Received: by 2002:ab2:6816:0:b0:1f9:5764:f03e with SMTP id t22csp3142332lqo;
        Tue, 21 May 2024 08:03:03 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCVf4uOcMw+QXUcUJKdWuY5cTgsIli/VTdiM/WjU1++i5Yzekv8Dc4lrJ7CD+eeT6Tn+S1fwAS61TM1PNgPg9WjJ4fFtUp923bNvRrSyOA==
X-Google-Smtp-Source: AGHT+IFcWSJJh7OvuwzliMnFCyjFBqdUNQikSDqHdGetZco6D/tyzlLTrdTSNeRCeOAwx2tn6Sdl
X-Received: by 2002:a05:620a:9:b0:792:905f:667e with SMTP id af79cd13be357-792c759adfbmr3873654785a.28.1716303782502;
        Tue, 21 May 2024 08:03:02 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1716303782; cv=pass;
        d=google.com; s=arc-20160816;
        b=p57ItABZiLYXO/utP6tCrAXMruRFdTjydZQacHZHnABao+UbaLl1GXx5vIr3Jno7sT
         Drvo1T2Ifsqu4DujXAyrlpamEp/upHrDkZ+FXVCsxfPHQ9q5owvjCRQmg0UCO0GZB1Ml
         NioSEaVeykoUZ9UDkM0zKa5DqwR4HjnAJnFEN9tqZMFmXsqucBEraVPKrCT8PvMKdR74
         Ht15cwTD9PsCMtV7/fRLN9HaW/W8XBghDn/5KjSww2BuI79+SziJNZ8GOW5CqnHIvRPm
         UiHFIL8zQ8h870xvscuIde1AuyNLRr4OPQsXUcV5fL4rR2qzWe7Vu+uK+a1ariK0ILHI
         5uTQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=in-reply-to:references:to:from:subject:cc:message-id:date
         :content-transfer-encoding:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:dkim-signature;
        bh=dvHHIdOYj0+st4HW7Gv9KyGhP0/rjbfw9H68YkOapgA=;
        fh=xHFKfwBnM40jSKsMgnFYVOfb/OMktis4R8B70nJbikE=;
        b=v9n1SxNSE1nqX49lcox0Xtb5T4IGRaN38fVwVJto4NfSXgJGkBTsCg/WW8dsFLpsO5
         S6jiJikQ3lSi4qMl40xNOqfJtOSwGi6QUN94YufZo3pMuxVhpDb2iPpRMD3z4jw88l0W
         n0jpysxXvFbrt/JSsBRPfe4Lilk4lSuv+SkkrLJhdA64VOn+sttpPKIWPoXoXpXvwfTo
         +Mg8xZpumOPuIhbNvnpBB5AARTFfl/ut9v+gOJS5RSFYCFgjdxurtoEQOqGqI7EwhZ7G
         bU9GIiNR3Z8n1v72twWM04FehYbLoIN3k4uECEGLpa01BRuZ7hqoLgI8gxQJWtrCDM1v
         Ip1Q==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=TTeC6O+M;
       arc=pass (i=1 dkim=pass dkdomain=kernel.org);
       spf=pass (google.com: domain of linux-kernel+bounces-185131-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-185131-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel+bounces-185131-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from ny.mirrors.kernel.org (ny.mirrors.kernel.org. [147.75.199.223])
        by mx.google.com with ESMTPS id af79cd13be357-792d77b46a6si279159185a.223.2024.05.21.08.03.02
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 21 May 2024 08:03:02 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-185131-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) client-ip=147.75.199.223;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=TTeC6O+M;
       arc=pass (i=1 dkim=pass dkdomain=kernel.org);
       spf=pass (google.com: domain of linux-kernel+bounces-185131-linux.lists.archive=gmail.com@vger.kernel.org designates 147.75.199.223 as permitted sender) smtp.mailfrom="linux-kernel+bounces-185131-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ny.mirrors.kernel.org (Postfix) with ESMTPS id 94B741C23000
	for <linux.lists.archive@gmail.com>; Tue, 21 May 2024 15:02:47 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id 538457FBAA;
	Tue, 21 May 2024 15:02:42 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="TTeC6O+M"
Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6FA5477F2F;
	Tue, 21 May 2024 15:02:41 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1716303761; cv=none; b=JG0Nx/JucnjggJ/Px0PAwqxiENOireo8kQvMIwI8qGt8oiD2MgTDk7sjZMWSM8KCDt4lqJmcmiTHPfeTVCoclrYBK1mG5+OEEQ+mxyA1cQtTR8LxQfwo+Jn0RiJpSoLa5zofgR143j6vt2pSaCD39djsFYQSXrZP2/ZYN/IqsA0=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1716303761; c=relaxed/simple;
	bh=TrukoGqXcpRIafRLbSMOzVg8Pdtim25TWLGDNcDwlYM=;
	h=Mime-Version:Content-Type:Date:Message-Id:Cc:Subject:From:To:
	 References:In-Reply-To; b=O7Y9iVCWNpKxtkC+xEcBb9Q0SZxpqudyP2VoaiMbL5G1XrpFnvFUFDieSYOfMjxQ3PN2MN89vdn8jkasiKadOGsfsYlv0fvb3ha+rs7UKcOWIvSZZcHkw2inMt7qD2mhFbhMb8yGowQ/DFqtCzcmTkXlIqPbkRAsTbJGTGRCcJs=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=TTeC6O+M; arc=none smtp.client-ip=10.30.226.201
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 86518C2BD11;
	Tue, 21 May 2024 15:02:38 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1716303761;
	bh=TrukoGqXcpRIafRLbSMOzVg8Pdtim25TWLGDNcDwlYM=;
	h=Date:Cc:Subject:From:To:References:In-Reply-To:From;
	b=TTeC6O+MOwWsJyFkTSAWYQR3ts/39okiVETpfCzMBPNEws3YSZkpAzN1i7QcBfS1e
	 /tyAIM/as55a9TkHc3CRyKmib9hpup6BnKCrR+8f73XbPI8c0kwLJa8AqyLp6tn7wx
	 AKn5so2ZgrtfKDdbeXJRUV6knoxNI+jwkNLSTELBYIFmvqY8UxJZ+qaGVzqImEjKkZ
	 efcDmBmm9V6FQgLWtwdIw7jPpu3JsMyeR2jMCudktlYKzcC31HdiSUqMcaUbvJZU/A
	 ZpZSeI1L10ZCFoCNi5KOZDfo9J3oV3OW9NPF/JFV1pK11jA4WOYAh3iBvsbUehiV7K
	 QjNWXbRHnWe1Q==
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
Mime-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=UTF-8
Date: Tue, 21 May 2024 18:02:36 +0300
Message-Id: <D1FEWL5L476W.14JEX8FGU79V5@kernel.org>
Cc: <keyrings@vger.kernel.org>, "Peter Huewe" <peterhuewe@gmx.de>, "Jason
 Gunthorpe" <jgg@ziepe.ca>, "Mimi Zohar" <zohar@linux.ibm.com>, "David
 Howells" <dhowells@redhat.com>, "Paul Moore" <paul@paul-moore.com>, "James
 Morris" <jmorris@namei.org>, "Serge E. Hallyn" <serge@hallyn.com>,
 <linux-kernel@vger.kernel.org>, <linux-security-module@vger.kernel.org>
Subject: Re: [PATCH] tpm: enable HMAC encryption for only x86-64 and aarch64
From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "James Bottomley" <James.Bottomley@HansenPartnership.com>,
 <linux-integrity@vger.kernel.org>
X-Mailer: aerc 0.17.0
References: <20240521130921.15028-1-jarkko@kernel.org>
 <236606947b691049c650bdf82c37324084662147.camel@HansenPartnership.com>
 <D1FDMULT5YRK.GZOPJ9FZ325R@kernel.org>
 <854fa2e1634eb116b979dab499243e40917c637c.camel@HansenPartnership.com>
 <D1FE58VX0KL4.70F6U9Y6HPQC@kernel.org>
 <D1FEC6TB7660.2XD9X21W46X7V@kernel.org>
 <0da89df455617f4dc1c7fdb8890e3219cfce4f7b.camel@HansenPartnership.com>
In-Reply-To: <0da89df455617f4dc1c7fdb8890e3219cfce4f7b.camel@HansenPartnership.com>

On Tue May 21, 2024 at 5:56 PM EEST, James Bottomley wrote:
> On Tue, 2024-05-21 at 17:35 +0300, Jarkko Sakkinen wrote:
> > On Tue May 21, 2024 at 5:26 PM EEST, Jarkko Sakkinen wrote:
> > > On Tue May 21, 2024 at 5:13 PM EEST, James Bottomley wrote:
> > > > On Tue, 2024-05-21 at 17:02 +0300, Jarkko Sakkinen wrote:
> > > > > Secondly, it also roots to the null key if a parent is not
> > > > > given. So it covers all the basic features of the HMAC patch
> > > > > set.
> > > >=20
> > > > I don't think that can work.=C2=A0 The key file would be wrapped to
> > > > the parent and the null seed (and hence the wrapping) changes
> > > > with every reboot.=C2=A0 If you want a permanent key, it has to be =
in
> > > > one of the accessible permanent hierarchies (storage ideally or
> > > > endorsement).
> > >=20
> > > I'm fully aware that null seed is randomized per power cycle.
>
> OK, as long as this gets documented, I'm OK with it
>
> > > The fallback was inherited from James Prestwood's original code and
> > > I decided to keep it as a testing feature, and also to test HMAC
> > > changes.
> > >=20
> > > If you look at the testing transcript in the cover letter, it
> > > should beobvious that a primary key is created in my basic test.
> >=20
> > I think what could be done to it in v3 would be to return -EOPNOTSUPP
> > if parent is not defined. I.e. rationale here is that this way the
> > empty option is still usable for something in future kernel releases.
>
> You can absolutely have null derived parent keys (I use them for
> testing as well).  However, the spec says the parent handle in that
> case should be TPM_RH_NULL (i.e. 0x40000007) not zero:
>
> https://www.hansenpartnership.com/draft-bottomley-tpm2-keys.html#name-par=
ent

Yep. I somehow recalled that it replaced 0x0 with RH_NULL but it
actually checked whether the handle is RH_NULL and then loaded
the null key if that was the case.

BR, Jarkko