Re: [PATCH 3/9] security: keys: trusted: Parse out individual components of... | linux-pm

[PATCH 0/9] Enable hibernation when Lockdown is enabled · Matthew Garrett <hidden> · 2021-02-20
[PATCH 1/9] tpm: Add support for in-kernel resetting of PCRs · Matthew Garrett <hidden> · 2021-02-20
Re: [PATCH 1/9] tpm: Add support for in-kernel resetting of PCRs · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-20
[PATCH 2/9] tpm: Allow PCR 23 to be restricted to kernel-only use · Matthew Garrett <hidden> · 2021-02-20
Re: [PATCH 2/9] tpm: Allow PCR 23 to be restricted to kernel-only use · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-20
Re: [PATCH 2/9] tpm: Allow PCR 23 to be restricted to kernel-only use · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-24
Re: [PATCH 2/9] tpm: Allow PCR 23 to be restricted to kernel-only use · James Bottomley <hidden> · 2021-02-24
Re: [PATCH 2/9] tpm: Allow PCR 23 to be restricted to kernel-only use · Matthew Garrett <mjg59@srcf.ucam.org> · 2021-02-28
[PATCH 3/9] security: keys: trusted: Parse out individual components of the key blob · Matthew Garrett <hidden> · 2021-02-20
Re: [PATCH 3/9] security: keys: trusted: Parse out individual components of the key blob · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-20
Re: [PATCH 3/9] security: keys: trusted: Parse out individual components of the key blob · Matthew Garrett <mjg59@srcf.ucam.org> · 2021-02-22
Re: [PATCH 3/9] security: keys: trusted: Parse out individual components of the key blob · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-24
[PATCH 4/9] security: keys: trusted: Store the handle of a loaded key · Matthew Garrett <hidden> · 2021-02-20
Re: [PATCH 4/9] security: keys: trusted: Store the handle of a loaded key · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-20
[PATCH 5/9] security: keys: trusted: Allow storage of PCR values in creation data · Matthew Garrett <hidden> · 2021-02-20
Re: [PATCH 5/9] security: keys: trusted: Allow storage of PCR values in creation data · Jarkko Sakkinen <jarkko@kernel.org> · 2021-02-20
Re: [PATCH 5/9] security: keys: trusted: Allow storage of PCR values in creation data · Ben Boeckel <hidden> · 2021-02-21
Re: [PATCH 5/9] security: keys: trusted: Allow storage of PCR values in creation data · Matthew Garrett <mjg59@srcf.ucam.org> · 2021-02-22
[PATCH 6/9] pm: hibernate: Optionally store and verify a hash of the image · Matthew Garrett <hidden> · 2021-02-20
Re: [PATCH 6/9] pm: hibernate: Optionally store and verify a hash of the image · Evan Green <hidden> · 2021-05-05
[PATCH 7/9] pm: hibernate: Optionally use TPM-backed keys to protect image integrity · Matthew Garrett <hidden> · 2021-02-20
Re: [PATCH 7/9] pm: hibernate: Optionally use TPM-backed keys to protect image integrity · Randy Dunlap <hidden> · 2021-02-20
Re: [PATCH 7/9] pm: hibernate: Optionally use TPM-backed keys to protect image integrity · Matthew Garrett <mjg59@srcf.ucam.org> · 2021-02-22
[PATCH 8/9] pm: hibernate: Verify the digest encryption key · Matthew Garrett <hidden> · 2021-02-20
[PATCH 9/9] pm: hibernate: seal the encryption key with a PCR policy · Matthew Garrett <hidden> · 2021-02-20
Re: [PATCH 0/9] Enable hibernation when Lockdown is enabled · Evan Green <hidden> · 2021-05-04
Re: [PATCH 0/9] Enable hibernation when Lockdown is enabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-05-05
Re: [PATCH 0/9] Enable hibernation when Lockdown is enabled · Jarkko Sakkinen <jarkko@kernel.org> · 2021-05-05
Re: [PATCH 0/9] Enable hibernation when Lockdown is enabled · Evan Green <hidden> · 2021-05-05

Re: [PATCH 3/9] security: keys: trusted: Parse out individual components of the key blob

From: Jarkko Sakkinen <jarkko@kernel.org>
Date: 2021-02-20 03:06:35
Also in: keyrings, linux-integrity, lkml

On Sat, Feb 20, 2021 at 01:32:49AM +0000, Matthew Garrett wrote:

Performing any sort of state validation of a sealed TPM blob requires
being able to access the individual members in the response. Parse the
blob sufficiently to be able to stash pointers to each member, along
with the length.

Signed-off-by: Matthew Garrett <redacted>

I'll just say LGTM for now. Did not see anything obviously wrong in
the code change (and does make sense to nitpick minor things just
yet).

Need to understand the whole use case just a little bit better.

/Jarkko

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help