Received: by 2002:a05:6358:16cc:b0:ea:6187:17c9 with SMTP id r12csp12409537rwl; Tue, 3 Jan 2023 14:03:12 -0800 (PST) X-Google-Smtp-Source: AMrXdXvEHPOlBCvizQCxIqr8zVBYfcJkofrd207PEIQ10w9ChpMVDTxDzKgh8Zfg7AwudtibeAaK X-Received: by 2002:a17:90a:fe88:b0:226:8141:ac3a with SMTP id co8-20020a17090afe8800b002268141ac3amr6469167pjb.39.1672783392161; Tue, 03 Jan 2023 14:03:12 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1672783392; cv=none; d=google.com; s=arc-20160816; b=GWHiEOMzDpdTZVVCd3ZQR6stkujOxZuRFAYP2tFD/Uv/v3B7yObuzs1UaIltEVSQlw qCk6H6pw3KuKBLlujvr9GAzadbriqMDwM2Oppg4ujqhE7SNz1oeQHwZEcEhuzHBw1CXT 7J3B8/FAiyruAR23KzJEQ1WyWjDBd/D379T0ot+uVKJ9J7JcZLyLYg2zyxJTqQo98Fmx d8hpautQLOQ1Kqf0Ab4OHe/ziM9hrZnkbx8XNYQtVqAYQkNJoS7Wia9wA0+fU7w9nCUt ZN8RsZ4BOlIQwncgT3mCZETCo/CNhUpVGjJ228S/D9Vd6qyEnOqpTyeFw0pPF2W8RGgH Yc7Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=HZ2FmSNv2fjhmbZL2xtwyZRIFuE2CkO7NJQ4V0Oc4Lo=; b=fiT1eucwhol5QRaqL6yKQDDBzaUUlDwVdm/cBFN8TWXfsTVEQCcVYN+r/hRF4yimTJ qTIfCX8Uzs0woWsNJMZltSEalCrHZqRohAGNC7gFpUhIRmUhj3/8Z0V1x+ZhJe0A6pSZ TrTuJ6pkXqQqTXOpzV/aKFToQzyW4I1OJdswQaFrlecwIFc69hdm1gTcQ7ECAZgooxqS mIWHIZQ8xPQU5guTa/9QeZ0K0MKZ0+CtxRanC6kfUvpLBGzDY3PLFThEp9K3yIdpO7jF ldq2xkvczGcBySI3UCDytmAJ57mltnIttm0F2+YAAH113v2Cfrz7Cz8rYzy0a3vss2FR HpPQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@aurora.tech header.s=google header.b=KxvXpyJb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=aurora.tech Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i10-20020a17090acf8a00b00226a63d93f7si1297116pju.143.2023.01.03.14.03.04; Tue, 03 Jan 2023 14:03:12 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@aurora.tech header.s=google header.b=KxvXpyJb; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=aurora.tech Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233096AbjACVKo (ORCPT + 60 others); Tue, 3 Jan 2023 16:10:44 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48166 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230166AbjACVKk (ORCPT ); Tue, 3 Jan 2023 16:10:40 -0500 Received: from mail-ej1-x62a.google.com (mail-ej1-x62a.google.com [IPv6:2a00:1450:4864:20::62a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A504D1401C for ; Tue, 3 Jan 2023 13:10:39 -0800 (PST) Received: by mail-ej1-x62a.google.com with SMTP id vm8so70311243ejc.2 for ; Tue, 03 Jan 2023 13:10:39 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aurora.tech; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=HZ2FmSNv2fjhmbZL2xtwyZRIFuE2CkO7NJQ4V0Oc4Lo=; b=KxvXpyJbx48R7zqxK+HjZsnzh/LA/YfC2EyctNqWwm1f0aIalJDCzJcIoWHlnOxC2x 3MEaRg83mt5GlbcyNI/Rjr9dDLJ33/34wCEw4O5vOXP/tQF9qXHJDoY66t/ojuMf4TVB VxoDsxyX5MzJ9cswu4NxJ6hesJloCMsm6EnEG3QUQpbcOtPV3tC+B2cH7zt8ELsgjVGa M/t+9SEGAcniOsDcoV6tK2ZCHPnP0DSrOt8MPyO1I/gYjbZurDs5JKYEzt+7S8r+lwvP f6KmE+qCIB6gSa2SUrBigHIQR3n4lLurRb5GCJKYfOQF+vIq49I0bXNqGBWNHv7Z+msd U3Yg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=HZ2FmSNv2fjhmbZL2xtwyZRIFuE2CkO7NJQ4V0Oc4Lo=; b=YDFgRAq+bX0SROW8cQw7OD6xZns+ea4QRRr7U1S/VWe67RR8cMFYHIixTik8bKYZ3x UoOoOBud54dCO4oIgf1XM03AjGwYOpXvxfUJOzR2jqU7o/mlTQVC2dd/yWRhLQDnm761 +LeHVicC+wQHMtkjoNKqZX9F8MFVCUsekJbGnDG6WxZwU8for7rXQRfDiN0N5m6zX0Br +hSIRskcW+O6uUr4I+LRtliziS5zIwOrw0i4kGKVwe7Hy6Nz1eC4+eI2pjTzbgDQrNh4 8svoOUeQc/4RzGmmXLj8GHttgVi+dRoTFLw9YnRiFJzWi+2ENSLCd2muGWjTM5LmW5j9 Jf/Q== X-Gm-Message-State: AFqh2koHn3qOwXVLb5msX1iWRPM4Z0GAqB3XD30d1Yunwag2itDSRuxh HuWa76hfiapH2/DCv+BEHtwiYB3dH5UUwkdEAqQesQ== X-Received: by 2002:a17:906:500f:b0:7c0:d125:1fe6 with SMTP id s15-20020a170906500f00b007c0d1251fe6mr4023752ejj.514.1672780238196; Tue, 03 Jan 2023 13:10:38 -0800 (PST) MIME-Version: 1.0 References: <20221111231636.3748636-1-evgreen@chromium.org> <20221111151451.v5.3.I9ded8c8caad27403e9284dfc78ad6cbd845bc98d@changeid> <8ae56656a461d7b957b93778d716c6161070383a.camel@linux.ibm.com> In-Reply-To: From: Matthew Garrett Date: Tue, 3 Jan 2023 13:10:27 -0800 Message-ID: Subject: Re: [PATCH v5 03/11] tpm: Allow PCR 23 to be restricted to kernel-only use To: William Roberts Cc: jejb@linux.ibm.com, Evan Green , linux-kernel@vger.kernel.org, corbet@lwn.net, linux-integrity@vger.kernel.org, Eric Biggers , gwendal@chromium.org, dianders@chromium.org, apronin@chromium.org, Pavel Machek , Ben Boeckel , rjw@rjwysocki.net, Kees Cook , dlunev@google.com, zohar@linux.ibm.com, jarkko@kernel.org, linux-pm@vger.kernel.org, Matthew Garrett , Jason Gunthorpe , Peter Huewe Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Jan 3, 2023 at 1:05 PM William Roberts wrote: > What's the use case of using the creation data and ticket in this > context? Who gets the > creationData and the ticket? > Could a user supplied outsideInfo work? IIRC I saw some patches flying around > where the sessions will get encrypted and presumably correctly as well. This > would allow the transfer of that outsideInfo, like the NV Index PCR value to > be included and integrity protected by the session HMAC. The goal is to ensure that the key was generated by the kernel. In the absence of the creation data, an attacker could generate a hibernation image using their own key and trick the kernel into resuming arbitrary code. We don't have any way to pass secret data from the hibernate kernel to the resume kernel, so I don't think there's any easy way to do it with outsideinfo.