[prev in list] [next in list] [prev in thread] [next in thread]
List: linux-keyrings
Subject: Re: [PATCH v4 09/13] tpm: add hmac checks to tpm2_pcr_extend()
From: Jarkko Sakkinen <jarkko () kernel ! org>
Date: 2023-04-23 5:32:20
Message-ID: 3dd2e6924de435f28a20f0054f710ac83fb093b6.camel () kernel ! org
[Download RAW message or body]
On Mon, 2023-04-03 at 17:39 -0400, James Bottomley wrote:
> tpm2_pcr_extend() is used by trusted keys to extend a PCR to prevent a
> key from being re-loaded until the next reboot. To use this
> functionality securely, that extend must be protected by a session
> hmac. This patch adds HMAC protection so tampering with the
> tpm2_pcr_extend() command in flight is detected.
>
> Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
What the heck is "check"?
The code change adds hmac pipeline for the command.
I get the code change but the description is misleading as this
does more than just add a check.
> ---
> drivers/char/tpm/tpm2-cmd.c | 27 ++++++++++-----------------
> 1 file changed, 10 insertions(+), 17 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index b0e72fb563d9..a53a843294ed 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -216,13 +216,6 @@ int tpm2_pcr_read(struct tpm_chip *chip, u32 pcr_idx,
> return rc;
> }
>
> -struct tpm2_null_auth_area {
> - __be32 handle;
> - __be16 nonce_size;
> - u8 attributes;
> - __be16 auth_size;
> -} __packed;
> -
> /**
> * tpm2_pcr_extend() - extend a PCR value
> *
> @@ -236,24 +229,22 @@ int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
> struct tpm_digest *digests)
> {
> struct tpm_buf buf;
> - struct tpm2_null_auth_area auth_area;
> int rc;
> int i;
>
> - rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
> + rc = tpm2_start_auth_session(chip);
> if (rc)
> return rc;
>
> - tpm_buf_append_u32(&buf, pcr_idx);
> + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
> + if (rc) {
> + tpm2_end_auth_session(chip);
> + return rc;
> + }
>
> - auth_area.handle = cpu_to_be32(TPM2_RS_PW);
> - auth_area.nonce_size = 0;
> - auth_area.attributes = 0;
> - auth_area.auth_size = 0;
> + tpm_buf_append_name(chip, &buf, pcr_idx, NULL);
> + tpm_buf_append_hmac_session(chip, &buf, 0, NULL, 0);
>
> - tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
> - tpm_buf_append(&buf, (const unsigned char *)&auth_area,
> - sizeof(auth_area));
> tpm_buf_append_u32(&buf, chip->nr_allocated_banks);
>
> for (i = 0; i < chip->nr_allocated_banks; i++) {
> @@ -262,7 +253,9 @@ int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx,
> chip->allocated_banks[i].digest_size);
> }
>
> + tpm_buf_fill_hmac_session(chip, &buf);
> rc = tpm_transmit_cmd(chip, &buf, 0, "attempting extend a PCR value");
> + rc = tpm_buf_check_hmac_response(chip, &buf, rc);
>
> tpm_buf_destroy(&buf);
>
BR, Jarkko
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic