| Message ID | 20181106150159.1136-1-roberto.sassu@huawei.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | tpm: retrieve digest size of unknown algorithms from TPM | expand |
On Tue, Nov 06, 2018 at 04:01:53PM +0100, Roberto Sassu wrote: > The TPM driver currently relies on the crypto subsystem to determine the > digest size of supported TPM algorithms. In the future, TPM vendors might > implement new algorithms in their chips, and those algorithms might not > be supported by the crypto subsystem. > > Usually, vendors provide patches for the new hardware, and likely > the crypto subsystem will be updated before the new algorithm is > introduced. However, old kernels might be updated later, after patches > are included in the mainline kernel. This would leave the opportunity > for attackers to misuse PCRs, as PCR banks with an unknown algorithm > are not extended. > > This patch set provides a long term solution for this issue. If a TPM > algorithm is not known by the crypto subsystem, the TPM driver retrieves > the digest size from the TPM with a PCR read. All the PCR banks are > extended, even if the algorithm is not yet supported by the crypto > subsystem. > > PCR bank information (TPM algorithm ID, digest size, crypto subsystem ID) > is stored in the tpm_chip structure and available for users of the TPM > driver. > > Changelog > > v3: > - remove end marker change > - replace active_banks static array with pointer to dynamic array > - remove TPM2_ACTIVE_PCR_BANKS > > v2: > - change the end marker of the active_banks array > - check digest size from output of PCR read command > - remove count parameter from tpm_pcr_read() and tpm2_pcr_read() > > v1: > - modify definition of tpm_pcr_read() > - move hash algorithms and definition of tpm2_digest to include/linux/tpm.h > > Roberto Sassu (6): > tpm: dynamically allocate active_banks array > tpm: remove definition of TPM2_ACTIVE_PCR_BANKS > tpm: rename and export tpm2_digest and tpm2_algorithms > tpm: modify tpm_pcr_read() definition to pass a TPM hash algorithm > tpm: retrieve digest size of unknown algorithms with PCR read > tpm: ensure that the output of PCR read contains the correct digest > size > > drivers/char/tpm/tpm-chip.c | 1 + > drivers/char/tpm/tpm-interface.c | 34 +++++--- > drivers/char/tpm/tpm.h | 19 ++--- > drivers/char/tpm/tpm2-cmd.c | 115 ++++++++++++++++++++-------- > include/linux/tpm.h | 30 +++++++- > include/linux/tpm_eventlog.h | 12 +-- > security/integrity/ima/ima_crypto.c | 10 +-- > 7 files changed, 145 insertions(+), 76 deletions(-) > > -- > 2.17.1 > You should rebase your series to the latest upstream. /Jarkko
The TPM driver currently relies on the crypto subsystem to determine the digest size of supported TPM algorithms. In the future, TPM vendors might implement new algorithms in their chips, and those algorithms might not be supported by the crypto subsystem. Usually, vendors provide patches for the new hardware, and likely the crypto subsystem will be updated before the new algorithm is introduced. However, old kernels might be updated later, after patches are included in the mainline kernel. This would leave the opportunity for attackers to misuse PCRs, as PCR banks with an unknown algorithm are not extended. This patch set provides a long term solution for this issue. If a TPM algorithm is not known by the crypto subsystem, the TPM driver retrieves the digest size from the TPM with a PCR read. All the PCR banks are extended, even if the algorithm is not yet supported by the crypto subsystem. PCR bank information (TPM algorithm ID, digest size, crypto subsystem ID) is stored in the tpm_chip structure and available for users of the TPM driver. Changelog v3: - remove end marker change - replace active_banks static array with pointer to dynamic array - remove TPM2_ACTIVE_PCR_BANKS v2: - change the end marker of the active_banks array - check digest size from output of PCR read command - remove count parameter from tpm_pcr_read() and tpm2_pcr_read() v1: - modify definition of tpm_pcr_read() - move hash algorithms and definition of tpm2_digest to include/linux/tpm.h Roberto Sassu (6): tpm: dynamically allocate active_banks array tpm: remove definition of TPM2_ACTIVE_PCR_BANKS tpm: rename and export tpm2_digest and tpm2_algorithms tpm: modify tpm_pcr_read() definition to pass a TPM hash algorithm tpm: retrieve digest size of unknown algorithms with PCR read tpm: ensure that the output of PCR read contains the correct digest size drivers/char/tpm/tpm-chip.c | 1 + drivers/char/tpm/tpm-interface.c | 34 +++++--- drivers/char/tpm/tpm.h | 19 ++--- drivers/char/tpm/tpm2-cmd.c | 115 ++++++++++++++++++++-------- include/linux/tpm.h | 30 +++++++- include/linux/tpm_eventlog.h | 12 +-- security/integrity/ima/ima_crypto.c | 10 +-- 7 files changed, 145 insertions(+), 76 deletions(-)