← Back to context

Comment by angry_octet

15 hours ago

Better implemented as another user space process than in the kernel.

10 comments

angry_octet

Reply

eqvinox 15 hours ago

You can't access TPMs that way.

angry_octet 14 hours ago
Most of the Linux kernel crypto is not touching the TPM. If there is a TPM task, only that code should be in kernel, and it should be accessed from user space by a process with the appropriate token.
- eqvinox 14 hours ago
  
  Yes, AF_ALG is exposing too many things, like authencesn, which has zero reason for being userspace accessible. It's a crypto mode specific to IPsec.
  However,
  > it should be accessed from user space by a process with the appropriate token.
  That is AF_ALG. The operations it offers are what you need for full coverage. The issues with it are two:
  - usage specific crypto in the kernel implements the same interfaces, and it doesn't have a filter for that, as mentioned above. It's not offering too many operations, it's offering too many algorithms.
  - it's trying to be fast. I guess people also want to use crypto accelerators through it. (Which is kinda related to TPMs, there is accelerator hardware with built-in protected key storage...)
  The CVE we're looking at here is in the intersection of both of these.
  
  4 replies →
kasabali 12 hours ago
Good
- eqvinox 7 hours ago
  
  Cheesecake
  Now, is your comment contributing more to this discussion, or mine?
wetpaws 15 hours ago

[dead]