Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp990122imu;
        Fri, 11 Jan 2019 12:50:13 -0800 (PST)
X-Google-Smtp-Source: ALg8bN4iM+HqiJAFEBwQwKiVVRNVeMWE4A7oTOuZM9nW3pAmyWbG62ivFr0xX0lfgUNhxirVFpDd
X-Received: by 2002:a63:1d1d:: with SMTP id d29mr14814170pgd.49.1547239813804;
        Fri, 11 Jan 2019 12:50:13 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1547239813; cv=none;
        d=google.com; s=arc-20160816;
        b=UKl6KUAhCC0ecyvSMx6Z9ZWVEhbj8ij9Qe7fb+jXz7WvrQtjkz3r4tX+G+wUP3CvWH
         rqbpxVZK1CHh7q++DwnJxUbEiVFp6nV9TVLXxMFsUmGA9MVXjFE8C1Sg4Au8vaLu9zxY
         AJwKKmOOU+hcwSEzWZKAK5ihcG55UJpOMsRpgCil8vLlsR+FuzIFeoPyMHsZmRr7y7aq
         bKMNJ1qB3S4rxnl3ozP5nJaU3h0neAcmmuRHGscKrbn0JXX36aA9MTxwGStPhrcftoV4
         tnviByeAoNX9Qlc2726Gilv0B4Vd36uwuUrICi0r2lBFf0F+Lgi9HZukG2WXJtPSCOzG
         12OA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:date:cc:to:from:subject:message-id
         :dkim-signature;
        bh=f2KJNHZApezIxHQuyE2F0W5BP51fhsAxf5da6woAQQA=;
        b=WrEePhYJN1uEA5ReL3ilCu8Z2O25fZV9jX8vjx/msENqMiqESKYPDt60aQFv+9NVSY
         RO787HZ4+H2tCeAS0n4T3M/qw404oz/HkfK3jlyKk53t+HB7QAgxMw31VFUdQ+A0O4w2
         089pIYH4DQ2E2R+HxXVewBpca1UXVw4Ftxzgyk4496wgKvyY2FkEgmntc4E/JUHol0C9
         +FOfMnW0AcSycedIQTDmEyQKKxeSMaOTWyzonL4XTEUN9ofE4DV13VaVxZOsPq38xp8J
         jWHnCya8xqrZL1dx1CkUbrV+PcKl5gZ486XiHpMI0JwvhdF4BSozjc+tv0O9fOwwZ1pm
         17mw==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=fail header.i=@hansenpartnership.com header.s=20151216 header.b=rXCWuoik;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=hansenpartnership.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id 23si15017071pfu.2.2019.01.11.12.49.58;
        Fri, 11 Jan 2019 12:50:13 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=fail header.i=@hansenpartnership.com header.s=20151216 header.b=rXCWuoik;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=hansenpartnership.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2387533AbfAKP3E (ORCPT <rfc822;morganleezd2003@gmail.com>
        + 99 others); Fri, 11 Jan 2019 10:29:04 -0500
Received: from bedivere.hansenpartnership.com ([66.63.167.143]:44612 "EHLO
        bedivere.hansenpartnership.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1728941AbfAKP3E (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 11 Jan 2019 10:29:04 -0500
Received: from localhost (localhost [127.0.0.1])
        by bedivere.hansenpartnership.com (Postfix) with ESMTP id 63A888EE491;
        Fri, 11 Jan 2019 07:29:02 -0800 (PST)
Received: from bedivere.hansenpartnership.com ([127.0.0.1])
        by localhost (bedivere.hansenpartnership.com [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id knqUCgmGQTLS; Fri, 11 Jan 2019 07:29:01 -0800 (PST)
Received: from [153.66.254.194] (unknown [50.35.68.20])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by bedivere.hansenpartnership.com (Postfix) with ESMTPSA id 058B08EE369;
        Fri, 11 Jan 2019 07:29:00 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=hansenpartnership.com;
        s=20151216; t=1547220541;
        bh=S6CiscRi8b9JhK/2xjPs5aFjuBUbVmlVCSQUIm9Gkbg=;
        h=Subject:From:To:Cc:Date:In-Reply-To:References:From;
        b=rXCWuoikEBL7bsHUpVoyOsxAQ/2SsONzczVDpaPOjMR9BZ6bkRhff6vD8TZwDYcEQ
         J3HZG/M4u6bC6diqs6DtxvbiunFI4ZKErwOtM0JeXVvo9udyA4hQ8PPsR12Q/z/udU
         VtpsRHgTu8XmuLRcFAwQow/8NiZBU7bQ5b7nn5Fc=
Message-ID: <1547220538.2793.6.camel@HansenPartnership.com>
Subject: Re: [PATCH 1/5 v2] PM / hibernate: Create snapshot keys handler
From:   James Bottomley <James.Bottomley@HansenPartnership.com>
To:     Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        Andy Lutomirski <luto@kernel.org>
Cc:     Stephan Mueller <smueller@chronox.de>,
        Herbert Xu <herbert@gondor.apana.org.au>,
        "Lee, Chun-Yi" <joeyli.kernel@gmail.com>,
        "Rafael J . Wysocki" <rjw@rjwysocki.net>,
        Pavel Machek <pavel@ucw.cz>,
        LKML <linux-kernel@vger.kernel.org>, linux-pm@vger.kernel.org,
        keyrings@vger.kernel.org,
        "Rafael J. Wysocki" <rafael.j.wysocki@intel.com>,
        Chen Yu <yu.c.chen@intel.com>,
        Oliver Neukum <oneukum@suse.com>,
        Ryan Chen <yu.chen.surf@gmail.com>,
        David Howells <dhowells@redhat.com>,
        Giovanni Gherdovich <ggherdovich@suse.cz>,
        Randy Dunlap <rdunlap@infradead.org>,
        Jann Horn <jannh@google.com>
Date:   Fri, 11 Jan 2019 07:28:58 -0800
In-Reply-To: <20190111140226.GA6448@linux.intel.com>
References: <20190103143227.9138-1-jlee@suse.com>
         <4499700.LRS4F2YjjC@tauon.chronox.de>
         <20190108050358.llsox32hggn2jioe@gondor.apana.org.au>
         <1565399.7ulKdI1fm5@tauon.chronox.de>
         <D70458DE-712B-4767-8143-7DC9107689C3@amacapital.net>
         <1546994671.6077.10.camel@HansenPartnership.com>
         <CALCETrWTAYpWv73MgAz=NUfvJSLq965fWMYvJnDepJoRBsgt6Q@mail.gmail.com>
         <20190111140226.GA6448@linux.intel.com>
Content-Type: text/plain; charset="UTF-8"
X-Mailer: Evolution 3.26.6 
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, 2019-01-11 at 16:02 +0200, Jarkko Sakkinen wrote:
> On Tue, Jan 08, 2019 at 05:43:53PM -0800, Andy Lutomirski wrote:
> > (Also, do we have a sensible story of how the TPM interacts with
> > hibernation at all?  Presumably we should at least try to replay
> > the PCR operations that have occurred so that we can massage the
> > PCRs into the same state post-hibernation.  Also, do we have any
> > way for the kernel to sign something with the TPM along with an
> > attestation that the signature was requested *by the
> > kernel*?  Something like a sub-hierarchy of keys that the kernel
> > explicitly prevents userspace from accessing?)
> 
> Kernel can keep it is own key hierarchy in memory as TPM2 chips allow
> to offload data in encrypted form and load it to TPM when it needs to
> use it.
> 
> The in-kernel resource manager that I initiated couple years ago
> provides this type of functionality.

Actually, the resource manager only keeps volatile objects separated
when in use not when offloaded.  The problem here is that the object
needs to be persisted across reboots, so either it gets written to the
NV area, bypassing the resource manager and making it globally visible
or it has to get stored in TPM form in the hibernation image, meaning
anyone with access to the TPM who can read the image can extract and
load it. Further: anyone with access to the TPM can create a bogus
sealed key and encrypt a malicious hibernation image with it.  So there
are two additional problems

   1. Given that the attacker may have access to the binary form of the
      key, can we make sure only the kernel can get it released?
   2. How do we prevent an attacker with access to the TPM from creating a
      bogus sealed key?

This is why I was thinking localities.

James