[PATCH v4 0/7] add integrity and security to TPM2 transactions

Ken Goldman kgold at linux.ibm.com
Mon Oct 22 15:50:33 UTC 2018


On 10/22/2018 10:18 AM, James Bottomley wrote:
>> 1 - Any policy that requires a password (policypassword) can
>> substitute
>> an HMAC (policyauthvalue) at the callers discretion.  They result
>> in the same policy digest.
> Right but this requires the co-operation of the policy handle creator,
> so it's an API change.
> 

In case it wasn't clear:  The choice is not made at the time the
policy is calculated, nor is it made at startauthsession (when
the policy is created).

The choice is made when the policy is being satisfied.

policypassword tells the TPM to expect a plaintext password, while
policyauthvalue tells the TPM to expect an HMAC.

It's subtle that either policy command results in the same policy
digest.



More information about the Linux-security-module-archive mailing list