Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S261843AbVEWEwx (ORCPT ); Mon, 23 May 2005 00:52:53 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S261844AbVEWEwx (ORCPT ); Mon, 23 May 2005 00:52:53 -0400 Received: from h80ad2538.async.vt.edu ([128.173.37.56]:21522 "EHLO h80ad2538.async.vt.edu") by vger.kernel.org with ESMTP id S261845AbVEWEwu (ORCPT ); Mon, 23 May 2005 00:52:50 -0400 Message-Id: <200505230452.j4N4qEOU001880@turing-police.cc.vt.edu> X-Mailer: exmh version 2.7.2 01/07/2005 with nmh-1.1-RC3 To: James Morris Cc: Reiner Sailer , Toml@us.ibm.com, linux-security-module@wirex.com, linux-kernel@vger.kernel.org, Pavel Machek , Emilyr@us.ibm.com, Kylene@us.ibm.com Subject: Re: [PATCH 2 of 4] ima: related Makefile compile order change and Readme In-Reply-To: Your message of "Mon, 23 May 2005 00:30:15 EDT." From: Valdis.Kletnieks@vt.edu References: Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_1116823933_3542P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Mon, 23 May 2005 00:52:13 -0400 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1460 Lines: 39 --==_Exmh_1116823933_3542P Content-Type: text/plain; charset=us-ascii On Mon, 23 May 2005 00:30:15 EDT, James Morris said: > Perhaps I don't understand things fully, but what is the purpose of > providing measurement values locally via proc? > > How can they be trusted without the TPM signing an externally generated > nonce? If you can't trust what the kernel is outputting in /proc, you're screwed. And for that matter, how would you verify that it's the TPM that signed the externally generated nonce? (Remember - if you can't trust /proc, then you have to assume that *any* attempt at talking to the TPM from userspace *is* a MITM attack - and you don't have access to any out-of-band info. If the now-untrusted kernel did a MITM on your nonce and signed it with a fake key, then it can *also* MITM your attempt to read the "correct" key from /etc/tpm.key or wherever it is.... --==_Exmh_1116823933_3542P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Exmh version 2.5 07/13/2001 iD8DBQFCkWF9cC3lWbTT17ARAs/9AJ9uY3O8Z96+n1X3xVNNcfxoeDZKDACeLXhO 2AGnoBVkjC757iFmgH4EPg8= =Xe5N -----END PGP SIGNATURE----- --==_Exmh_1116823933_3542P-- - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/