[v4,2/6] tpm: remove definition of TPM2_ACTIVE_PCR_BANKS

Message ID	20181106150159.1136-3-roberto.sassu@huawei.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <linux-integrity-owner@kernel.org> From: Roberto Sassu <roberto.sassu@huawei.com> To: <jarkko.sakkinen@linux.intel.com>, <zohar@linux.ibm.com> CC: <linux-integrity@vger.kernel.org>, <linux-security-module@vger.kernel.org>, <linux-kernel@vger.kernel.org>, <silviu.vlasceanu@huawei.com>, Roberto Sassu <roberto.sassu@huawei.com> Subject: [PATCH v4 2/6] tpm: remove definition of TPM2_ACTIVE_PCR_BANKS Date: Tue, 6 Nov 2018 16:01:55 +0100 Message-ID: <20181106150159.1136-3-roberto.sassu@huawei.com> In-Reply-To: <20181106150159.1136-1-roberto.sassu@huawei.com> References: <20181106150159.1136-1-roberto.sassu@huawei.com> MIME-Version: 1.0 Content-Type: text/plain Sender: linux-integrity-owner@vger.kernel.org Precedence: bulk
Series	tpm: retrieve digest size of unknown algorithms from TPM \| expand [v4,0/6] tpm: retrieve digest size of unknown algorithms from TPM [v4,1/6] tpm: dynamically allocate active_banks array [v4,2/6] tpm: remove definition of TPM2_ACTIVE_PCR_BANKS [v4,3/6] tpm: rename and export tpm2_digest and tpm2_algorithms [v4,4/6] tpm: modify tpm_pcr_read() definition to pass a TPM hash algorithm [v4,5/6] tpm: retrieve digest size of unknown algorithms with PCR read [v4,6/6] tpm: ensure that the output of PCR read contains the correct digest size

Message ID

20181106150159.1136-3-roberto.sassu@huawei.com (mailing list archive)

State

New, archived

Headers

From: Roberto Sassu <roberto.sassu@huawei.com>
To: <jarkko.sakkinen@linux.intel.com>, <zohar@linux.ibm.com>
CC: <linux-integrity@vger.kernel.org>,
        <linux-security-module@vger.kernel.org>,
        <linux-kernel@vger.kernel.org>, <silviu.vlasceanu@huawei.com>,
        Roberto Sassu <roberto.sassu@huawei.com>
Subject: [PATCH v4 2/6] tpm: remove definition of TPM2_ACTIVE_PCR_BANKS
Date: Tue, 6 Nov 2018 16:01:55 +0100
Message-ID: <20181106150159.1136-3-roberto.sassu@huawei.com>
In-Reply-To: <20181106150159.1136-1-roberto.sassu@huawei.com>
References: <20181106150159.1136-1-roberto.sassu@huawei.com>
MIME-Version: 1.0
Content-Type: text/plain
Sender: linux-integrity-owner@vger.kernel.org
Precedence: bulk

Series

tpm: retrieve digest size of unknown algorithms from TPM | expand

Commit Message

Roberto Sassu Nov. 6, 2018, 3:01 p.m. UTC

tcg_efi_specid_event and tcg_pcr_event2 declaration contains static arrays
for a list of hash algorithms used for event logs and event log digests.
However, according to TCG EFI Protocol Specification, these arrays have
variable sizes and are not suitable for parsing events with type casting.

Since declaring static arrays with hard-coded sizes does not help to parse
data after these arrays, this patch removes the declaration of
TPM2_ACTIVE_PCR_BANKS and sets the size of the arrays above to zero.

Fixes: 4d23cc323cdb ("tpm: add securityfs support for TPM 2.0 firmware
event log")

Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
---
 include/linux/tpm_eventlog.h | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

Comments

Jarkko Sakkinen Nov. 8, 2018, 2:02 p.m. UTC | #1

On Tue, Nov 06, 2018 at 04:01:55PM +0100, Roberto Sassu wrote:
> tcg_efi_specid_event and tcg_pcr_event2 declaration contains static arrays
> for a list of hash algorithms used for event logs and event log digests.
> However, according to TCG EFI Protocol Specification, these arrays have
> variable sizes and are not suitable for parsing events with type casting.
> 
> Since declaring static arrays with hard-coded sizes does not help to parse
> data after these arrays, this patch removes the declaration of
> TPM2_ACTIVE_PCR_BANKS and sets the size of the arrays above to zero.
> 
> Fixes: 4d23cc323cdb ("tpm: add securityfs support for TPM 2.0 firmware
> event log")
> 
> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> ---
>  include/linux/tpm_eventlog.h | 5 ++---
>  1 file changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/include/linux/tpm_eventlog.h b/include/linux/tpm_eventlog.h
> index 20d9da77fc11..3d5d162f09cc 100644
> --- a/include/linux/tpm_eventlog.h
> +++ b/include/linux/tpm_eventlog.h
> @@ -8,7 +8,6 @@
>  #define TCG_EVENT_NAME_LEN_MAX	255
>  #define MAX_TEXT_EVENT		1000	/* Max event string length */
>  #define ACPI_TCPA_SIG		"TCPA"	/* 0x41504354 /'TCPA' */
> -#define TPM2_ACTIVE_PCR_BANKS	3
>  
>  #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 0x1
>  #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_2   0x2
> @@ -90,7 +89,7 @@ struct tcg_efi_specid_event {
>  	u8 spec_errata;
>  	u8 uintnsize;
>  	u32 num_algs;
> -	struct tcg_efi_specid_event_algs digest_sizes[TPM2_ACTIVE_PCR_BANKS];
> +	struct tcg_efi_specid_event_algs digest_sizes[0];
>  	u8 vendor_info_size;
>  	u8 vendor_info[0];
>  } __packed;
> @@ -117,7 +116,7 @@ struct tcg_pcr_event2 {
>  	u32 pcr_idx;
>  	u32 event_type;
>  	u32 count;
> -	struct tpm2_digest digests[TPM2_ACTIVE_PCR_BANKS];
> +	struct tpm2_digest digests[0];
>  	struct tcg_event_field event;

Last two fields make sense at least without comment as they overlap.

>  } __packed;
>  
> -- 
> 2.17.1
> 

/Jarkko

Jarkko Sakkinen Nov. 8, 2018, 2:03 p.m. UTC | #2

On Thu, Nov 08, 2018 at 04:02:08PM +0200, Jarkko Sakkinen wrote:
> On Tue, Nov 06, 2018 at 04:01:55PM +0100, Roberto Sassu wrote:
> > tcg_efi_specid_event and tcg_pcr_event2 declaration contains static arrays
> > for a list of hash algorithms used for event logs and event log digests.
> > However, according to TCG EFI Protocol Specification, these arrays have
> > variable sizes and are not suitable for parsing events with type casting.
> > 
> > Since declaring static arrays with hard-coded sizes does not help to parse
> > data after these arrays, this patch removes the declaration of
> > TPM2_ACTIVE_PCR_BANKS and sets the size of the arrays above to zero.
> > 
> > Fixes: 4d23cc323cdb ("tpm: add securityfs support for TPM 2.0 firmware
> > event log")
> > 
> > Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> > ---
> >  include/linux/tpm_eventlog.h | 5 ++---
> >  1 file changed, 2 insertions(+), 3 deletions(-)
> > 
> > diff --git a/include/linux/tpm_eventlog.h b/include/linux/tpm_eventlog.h
> > index 20d9da77fc11..3d5d162f09cc 100644
> > --- a/include/linux/tpm_eventlog.h
> > +++ b/include/linux/tpm_eventlog.h
> > @@ -8,7 +8,6 @@
> >  #define TCG_EVENT_NAME_LEN_MAX	255
> >  #define MAX_TEXT_EVENT		1000	/* Max event string length */
> >  #define ACPI_TCPA_SIG		"TCPA"	/* 0x41504354 /'TCPA' */
> > -#define TPM2_ACTIVE_PCR_BANKS	3
> >  
> >  #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 0x1
> >  #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_2   0x2
> > @@ -90,7 +89,7 @@ struct tcg_efi_specid_event {
> >  	u8 spec_errata;
> >  	u8 uintnsize;
> >  	u32 num_algs;
> > -	struct tcg_efi_specid_event_algs digest_sizes[TPM2_ACTIVE_PCR_BANKS];
> > +	struct tcg_efi_specid_event_algs digest_sizes[0];
> >  	u8 vendor_info_size;
> >  	u8 vendor_info[0];
> >  } __packed;
> > @@ -117,7 +116,7 @@ struct tcg_pcr_event2 {
> >  	u32 pcr_idx;
> >  	u32 event_type;
> >  	u32 count;
> > -	struct tpm2_digest digests[TPM2_ACTIVE_PCR_BANKS];
> > +	struct tpm2_digest digests[0];
> >  	struct tcg_event_field event;
> 
> Last two fields make sense at least without comment as they overlap.

i.e. would be semantically equal to

union {
	struct tpm2_digest digests[0];
	struct tcg_event_field event;
};

/Jarkko

Roberto Sassu Nov. 8, 2018, 2:52 p.m. UTC | #3

On 11/8/2018 3:03 PM, Jarkko Sakkinen wrote:
> On Thu, Nov 08, 2018 at 04:02:08PM +0200, Jarkko Sakkinen wrote:
>> On Tue, Nov 06, 2018 at 04:01:55PM +0100, Roberto Sassu wrote:
>>> tcg_efi_specid_event and tcg_pcr_event2 declaration contains static arrays
>>> for a list of hash algorithms used for event logs and event log digests.
>>> However, according to TCG EFI Protocol Specification, these arrays have
>>> variable sizes and are not suitable for parsing events with type casting.
>>>
>>> Since declaring static arrays with hard-coded sizes does not help to parse
>>> data after these arrays, this patch removes the declaration of
>>> TPM2_ACTIVE_PCR_BANKS and sets the size of the arrays above to zero.
>>>
>>> Fixes: 4d23cc323cdb ("tpm: add securityfs support for TPM 2.0 firmware
>>> event log")
>>>
>>> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
>>> ---
>>>   include/linux/tpm_eventlog.h | 5 ++---
>>>   1 file changed, 2 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/include/linux/tpm_eventlog.h b/include/linux/tpm_eventlog.h
>>> index 20d9da77fc11..3d5d162f09cc 100644
>>> --- a/include/linux/tpm_eventlog.h
>>> +++ b/include/linux/tpm_eventlog.h
>>> @@ -8,7 +8,6 @@
>>>   #define TCG_EVENT_NAME_LEN_MAX	255
>>>   #define MAX_TEXT_EVENT		1000	/* Max event string length */
>>>   #define ACPI_TCPA_SIG		"TCPA"	/* 0x41504354 /'TCPA' */
>>> -#define TPM2_ACTIVE_PCR_BANKS	3
>>>   
>>>   #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 0x1
>>>   #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_2   0x2
>>> @@ -90,7 +89,7 @@ struct tcg_efi_specid_event {
>>>   	u8 spec_errata;
>>>   	u8 uintnsize;
>>>   	u32 num_algs;
>>> -	struct tcg_efi_specid_event_algs digest_sizes[TPM2_ACTIVE_PCR_BANKS];
>>> +	struct tcg_efi_specid_event_algs digest_sizes[0];
>>>   	u8 vendor_info_size;
>>>   	u8 vendor_info[0];
>>>   } __packed;
>>> @@ -117,7 +116,7 @@ struct tcg_pcr_event2 {
>>>   	u32 pcr_idx;
>>>   	u32 event_type;
>>>   	u32 count;
>>> -	struct tpm2_digest digests[TPM2_ACTIVE_PCR_BANKS];
>>> +	struct tpm2_digest digests[0];
>>>   	struct tcg_event_field event;
>>
>> Last two fields make sense at least without comment as they overlap.
> 
> i.e. would be semantically equal to
> 
> union {
> 	struct tpm2_digest digests[0];
> 	struct tcg_event_field event;
> };

I didn't understand. Should I add the union?

Roberto


> /Jarkko
>

Jarkko Sakkinen Nov. 8, 2018, 7:05 p.m. UTC | #4

On Tue, Nov 06, 2018 at 04:01:55PM +0100, Roberto Sassu wrote:
> tcg_efi_specid_event and tcg_pcr_event2 declaration contains static arrays
> for a list of hash algorithms used for event logs and event log digests.
> However, according to TCG EFI Protocol Specification, these arrays have
> variable sizes and are not suitable for parsing events with type casting.
> 
> Since declaring static arrays with hard-coded sizes does not help to parse
> data after these arrays, this patch removes the declaration of
> TPM2_ACTIVE_PCR_BANKS and sets the size of the arrays above to zero.
> 
> Fixes: 4d23cc323cdb ("tpm: add securityfs support for TPM 2.0 firmware
> event log")
> 
> Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
> diff --git a/include/linux/tpm_eventlog.h b/include/linux/tpm_eventlog.h
> index 20d9da77fc11..3d5d162f09cc 100644
> --- a/include/linux/tpm_eventlog.h
> +++ b/include/linux/tpm_eventlog.h
> @@ -8,7 +8,6 @@
>  #define TCG_EVENT_NAME_LEN_MAX	255
>  #define MAX_TEXT_EVENT		1000	/* Max event string length */
>  #define ACPI_TCPA_SIG		"TCPA"	/* 0x41504354 /'TCPA' */
> -#define TPM2_ACTIVE_PCR_BANKS	3
>  
>  #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 0x1
>  #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_2   0x2
> @@ -90,7 +89,7 @@ struct tcg_efi_specid_event {
>  	u8 spec_errata;
>  	u8 uintnsize;
>  	u32 num_algs;
> -	struct tcg_efi_specid_event_algs digest_sizes[TPM2_ACTIVE_PCR_BANKS];
> +	struct tcg_efi_specid_event_algs digest_sizes[0];
>  	u8 vendor_info_size;
>  	u8 vendor_info[0];
>  } __packed;
> @@ -117,7 +116,7 @@ struct tcg_pcr_event2 {
>  	u32 pcr_idx;
>  	u32 event_type;
>  	u32 count;
> -	struct tpm2_digest digests[TPM2_ACTIVE_PCR_BANKS];
> +	struct tpm2_digest digests[0];
>  	struct tcg_event_field event;
>  } __packed;
>  
> -- 
> 2.17.1
> 

I somehow lost your response but what you must do is to explain why is
it OK for last two fields to overlap.

/Jarkko

diff --git a/include/linux/tpm_eventlog.h b/include/linux/tpm_eventlog.h
index 20d9da77fc11..3d5d162f09cc 100644
--- a/include/linux/tpm_eventlog.h
+++ b/include/linux/tpm_eventlog.h
@@ -8,7 +8,6 @@ 
 #define TCG_EVENT_NAME_LEN_MAX	255
 #define MAX_TEXT_EVENT		1000	/* Max event string length */
 #define ACPI_TCPA_SIG		"TCPA"	/* 0x41504354 /'TCPA' */
-#define TPM2_ACTIVE_PCR_BANKS	3
 
 #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 0x1
 #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_2   0x2
@@ -90,7 +89,7 @@  struct tcg_efi_specid_event {
 	u8 spec_errata;
 	u8 uintnsize;
 	u32 num_algs;
-	struct tcg_efi_specid_event_algs digest_sizes[TPM2_ACTIVE_PCR_BANKS];
+	struct tcg_efi_specid_event_algs digest_sizes[0];
 	u8 vendor_info_size;
 	u8 vendor_info[0];
 } __packed;
@@ -117,7 +116,7 @@  struct tcg_pcr_event2 {
 	u32 pcr_idx;
 	u32 event_type;
 	u32 count;
-	struct tpm2_digest digests[TPM2_ACTIVE_PCR_BANKS];
+	struct tpm2_digest digests[0];
 	struct tcg_event_field event;
 } __packed;

[v4,2/6] tpm: remove definition of TPM2_ACTIVE_PCR_BANKS

Commit Message

Comments

Patch