lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ae012b83-af66-6dfe-6131-e08507c3372e@huawei.com>
Date:   Thu, 13 Dec 2018 08:57:17 +0100
From:   Roberto Sassu <roberto.sassu@...wei.com>
To:     Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
CC:     <zohar@...ux.ibm.com>, <david.safford@...com>,
        <monty.wiseman@...com>, <linux-integrity@...r.kernel.org>,
        <linux-security-module@...r.kernel.org>,
        <linux-kernel@...r.kernel.org>, <silviu.vlasceanu@...wei.com>
Subject: Re: [PATCH v6 7/7] tpm: pass an array of tpm_bank_list structures to
 tpm_pcr_extend()

On 12/12/2018 7:27 PM, Jarkko Sakkinen wrote:
> On Thu, Dec 06, 2018 at 07:38:30PM +0100, Roberto Sassu wrote:
>> On 12/5/2018 1:14 AM, Jarkko Sakkinen wrote:
>>> On Tue, Dec 04, 2018 at 09:21:38AM +0100, Roberto Sassu wrote:
>>>> The new tpm_bank_list structure has been preferred to the tpm_digest
>>>> structure, to let the caller specify the size of the digest (which may be
>>>> unknown to the TPM driver).
>>>
>>> Why is that? Didn't previous commit query these?
>>
>> Since the TPM driver pads/truncates the first digest passed by the
>> caller to extend PCRs for which no digest was provided, it must know
>> which amount of data it can use. It is possible that the algorithm of
>> the first digest is unknown for the TPM driver, if the caller of
>> tpm_pcr_extend() didn't check chip->allocated_banks.
>>
>> By requiring that the caller passes also the digest size, this problem
>> does not arise. It seems reasonable to me to pass this information, as
>> the caller calculated the digest and it should know the digest size.
> 
> OK. I noticed something other things that look to alarming:
> 
> 1. The function does not fail if alg_id is not found. This will go
>     silent.

It is intentional. If alg_id is not found, the PCR is extended with the
first digest passed by the caller of tpm_pcr_extend(). If no digest was
provided, the PCR is extended with 0s. This is done to prevent that
PCRs in unused banks are extended later with fake measurements.


> 2. The function does not fail if there is a mismatch with the digest
>     sizes.

The data passed by the caller of tpm_pcr_extend() is copied to
dummy_hash, which has the maximum length. Then, tpm2_pcr_extend() takes
from dummy_hash as many bytes as needed, depending on the current
algorithm.

Roberto


> /Jarkko
> 

-- 
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Bo PENG, Jian LI, Yanli SHI

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ