lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 15 May 2017 16:22:22 +0200
From:   Roberto Sassu <roberto.sassu@...wei.com>
To:     Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
CC:     <tpmdd-devel@...ts.sourceforge.net>,
        <linux-ima-devel@...ts.sourceforge.net>,
        <linux-security-module@...r.kernel.org>,
        <keyrings@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH v2 2/5] tpm: introduce tpm_pcr_algo_to_crypto() and
 tpm_pcr_algo_from_crypto()

On 5/15/2017 1:16 PM, Jarkko Sakkinen wrote:
> On Fri, May 05, 2017 at 04:21:49PM +0200, Roberto Sassu wrote:
>> tpm_pcr_algorithms() returns to its callers the IDs of the hash algorithms
>> supported by the TPM. This patch introduces tpm_pcr_algo_to_crypto(),
>> so that the callers can use the crypto subsystem to calculate the digest
>> to be passed to tpm_pcr_extend().
>>
>> tpm_pcr_algo_from_crypto(), implemented for completeness, is instead used
>
> What do you mean by completeness? Please, never add unused stuff.
>
>> by tpm2_seal_trusted() to perform the opposite conversion.
>>
>> Signed-off-by: Roberto Sassu <roberto.sassu@...wei.com>
>> ---
>> v2
>>
>> - fixed return values of tpm2_pcr_algo_to_crypto() and
>>   tpm2_pcr_algo_from_crypto() if TPM support is disabled in the kernel
>
> Change Log only to the cover letter.
>
>>  drivers/char/tpm/tpm-interface.c | 51 ++++++++++++++++++++++++++++++++++++++++
>>  drivers/char/tpm/tpm2-cmd.c      | 42 +++++++++------------------------
>>  include/linux/tpm.h              | 13 ++++++++++
>>  3 files changed, 75 insertions(+), 31 deletions(-)
>
> This commit is just deadly wrong in so many ways.
>
> I would suggest to make extend always just take crypto ID in so you
> don't have to add these bizarre conversion functions.

The reason of this choice (as I explained in the cover letter)
is that TPM users might want to produce an event log with
the TCG format (which includes the TPM algorithm ID). Also,
TPM IDs should be preferred because, with them, TPM users
can calculate a digest directly with the TPM.

Taking crypto IDs means relying on the fact that there
is always a mapping between TPM IDs and crypto IDs.
Otherwise, tpm_pcr_algorithms() cannot return the algorithms
to its callers and PCRs cannot be extended. If TPM IDs are used,
TPM users have two alternatives: calculate the digest with
the TPM, or pass a SHA1 digest to tpm_pcr_extend(), so that
it can be padded to extend remanining PCR banks.

However, this second option will work only when the TPM driver
determines the size of an algorithm without relying on the crypto
subsystem. At the moment, if a TPM ID is not mapped to a crypto ID,
tpm2_pcr_extend() ignores the digest.

Roberto

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ