Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp537266rwd; Mon, 12 Jun 2023 18:19:33 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ6LQdacLriP6KJVxE7wRpwTueFWKIrNSzVi7yz4XXq9ztYPxz/GCFZezO5mFtduCmaLvXPi X-Received: by 2002:a17:907:9686:b0:974:419d:7847 with SMTP id hd6-20020a170907968600b00974419d7847mr12146421ejc.71.1686619173163; Mon, 12 Jun 2023 18:19:33 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1686619173; cv=none; d=google.com; s=arc-20160816; b=J/u4DzlLeNqYvEYB5HahealTbaWyJwWAkH74Fuj3gbg2f5gKcf0F9gPjkAdqtlvway Y2hyeDH12dNomwK7s6nRIlHweAos08SQnerBPzr0FuFcweG+iNVOoizgvcmqtaqauWFK WEeFbOvXkFFNG4H4HYWF+AyMhJGDdsSoc6Wg3puC/QoalVxyS1zHzwd5extstE3ILbWy BE6w4etmWpgoOavkgz98Bp2dsnDKYpSzuopTGPLpldVuYsq0kjKZTFMPIUwBrixDuM51 y8iodc2NWOresItl3JiWjyHIkEq4AMgovIaO9L0ONKelqp8PthEHCqOkm9zMfGAEtUEq nw7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:message-id:in-reply-to :subject:cc:to:from:date:dkim-signature:dkim-filter; bh=Tp1WzQdcx12W1fzBArAndkSd8SuQkzZ/5ksg+tQwJqs=; b=FRJgk8edjHSrWRQz7+Osy5Q9/uULAgD1B4XvXXOXv0uvDiHJzwRnme7aKuTJaLKS8R AAeJ1t+OqDxoDo1l2L1bfSO6HKlj3Kgrfw0i6BFa8ezwYV/2KBnHY2l4eU6bjTL+6f7n +UBHFCOZumPyWFGwHkFfnZ6YLv4MGOy4XSNj7ex+rNvqg/daEQPW+AKo1U8WYnt1S2WF kHbJphtsyU6DlnUjjt6jORXdjE6ZNB6X2fEE2P2IyZWbBXy/8iWOJGS0Cr6tl5ULhZud YDvnCq/TyNi5xiQCAyuOEve4MagV4eF5ctwqAvwkCPXhRvHBkCMkF+NWjZlueJ94p9BT jaeQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=Cz69bezj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id e23-20020a170906045700b00977c5041c13si6104224eja.879.2023.06.12.18.19.09; Mon, 12 Jun 2023 18:19:33 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@linux.microsoft.com header.s=default header.b=Cz69bezj; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230095AbjFMAtW (ORCPT + 99 others); Mon, 12 Jun 2023 20:49:22 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44196 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229480AbjFMAtT (ORCPT ); Mon, 12 Jun 2023 20:49:19 -0400 Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id 4464210D3; Mon, 12 Jun 2023 17:49:18 -0700 (PDT) Received: by linux.microsoft.com (Postfix, from userid 1152) id ACDC420FE86C; Mon, 12 Jun 2023 17:49:17 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com ACDC420FE86C DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1686617357; bh=Tp1WzQdcx12W1fzBArAndkSd8SuQkzZ/5ksg+tQwJqs=; h=Date:From:To:cc:Subject:In-Reply-To:References:From; b=Cz69bezj1h7WpyniLbBF79JtEUf+PZyKWL//KV4CS0zag0E+zewbtPPKGhuM5DCPR I+T8kVYutZi3ZltH+cHOdLHJ0D4KYmjQlRfeWhIbRcXSaN8jeQM86TZc/KySzKPMGs zhv8/1LsPyC+ovVB6Fd1J8TdQGwTmrqCghYEDXKs= Received: from localhost (localhost [127.0.0.1]) by linux.microsoft.com (Postfix) with ESMTP id A98CB307032D; Mon, 12 Jun 2023 17:49:17 -0700 (PDT) Date: Mon, 12 Jun 2023 17:49:17 -0700 (PDT) From: Shyam Saini To: alex.bennee@linaro.org cc: Sumit Garg , "Zhu, Bing" , "alex.bennee@linaro.org" , "code@tyhicks.com" , "Matti.Moell@opensynergy.com" , "arnd@linaro.org" , "hmo@opensynergy.com" , "joakim.bech@linaro.org" , "linux-kernel@vger.kernel.org" , "linux-mmc@vger.kernel.org" , "linux-scsi@vger.kernel.org" , "maxim.uvarov@linaro.org" , "ruchika.gupta@linaro.org" , "Winkler, Tomas" , "ulf.hansson@linaro.org" , "Huang, Yang" , "jens.wiklander@linaro.org" , "op-tee@lists.trustedfirmware.org" , ilias.apalodimas@linaro.org Subject: Re: [PATCH v2 0/4] rpmb subsystem, uapi and virtio-rpmb driver In-Reply-To: Message-ID: References: <20220405093759.1126835-1-alex.bennee@linaro.org> <20230531191007.13460-1-shyamsaini@linux.microsoft.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Spam-Status: No, score=-19.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_MED, SPF_HELO_PASS,SPF_PASS,T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED, USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Thank you everyone for your valueable feedback. Alex, are you planning submit this patch series ? Please let me know. > On Thu, 1 Jun 2023 at 08:49, Sumit Garg wrote: >> >> On Thu, 1 Jun 2023 at 11:02, Ilias Apalodimas >> wrote: >>> >>> Hi Bing >>> >>> On Thu, 1 Jun 2023 at 04:03, Zhu, Bing wrote: >>>> >>>> As an alternative, Is it possible to change ftpm design not to depend on RPMB access at the earlier/boot stage? Because to my understanding, typically PCRs don't require persistent/NV storage (for example, before RPMB or tee-supplicant is ready, use TEE memory instead as temporary storage) >>> >>> I am not entirely sure this will solve our problem here. You are >>> right that we shouldn't depend on the supplicant to extend PCRs. But >>> what happens if an object is sealed against certain PCR values? We >>> are back to the same problem >> >> +1 >> >> Temporary storage may be a stop gap solution for some use-cases but >> having a fast path access to RPMB via kernel should be our final goal. >> I would suggest we start small with the MMC subsystem to expose RPMB >> access APIs for OP-TEE driver rather than a complete RPMB subsystem. > > I discussed with the OP-TEE maintainers about adding parts of the > supplicant in the kernel. The supplicant 'just' sends an ioctl to > store/read stuff anyway. So it would make sense to have a closer and > see if that looks reasonable. > Thanks > > /Ilias > >> >> -Sumit >> >>> >>> Thanks >>> /Ilias >>>> >>>> Bing >>>> >>>> IPAS Security Brown Belt (https://www.credly.com/badges/69ea809f-3a96-4bc7-bb2f-442c1b17af26) >>>> System Software Engineering >>>> Software and Advanced Technology Group >>>> Zizhu Science Park, Shanghai, China >>>> >>>> -----Original Message----- >>>> From: Shyam Saini >>>> Sent: Thursday, June 1, 2023 3:10 AM >>>> To: alex.bennee@linaro.org >>>> Cc: code@tyhicks.com; Matti.Moell@opensynergy.com; arnd@linaro.org; Zhu, Bing ; hmo@opensynergy.com; ilias.apalodimas@linaro.org; joakim.bech@linaro.org; linux-kernel@vger.kernel.org; linux-mmc@vger.kernel.org; linux-scsi@vger.kernel.org; maxim.uvarov@linaro.org; ruchika.gupta@linaro.org; Winkler, Tomas ; ulf.hansson@linaro.org; Huang, Yang ; sumit.garg@linaro.org; jens.wiklander@linaro.org; op-tee@lists.trustedfirmware.org >>>> Subject: [PATCH v2 0/4] rpmb subsystem, uapi and virtio-rpmb driver >>>> >>>> Hi Alex, >>>> >>>> [ Resending, Sorry for the noise ] >>>> >>>> Are you still working on it or planning to resubmit it ? >>>> >>>> [1] The current optee tee kernel driver implementation doesn't work when IMA is used with optee implemented ftpm. >>>> >>>> The ftpm has dependency on tee-supplicant which comes once the user space is up and running and IMA attestation happens at boot time and it requires to extend ftpm PCRs. >>>> >>>> But IMA can't use PCRs if ftpm use secure emmc RPMB partition. As optee can only access RPMB via tee-supplicant(user space). So, there should be a fast path to allow optee os to access the RPMB parititon without waiting for user-space tee supplicant. >>>> >>>> To achieve this fast path linux optee driver and mmc driver needs some work and finally it will need RPMB driver which you posted. >>>> >>>> Please let me know what's your plan on this. >>>> >>>> [1] https://optee.readthedocs.io/en/latest/architecture/secure_storage.html >>>> >>>> Best Regards, >>>> Shyam >