Re: [PATCH 1/3] tpm: Disable TCG_TPM2_HMAC by default
From: "Jarkko Sakkinen" <jarkko@kernel.org>
Date: 2024-05-28 01:07:25
Also in:
keyrings, linux-integrity, lkml
On Tue May 28, 2024 at 4:04 AM EEST, Jarkko Sakkinen wrote:
On Tue May 28, 2024 at 2:44 AM EEST, James Bottomley wrote:quoted
On Tue, 2024-05-28 at 02:17 +0300, Jarkko Sakkinen wrote:quoted
On Tue May 28, 2024 at 12:36 AM EEST, James Bottomley wrote:quoted
On Mon, 2024-05-27 at 22:53 +0300, Jarkko Sakkinen wrote:quoted
On Mon May 27, 2024 at 8:57 PM EEST, James Bottomley wrote:quoted
On Mon, 2024-05-27 at 18:34 +0300, Jarkko Sakkinen wrote:[...]quoted
quoted
quoted
While looking at code I started to wanted what was the reasoning for adding *undocumented* "TPM2_OA_TMPL" in include/linux/tpm.h.It should really be in tpm2-sessions.c and named something like TPM2_NULL_KEY_OA or similar.Well, because you asked for it. I originally had all the flags spelled out and I'm not a fan of this obscurity, but you have to do stuff like this to get patches accepted: https://lore.kernel.org/linux-integrity/CZCKTWU6ZCC9.2UTEQPEVICYHL@suppilovahvero/ (local)I still think the constant does make sense.I'm not so sure. The TCG simply defines it as a collection of flags and every TPM tool set I've seen simply uses a list of flags as well. The original design was that the template would be in this one place and everything else would call into it. I think the reason all template construction looks similar is for ease of auditing (it's easy to get things, particularly the flags, wrong). If it only has one use case, it should be spelled out but if someone else would use it then it should be in the tpm.h shared header.It is used only in tpm2-sessions.c and for the null key so there it should be. And it is also lacking the associated documentation. Now both name and context it is used is lost.The comment above the whole thing says what it is and where it comes from: /* * create the template. Note: in order for userspace to * verify the security of the system, it will have to create * and certify this NULL primary, meaning all the template * parameters will have to be identical, so conform exactly to * the TCG TPM v2.0 Provisioning Guidance for the SRK ECC * key H template (H has zero size unique points) */ If we put the broken out flags back it's all fully documented.Not the most productive conclusion when refusing to follow properly a trivial request in the review feedback tbh.
In any case this particular constant can be revisited when otherwise changes happen in the area. It is what it is for the time being. I just need to use more strict and dense filter when check the patch revisions next time. BR, Jarkko