Conversation
jarkko

Jarkko Sakkinen

Great, #TPM bus protection is ready to be applied: https://lore.kernel.org/linux-integrity/D10E68XSE1FV.1XZL0Z6TV7DWX@kernel.org/
1
0
2
lindi2@mastodon.social

Timo Lindfors

Reply to @jarkko

@jarkko good timing indeed, a colleague at work was just trying out TPM bus sniffing against Windows and Linux targets. Didn't read the full patch set, does this prevent passive sniffing on existing systems that just use tpm2_nvread without any sessions or are user space changes necessary as well?

1
0
1
jarkko

Jarkko Sakkinen

Reply to @lindi2@mastodon.social
@lindi2 Cool to hear! And please contact me if you find something. I'd expect at least some issue, if not security, then stability but that is obviously to case for any code that has not yet been in the warzone, right? :-)

So, yeah it *should*. It uses null seed for TPM key generation which is shuffled per power on and creates HMAC pipe to the TPM which is unconditonally applied to the user space devices. also it denies comms if the null seed is resetted.

Also the stuff @pid_eins and systemd folks have been working is expected to not be "warzone ready" ;-) some social of the media feedback on that has been somewhat uneducated (not referring to demo videos, it is helpful the demonstrate the issues and open source by definition should be brutally honest and transparent).
1
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko
Edited 14 days ago
@lindi2 @pid_eins I'll do my PR probably on Monday so you can expect the feature in rc1 if Linus agrees on it.

For earlier testing, use linux-next tree. For any findings please do not send just "hush mail" to me but instead use linux-integrity@vger.kernel.org mailing list :-) We have full release cycle for v6.10 to fixup things. Also any suggestions how to counter-measure e.g. any security findings are obviously appreciated!

If those suggestions lead to bug fix, you can either bake up possible patch yourself or we fix it up then obviously the reported-by (for the report itself) and suggested-by (for the solution) are applied to the commits.
1
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko

@lindi2 @pid_eins good news, Linus pulled my PR’s in queue:https://social.kernel.org/notice/AhrCE3Z7RqcBa1p1Hc. So the changes are now in the mainline.

For security research: HMAC pipe is for the kernel clients we do not want to layer /dev/tpm0. It can be done just as well in the user space (and should be when required).

I.e. right now for trusted keys, and soon’ish for asymmetric keys (feature requried for x.509 certificates [1]). You can also grep the call sites by:

$ git grep "tpm2_start_auth_session(.*);"
drivers/char/tpm/tpm2-cmd.c:	rc = tpm2_start_auth_session(chip);
drivers/char/tpm/tpm2-cmd.c:	err = tpm2_start_auth_session(chip);
include/linux/tpm.h:int tpm2_start_auth_session(struct tpm_chip *chip);
security/keys/trusted-keys/trusted_tpm2.c:	rc = tpm2_start_auth_session(chip);
security/keys/trusted-keys/trusted_tpm2.c:	rc = tpm2_start_auth_session(chip);
security/keys/trusted-keys/trusted_tpm2.c:	rc = tpm2_start_auth_session(chip);

x.509 part will be 6.11 feature.

[1] https://datatracker.ietf.org/doc/draft-woodhouse-cert-best-practice/ NOTE: a bit out of date, I chatted quickly with David and he is planning to remove TPM 1.2 and DSA keys from the draft.

1
0
0
jarkko

Jarkko Sakkinen

Reply to @jarkko
Edited 4 days ago
@lindi2 @pid_eins After TPM2 asymmetric keys has landed we could conclude that the kernel side is in some sense "feature complete" as far as TPM2 is concerned.

There might be some additional stuff in EFI upcoming *possibly*. I'm thinking UKI here but since I'm not that familiar with it, I don't have exact picture what it might possibly require from kernel. But at least as far as runtime features are concerned, looking solid.
0
0
0
About social.kernel.org

Terms of service

  1. Please do not use this service in violation of the Linux Kernel Code of Conduct. Doing so will result in your account suspension with the referral of the matter to the CoC committee.

  2. "Repeating"/"boosting" someone else's status on this platform will be treated as endorsement and will fall under rule #1.

  3. You are encouraged to use this platform to promote your work on the Linux Kernel, but there is no restriction on permitted topics (with the exception of anything covered by #1 above).

  4. There is no requirement to post in English, but it should be considered the primary language of communication on this platform.

Privacy notice

The admins of this service have access to all posted statuses. They aren't looking, but if it's something they shouldn't know about, then you should not post it on this platform.

Please see the Linux Foundation Privacy Policy, which applies to this platform as well.

Getting your own account

If you would like an account on this instance, please check that the following applies to you:

  • You are listed in MAINTAINERS or CREDITS

  • OR: You have a kernel.org account or email address

  • OR: You have a long and established history of involvement with the Linux Kernel

If the above is true and you agree with the Terms of Service and Privacy Notice listed above, please use these instructions to request an account: