Re: [Xen-devel] [PATCH 11/12] vTPM/TPM2: Bind group keys and sectors data on disk

["Xu, Quan" <quan.xu@xxxxxxxxx>]

> -----Original Message-----
> From: Daniel De Graaf [mailto:dgdegra@xxxxxxxxxxxxx]
> Sent: Monday, December 15, 2014 11:56 PM
> To: Xu, Quan; xen-devel@xxxxxxxxxxxxx
> Cc: stefano.stabellini@xxxxxxxxxxxxx; samuel.thibault@xxxxxxxxxxxx
> Subject: Re: [PATCH 11/12] vTPM/TPM2: Bind group keys and sectors data
> on disk
> 
> On 12/14/2014 07:09 AM, Quan Xu wrote:
> [...]
> > +        /*TPM 2.0 bind | TPM 1.x seal*/
> > +        if (hw_is_tpm2()) {
> > +            TPM2_disk_bind(dst, &sblob, sizeof(sblob));
> > +        } else {
> > +            dst->pcr_selection = src->seals[i].pcr_selection;
> > +            memcpy(&dst->digest_release, &src->seals[i].digest_release,
> 20);
> > +            TPM_pcr_digest(&dst->digest_at_seal, dst->pcr_selection);
> > +            TPM_disk_seal(dst, &sblob, sizeof(sblob));
> > +        }
> 
> It appears that the secrets for the vTPMs are only being bound to the
> presence of the physical TPM and not the measurements of the hypervisor
> and other TCB components.  This does not provide as much security as it
> did for TPM 1.2: an attacker with access to the boot disk can boot into a
> compromised environment and extract the vTPM keys and disk images.
> 
Agree with it.
I will bind more information, such as measurements of the hypervisor and other 
TCB components
In next version.


> The TPM2_Create/TPM2_Unseal operations should be capable of performing
> the same functionality.  If only SHA1 PCRs are used, they should be able to
> be drop-in replacements, but supporting other hash algorithms may be a
> feature that users who have a TPM2 will want.
> 
Interesting:)..
I will continue to develop and maintain vTPM on TPM 2.0. Make it stable and 
robust.

> --
> Daniel De Graaf
> National Security Agency


Intel
Quan Xu

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel