Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp203198pxb; Tue, 9 Mar 2021 21:17:23 -0800 (PST) X-Google-Smtp-Source: ABdhPJzYe1nEiu1DKNZ61texzQyclspgq49yz0CUdKwIcjVQAJkdKnoUlS/fFnxmEkTCUYeSkEHw X-Received: by 2002:a05:6402:4301:: with SMTP id m1mr1272550edc.210.1615353443094; Tue, 09 Mar 2021 21:17:23 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1615353443; cv=none; d=google.com; s=arc-20160816; b=E5bJriQ5Bn67VeeIyQoj5gisK0y+p1DW9/v8FjlItoUnaQlLaEs/0A7MCiDqPtAVZD hBK1koHQK5BUDRQR1j0snbXQDjUGS0Wvafjo2Z7+C4f4FiRpf2luQWsfTtTBghALdoIq 0bRRb+ywmI7SAeS2rYGzqNeykU3IaGpnVydMWMgKQB0ObuJDwIOyCwC3qtdMv97BEF7f Uo7pQMHtO2jWn4tNlaDBCXMGpsy6PKI9sbgbTI9y8FgLlXRE4rJ+D3inIkFuaozEm29l m+7eIYJFIChTZk8r8NZjE7CLTVXi7usoou001s7Eodc7dv9o4dRddJ11GQMNUsFU/zSY VZaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=UiJsJNOiBm83fFLXpqk2WZEpnaCEog3O/QAN1Beolgw=; b=unzjzojbgVybOs6j2XxILoxwoYebHT2onXbHulYULrvGA0rjOR20/Hw57LN5zDLEm7 VCiVhnOi+L/SxvO8brfQ2biGomXp7B8kKxgl8IcBgWndQvTAKhz5DBuo3CzFv8GPZKNz j7zz45ahUo2HlHclQ7rnee12/ZMcmV4+/dt6ItSDRVg3abtVu1sYFcRtArdhUIS2St4r TJuFXlxKNk2Sh6tCJgi8riJMp3POGJHTGn0i0TIbM6+BkEhP/y+YtCQgmY9LUmRzrmwQ Xt9r//ojpBkTTxbTHNEZNW8LZ+kIqGyILJ+uaFi/j5An9SOrlJvHgdBTeol8R/wCdkt7 Le6Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=mMxAC7+X; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id g3si10623125edr.463.2021.03.09.21.17.00; Tue, 09 Mar 2021 21:17:23 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=mMxAC7+X; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229441AbhCJFPb (ORCPT + 99 others); Wed, 10 Mar 2021 00:15:31 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52410 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229643AbhCJFPK (ORCPT ); Wed, 10 Mar 2021 00:15:10 -0500 Received: from mail-lf1-x132.google.com (mail-lf1-x132.google.com [IPv6:2a00:1450:4864:20::132]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A269BC061763 for ; Tue, 9 Mar 2021 21:15:09 -0800 (PST) Received: by mail-lf1-x132.google.com with SMTP id p21so31261353lfu.11 for ; Tue, 09 Mar 2021 21:15:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=UiJsJNOiBm83fFLXpqk2WZEpnaCEog3O/QAN1Beolgw=; b=mMxAC7+XqZJtvqPlzrX8H8HsuDT3PIQhBPZgHEZY7uSUXMOt8eK64tK1BN2d2NJ87O dy5qm0kARf89bitpEgGirnDhLNypQzkyVSp6Uc7SMLqE9ZpoA3ImyIcZzrQhGZkCzC23 YLZ64Umyue7CnQPoip9grEaYaDmGmCEXDkKXEQeSj1qNAwm2Gd0ZhIX2aXrPsNqsED4T /Jr8ZYX7newASgm08bVGZv7gokq5WIWnEXSZfju3yfxW8bb9GjsMLud/iAdJpiEH7Rom wCvq80nt9aOaBrdykb4ISM4GI8Bd5xQd45Vi8qlpDxnk3IlXKf1I8kGhLlZNBsgTNuXx BELA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=UiJsJNOiBm83fFLXpqk2WZEpnaCEog3O/QAN1Beolgw=; b=UQH8OhnUriH0XrAuzj0s7dcn31uq3kHCZdEJ5Smnvqf+IVg6pQoUm3hq1IsR9Ab/vz hTNHxLXnjPOXY+8keqloOfBRwN5TwMFjIHQBqGX1Ztp09xiXhkHpXO3nkxDcjG5YX/ms 3/R54JzQWG39fCrNAr7TsD3CO5L09bPmdL1SkTHS9BfvUvJNxR6/dozh2mdVxALUMEyK uKLH+5fOXFijZsCYHA1WPIxkA4JfuSIT+QaD9wcsc8phUZ2D44WE6XBtCCOn0q/fIr63 Ay8DnOUL58rrWaWK7y7mgkS0DAK2jUAR1QYfrBbkt9M8QgnintaJRlxRfh7Y1I0Vn0mj A38A== X-Gm-Message-State: AOAM531cxyZSZKo822HZWtETHdqUjGnmBtb+xrVtRaOu/397N/zOR8LJ zg2hWD7/qUu56NXls4F+50D4h9akyMA+x1kAozh+9w== X-Received: by 2002:ac2:46db:: with SMTP id p27mr972790lfo.396.1615353307886; Tue, 09 Mar 2021 21:15:07 -0800 (PST) MIME-Version: 1.0 References: <20210303135500.24673-1-alex.bennee@linaro.org> <20210303135500.24673-2-alex.bennee@linaro.org> <20210305075131.GA15940@goby> <6c542548-cc16-af68-c755-df52bd13b209@marcan.st> In-Reply-To: <6c542548-cc16-af68-c755-df52bd13b209@marcan.st> From: Sumit Garg Date: Wed, 10 Mar 2021 10:44:56 +0530 Message-ID: Subject: Re: [RFC PATCH 1/5] rpmb: add Replay Protected Memory Block (RPMB) subsystem To: Hector Martin , Linus Walleij Cc: Arnd Bergmann , "open list:ASYMMETRIC KEYS" , David Howells , Jarkko Sakkinen , Joakim Bech , =?UTF-8?B?QWxleCBCZW5uw6ll?= , "linux-kernel@vger.kernel.org" , Maxim Uvarov , Ilias Apalodimas , Ruchika Gupta , "Winkler, Tomas" , yang.huang@intel.com, bing.zhu@intel.com, Matti.Moell@opensynergy.com, hmo@opensynergy.com, linux-mmc , linux-scsi , linux-nvme@vger.kernel.org, Ulf Hansson , Arnd Bergmann Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, 10 Mar 2021 at 02:47, Hector Martin wrote: > > On 09/03/2021 01.20, Linus Walleij wrote: > > I suppose it would be a bit brutal if the kernel would just go in and > > appropriate any empty RPMB it finds, but I suspect it is the right way > > to make use of this facility given that so many of them are just sitting > > there unused. Noone will run $CUSTOM_UTILITY any more than they > > run the current RPMB tools in mmc-tools. > > AIUI the entire thing relies on a shared key that is programmed once > into the RPMB device, which is a permanent operation. This key has to be > secure, usually stored on CPU fuses or derived based on such a root of > trust. To me it would seem ill-advised to attempt to automate this > process and have the kernel do a permanent take-over of any RPMBs it > finds (with what key, for one?) :) > Wouldn't it be a good idea to use DT here to represent whether a particular RPMB is used as a TEE backup or is available for normal kernel usage? In case of normal kernel usage, I think the RPMB key can come from trusted and encrypted keys subsystem. -Sumit > For what it's worth, these days I think Apple uses a separate, dedicated > secure element for replay protected storage, not RPMB. That seems like a > sane approach, given that obviously Flash storage vendors cannot be > trusted to write security-critical firmware. But if all you have is > RPMB, using it is better than nothing. > > The main purpose of the RPMB is, as the name implies, replay protection. > You can do secure storage on any random flash with encryption, and even > do full authentication with hash trees, but the problem is no matter how > fancy your scheme is, attackers can always dump all memory and roll your > device back to the past. This defeats stuff like PIN code attempt > limits. So it isn't so much for storing crypto keys or such, but rather > a way to prevent these attacks. > > -- > Hector Martin (marcan@marcan.st) > Public Key: https://mrcn.st/pub