Thanks Mimi for giving insight. Suppose I generate both master and evm-key (both are symmetric keys as per my understanding) and save them in trustzone protected area. Everytime kernel boots a driver reads these keys and loads in appropriate keyring. Will this be correct approach.
Because it is an existing product, TPM addition is almost impossible however I have requested team to consider including in next version of the product.
On Mon, Jul 30, 2018 at 6:05 AM, Mimi Zohar <zohar@xxxxxxxxxxxxx> wrote:
[Cc'ing James Bottomley]
On Sun, 2018-07-29 at 23:46 +0530, rishi gupta wrote:
> Hi Integrity team,
>
> IMA is working fine in our embedded linux product and now we are trying to
> implement EVM. Our system does not have TPM but have trustzone and crypto
> engine. My question is:
>
> 1. What is the standard practice to generate and load evm-key in systems
> that does not have TPM.
TPMs are really cheap. Convince your product group to include a TPM?
"encrypted" keys can be decrypted either by a "trusted" or a "user"
type key, but the latter is not considered safe and should be limited
to test environments.
Udit Agarwal recently suggested defining a new key type named "secure"
keys, but didn't explain what made them secure. The "secure" key type
was limited to CAAM.
> 2. Suppose we have an encrypted key which has been decrypted and loaded in
> kernel. Isn't it an attacker can analyse RAM and get the evm-key. Am I
> missing something here.
No, what you're saying is true. In a secure, locked down environment
analyzing kernel memory (should still) requires root privileges.
Mimi
