| Message ID | 20210127190617.17564-1-James.Bottomley@HansenPartnership.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | TPM 2.0 trusted key rework | expand |
On Wed, Jan 27, 2021 at 11:06:12AM -0800, James Bottomley wrote: > v15: fix 0day sign issue and add reviews and testeds > > General cover letter minus policy bit: > > This patch updates the trusted key code to export keys in the ASN.1 > format used by current TPM key tools (openssl_tpm2_engine and > openconnect). The current code will try to load keys containing > policy, but being unable to formulate the policy commands necessary to > load them, the unseal will always fail unless the policy is executed > in user space and a pre-formed policy session passed in. > > The key format is designed to be compatible with our two openssl > engine implementations as well as with the format used by openconnect. > I've added seal/unseal to my engine so I can use it for > interoperability testing and I'll later use this for sealed symmetric > keys via engine: > > https://git.kernel.org/pub/scm/linux/kernel/git/jejb/openssl_tpm2_engine.git/ > > James > > --- > > James Bottomley (5): > lib: add ASN.1 encoder > oid_registry: Add TCG defined OIDS for TPM keys > security: keys: trusted: fix TPM2 authorizations > security: keys: trusted: use ASN.1 TPM2 key format for the blobs > security: keys: trusted: Make sealed key properly interoperable AFAIK, bug fixes should merged before functional changes and migratable flag has a regression: https://marc.info/?l=linux-integrity&m=160255753405345 I'll send an update to this series. /Jarkko > > .../security/keys/trusted-encrypted.rst | 58 +++ > include/keys/trusted-type.h | 2 + > include/linux/asn1_encoder.h | 32 ++ > include/linux/oid_registry.h | 5 + > include/linux/tpm.h | 2 + > lib/Kconfig | 3 + > lib/Makefile | 1 + > lib/asn1_encoder.c | 454 ++++++++++++++++++ > security/keys/Kconfig | 3 + > security/keys/trusted-keys/Makefile | 4 +- > security/keys/trusted-keys/tpm2key.asn1 | 11 + > security/keys/trusted-keys/trusted_tpm1.c | 34 +- > security/keys/trusted-keys/trusted_tpm2.c | 269 ++++++++++- > 13 files changed, 846 insertions(+), 32 deletions(-) > create mode 100644 include/linux/asn1_encoder.h > create mode 100644 lib/asn1_encoder.c > create mode 100644 security/keys/trusted-keys/tpm2key.asn1 > > -- > 2.26.2 > >
On Wed, Jan 27, 2021 at 11:06:12AM -0800, James Bottomley wrote: > v15: fix 0day sign issue and add reviews and testeds > > General cover letter minus policy bit: > > This patch updates the trusted key code to export keys in the ASN.1 > format used by current TPM key tools (openssl_tpm2_engine and > openconnect). The current code will try to load keys containing > policy, but being unable to formulate the policy commands necessary to > load them, the unseal will always fail unless the policy is executed > in user space and a pre-formed policy session passed in. > > The key format is designed to be compatible with our two openssl > engine implementations as well as with the format used by openconnect. > I've added seal/unseal to my engine so I can use it for > interoperability testing and I'll later use this for sealed symmetric > keys via engine: > > https://git.kernel.org/pub/scm/linux/kernel/git/jejb/openssl_tpm2_engine.git/ > > James > > --- > > James Bottomley (5): > lib: add ASN.1 encoder > oid_registry: Add TCG defined OIDS for TPM keys > security: keys: trusted: fix TPM2 authorizations > security: keys: trusted: use ASN.1 TPM2 key format for the blobs > security: keys: trusted: Make sealed key properly interoperable This is online again in the master branch. I've mangled the commits as follows: 1. Fixed my emails to jarkko@kernel.org. 2. Adjusted the Makefile, i.e. separate lines for each entry. 3. Fixed the checkpatch issues. I guess we could potentially re-consider this to rc2 pull? With all the mangling required, did not make sense to include this to the first pull. /Jarkko
On Fri, 2021-02-19 at 20:24 +0200, Jarkko Sakkinen wrote: > On Wed, Jan 27, 2021 at 11:06:12AM -0800, James Bottomley wrote: > > v15: fix 0day sign issue and add reviews and testeds > > > > General cover letter minus policy bit: > > > > This patch updates the trusted key code to export keys in the ASN.1 > > format used by current TPM key tools (openssl_tpm2_engine and > > openconnect). The current code will try to load keys containing > > policy, but being unable to formulate the policy commands necessary > > to > > load them, the unseal will always fail unless the policy is > > executed > > in user space and a pre-formed policy session passed in. > > > > The key format is designed to be compatible with our two openssl > > engine implementations as well as with the format used by > > openconnect. > > I've added seal/unseal to my engine so I can use it for > > interoperability testing and I'll later use this for sealed > > symmetric > > keys via engine: > > > > https://git.kernel.org/pub/scm/linux/kernel/git/jejb/openssl_tpm2_engine.git/ > > > > James > > > > --- > > > > James Bottomley (5): > > lib: add ASN.1 encoder > > oid_registry: Add TCG defined OIDS for TPM keys > > security: keys: trusted: fix TPM2 authorizations > > security: keys: trusted: use ASN.1 TPM2 key format for the blobs > > security: keys: trusted: Make sealed key properly interoperable > > This is online again in the master branch. > > I've mangled the commits as follows: > > 1. Fixed my emails to jarkko@kernel.org. > 2. Adjusted the Makefile, i.e. separate lines for each entry. > 3. Fixed the checkpatch issues. > > I guess we could potentially re-consider this to rc2 pull? With all > the mangling required, did not make sense to include this to the > first pull. The way I usually do this in SCSI, because stuff always happens immediately before the merge window that causes some pull material to be held over, is an early push, which you've done followed by a late push on the Friday before the merge window closes of the rest of the stuff. This is an example from the last but one merge window: https://lore.kernel.org/linux-scsi/fdee2336d2a7eada3749e07c3cc6ea682f8200b3.camel@HansenPartnership.com/ https://lore.kernel.org/linux-scsi/4affd2a9c347e5f1231485483bf852737ea08151.camel@HansenPartnership.com/ Linus seems to be happy with this pattern as long as it's well explained. James
On Fri, Feb 19, 2021 at 10:35:00AM -0800, James Bottomley wrote: > On Fri, 2021-02-19 at 20:24 +0200, Jarkko Sakkinen wrote: > > On Wed, Jan 27, 2021 at 11:06:12AM -0800, James Bottomley wrote: > > > v15: fix 0day sign issue and add reviews and testeds > > > > > > General cover letter minus policy bit: > > > > > > This patch updates the trusted key code to export keys in the ASN.1 > > > format used by current TPM key tools (openssl_tpm2_engine and > > > openconnect). The current code will try to load keys containing > > > policy, but being unable to formulate the policy commands necessary > > > to > > > load them, the unseal will always fail unless the policy is > > > executed > > > in user space and a pre-formed policy session passed in. > > > > > > The key format is designed to be compatible with our two openssl > > > engine implementations as well as with the format used by > > > openconnect. > > > I've added seal/unseal to my engine so I can use it for > > > interoperability testing and I'll later use this for sealed > > > symmetric > > > keys via engine: > > > > > > https://git.kernel.org/pub/scm/linux/kernel/git/jejb/openssl_tpm2_engine.git/ > > > > > > James > > > > > > --- > > > > > > James Bottomley (5): > > > lib: add ASN.1 encoder > > > oid_registry: Add TCG defined OIDS for TPM keys > > > security: keys: trusted: fix TPM2 authorizations > > > security: keys: trusted: use ASN.1 TPM2 key format for the blobs > > > security: keys: trusted: Make sealed key properly interoperable > > > > This is online again in the master branch. > > > > I've mangled the commits as follows: > > > > 1. Fixed my emails to jarkko@kernel.org. > > 2. Adjusted the Makefile, i.e. separate lines for each entry. > > 3. Fixed the checkpatch issues. > > > > I guess we could potentially re-consider this to rc2 pull? With all > > the mangling required, did not make sense to include this to the > > first pull. > > The way I usually do this in SCSI, because stuff always happens > immediately before the merge window that causes some pull material to > be held over, is an early push, which you've done followed by a late > push on the Friday before the merge window closes of the rest of the > stuff. This is an example from the last but one merge window: > > https://lore.kernel.org/linux-scsi/fdee2336d2a7eada3749e07c3cc6ea682f8200b3.camel@HansenPartnership.com/ > https://lore.kernel.org/linux-scsi/4affd2a9c347e5f1231485483bf852737ea08151.camel@HansenPartnership.com/ > > Linus seems to be happy with this pattern as long as it's well > explained. > > James OK, thanks, I'll keep this in mind. /Jarkko