of the response before accesing data in the response packet. This is to avoid accessing data beyond the end of the response. Signed-off-by: Stefan Berger --- drivers/char/tpm/tpm2-cmd.c | 6 ++ 1 file changed, 6 insertions(+) diff --git