[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-keyrings
Subject:    Re: [PATCH v2 09/11] KEYS: trusted: Add session encryption protection to the seal/unseal path
From:       Ben Boeckel <me () benboeckel ! net>
Date:       2023-01-29 13:06:19
Message-ID: Y9ZvS9PozyX5AxpZ () farprobe
[Download RAW message or body]

On Tue, Jan 24, 2023 at 12:55:14 -0500, James Bottomley wrote:
> If some entity is snooping the TPM bus, the can see the data going in
                                          ^^^ they
> to be sealed and the data coming out as it is unsealed.  Add parameter
> and response encryption to these cases to ensure that no secrets are
> leaked even if the bus is snooped.
> 
> As part of doing this conversion it was discovered that policy
> sessions can't work with HMAC protected authority because of missing
> pieces (the tpm Nonce).  I've added code to work the same way as
> before, which will result in potential authority exposure (while still
> adding security for the command and the returned blob), and a fixme to
> redo the API to get rid of this security hole.

--Ben
[prev in list] [next in list] [prev in thread] [next in thread]