lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 24 Jan 2017 13:59:37 +0200 From: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com> To: Nayna <nayna@...ux.vnet.ibm.com> Cc: tpmdd-devel@...ts.sourceforge.net, peterhuewe@....de, tpmdd@...horst.net, jgunthorpe@...idianresearch.com, linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks On Mon, Jan 23, 2017 at 10:11:48PM +0530, Nayna wrote: > > > On 01/23/2017 08:49 PM, Jarkko Sakkinen wrote: > > On Fri, Jan 20, 2017 at 12:05:13PM -0500, Nayna Jain wrote: > > > The current TPM 2.0 device driver extends only the SHA1 PCR bank > > > but the TCG Specification[1] recommends extending all active PCR > > > banks, to prevent malicious users from setting unused PCR banks with > > > fake measurements and quoting them. > > > > > > The existing in-kernel interface(tpm_pcr_extend()) expects only a > > > SHA1 digest. To extend all active PCR banks with differing > > > digest sizes, the SHA1 digest is padded with trailing 0's as needed. > > > > > > This patch reuses the defined digest sizes from the crypto subsystem, > > > adding a dependency on CRYPTO_HASH_INFO module. > > > > > > [1] TPM 2.0 Specification referred here is "TCG PC Client Specific > > > Platform Firmware Profile for TPM 2.0" > > > > > > Signed-off-by: Nayna Jain <nayna@...ux.vnet.ibm.com> > > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com> > > > --- > > > drivers/char/tpm/Kconfig | 1 + > > > drivers/char/tpm/tpm-interface.c | 15 ++++++- > > > drivers/char/tpm/tpm.h | 3 +- > > > drivers/char/tpm/tpm2-cmd.c | 91 +++++++++++++++++++++------------------- > > > drivers/char/tpm/tpm_eventlog.h | 7 ++++ > > > 5 files changed, 73 insertions(+), 44 deletions(-) > > > > > > diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig > > > index 277186d..af985cc 100644 > > > --- a/drivers/char/tpm/Kconfig > > > +++ b/drivers/char/tpm/Kconfig > > > @@ -6,6 +6,7 @@ menuconfig TCG_TPM > > > tristate "TPM Hardware Support" > > > depends on HAS_IOMEM > > > select SECURITYFS > > > + select CRYPTO_HASH_INFO > > > ---help--- > > > If you have a TPM security chip in your system, which > > > implements the Trusted Computing Group's specification, > > > diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c > > > index a3461cb..cf959c3 100644 > > > --- a/drivers/char/tpm/tpm-interface.c > > > +++ b/drivers/char/tpm/tpm-interface.c > > > @@ -772,13 +772,26 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash) > > > struct tpm_cmd_t cmd; > > > int rc; > > > struct tpm_chip *chip; > > > + int max_active_banks = ARRAY_SIZE(chip->active_banks); > > > + struct tpm2_digest digest_list[max_active_banks]; > > > + u32 count = 0; > > > + int i; > > > > > > chip = tpm_chip_find_get(chip_num); > > > if (chip == NULL) > > > return -ENODEV; > > > > > > if (chip->flags & TPM_CHIP_FLAG_TPM2) { > > > - rc = tpm2_pcr_extend(chip, pcr_idx, hash); > > > + memset(digest_list, 0, sizeof(digest_list)); > > > + > > > + for (i = 0; (chip->active_banks[i] != TPM2_ALG_ERROR) && > > > + (i < max_active_banks); i++) { > > > + digest_list[i].alg_id = chip->active_banks[i]; > > > + memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE); > > > + count++; > > > + } > > > + > > > + rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list); > > > tpm_put_ops(chip); > > > return rc; > > > } > > > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h > > > index c291f19..07a0677 100644 > > > --- a/drivers/char/tpm/tpm.h > > > +++ b/drivers/char/tpm/tpm.h > > > @@ -534,7 +534,8 @@ static inline void tpm_add_ppi(struct tpm_chip *chip) > > > #endif > > > > > > int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf); > > > -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash); > > > +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, > > > + struct tpm2_digest *digests); > > > int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max); > > > int tpm2_seal_trusted(struct tpm_chip *chip, > > > struct trusted_key_payload *payload, > > > diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c > > > index 0e000a3..d78adb8 100644 > > > --- a/drivers/char/tpm/tpm2-cmd.c > > > +++ b/drivers/char/tpm/tpm2-cmd.c > > > @@ -53,22 +53,6 @@ struct tpm2_pcr_read_out { > > > u8 digest[TPM_DIGEST_SIZE]; > > > } __packed; > > > > > > -struct tpm2_null_auth_area { > > > - __be32 handle; > > > - __be16 nonce_size; > > > - u8 attributes; > > > - __be16 auth_size; > > > -} __packed; > > > - > > > -struct tpm2_pcr_extend_in { > > > - __be32 pcr_idx; > > > - __be32 auth_area_size; > > > - struct tpm2_null_auth_area auth_area; > > > - __be32 digest_cnt; > > > - __be16 hash_alg; > > > - u8 digest[TPM_DIGEST_SIZE]; > > > -} __packed; > > > - > > > struct tpm2_get_tpm_pt_in { > > > __be32 cap_id; > > > __be32 property_id; > > > @@ -97,7 +81,6 @@ union tpm2_cmd_params { > > > struct tpm2_self_test_in selftest_in; > > > struct tpm2_pcr_read_in pcrread_in; > > > struct tpm2_pcr_read_out pcrread_out; > > > - struct tpm2_pcr_extend_in pcrextend_in; > > > struct tpm2_get_tpm_pt_in get_tpm_pt_in; > > > struct tpm2_get_tpm_pt_out get_tpm_pt_out; > > > struct tpm2_get_random_in getrandom_in; > > > @@ -290,46 +273,68 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) > > > return rc; > > > } > > > > > > -#define TPM2_GET_PCREXTEND_IN_SIZE \ > > > - (sizeof(struct tpm_input_header) + \ > > > - sizeof(struct tpm2_pcr_extend_in)) > > > - > > > -static const struct tpm_input_header tpm2_pcrextend_header = { > > > - .tag = cpu_to_be16(TPM2_ST_SESSIONS), > > > - .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE), > > > - .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND) > > > -}; > > > +struct tpm2_null_auth_area { > > > + __be32 handle; > > > + __be16 nonce_size; > > > + u8 attributes; > > > + __be16 auth_size; > > > +} __packed; > > > > > > /** > > > * tpm2_pcr_extend() - extend a PCR value > > > * > > > * @chip: TPM chip to use. > > > * @pcr_idx: index of the PCR. > > > - * @hash: hash value to use for the extend operation. > > > + * @count: number of digests passed. > > > + * @digests: list of pcr banks and corresponding digest values to extend. > > > * > > > * Return: Same as with tpm_transmit_cmd. > > > */ > > > -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash) > > > +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, > > > + struct tpm2_digest *digests) > > > { > > > - struct tpm2_cmd cmd; > > > + struct tpm_buf buf; > > > + struct tpm2_null_auth_area auth_area; > > > int rc; > > > + int i; > > > + int j; > > > + > > > + if (count > ARRAY_SIZE(chip->active_banks)) > > > + return -EINVAL; > > > > > > - cmd.header.in = tpm2_pcrextend_header; > > > - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx); > > > - cmd.params.pcrextend_in.auth_area_size = > > > - cpu_to_be32(sizeof(struct tpm2_null_auth_area)); > > > - cmd.params.pcrextend_in.auth_area.handle = > > > - cpu_to_be32(TPM2_RS_PW); > > > - cmd.params.pcrextend_in.auth_area.nonce_size = 0; > > > - cmd.params.pcrextend_in.auth_area.attributes = 0; > > > - cmd.params.pcrextend_in.auth_area.auth_size = 0; > > > - cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1); > > > - cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1); > > > - memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE); > > > + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND); > > > + if (rc) > > > + return rc; > > > > > > - rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0, > > > + tpm_buf_append_u32(&buf, pcr_idx); > > > + > > > + auth_area.handle = cpu_to_be32(TPM2_RS_PW); > > > + auth_area.nonce_size = 0; > > > + auth_area.attributes = 0; > > > + auth_area.auth_size = 0; > > > + > > > + tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area)); > > > + tpm_buf_append(&buf, (const unsigned char *)&auth_area, > > > + sizeof(auth_area)); > > > + tpm_buf_append_u32(&buf, count); > > > + > > > + for (i = 0; i < count; i++) { > > > + for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) { > > > + if (digests[i].alg_id != tpm2_hash_map[j].tpm_id) > > > + continue; > > > + > > > + tpm_buf_append_u16(&buf, digests[i].alg_id); > > > + tpm_buf_append(&buf, (const unsigned char > > > + *)&digests[i].digest, > > > + hash_digest_size[tpm2_hash_map[j].crypto_id]); > > > + } > > > + } > > > + > > > + rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0, > > > "attempting extend a PCR value"); > > > > > > + tpm_buf_destroy(&buf); > > > + > > > return rc; > > > } > > > > > > @@ -993,6 +998,8 @@ int tpm2_auto_startup(struct tpm_chip *chip) > > > } > > > } > > > > > > + rc = tpm2_get_pcr_allocation(chip); > > > + > > > out: > > > if (rc > 0) > > > rc = -ENODEV; > > > diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h > > > index 1660d74..b5ae372 100644 > > > --- a/drivers/char/tpm/tpm_eventlog.h > > > +++ b/drivers/char/tpm/tpm_eventlog.h > > > @@ -2,6 +2,8 @@ > > > #ifndef __TPM_EVENTLOG_H__ > > > #define __TPM_EVENTLOG_H__ > > > > > > +#include <crypto/hash_info.h> > > > + > > > #define TCG_EVENT_NAME_LEN_MAX 255 > > > #define MAX_TEXT_EVENT 1000 /* Max event string length */ > > > #define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */ > > > @@ -73,6 +75,11 @@ enum tcpa_pc_event_ids { > > > HOST_TABLE_OF_DEVICES, > > > }; > > > > > > +struct tpm2_digest { > > > + u16 alg_id; > > > + u8 digest[SHA512_DIGEST_SIZE]; > > > +} __packed; > > > > Shouldn't this be in tpm.h? > > This is a struct common for TPM 2.0 extend and eventlog structure i.e > struct tcg_pcr_event2. > And so I preferred to place it here. > If it is common, why is it in tpm_eventlog.h and not in tpm.h? > Thanks & Regards, > - Nayna /Jarkko
Powered by blists - more mailing lists