From patchwork Tue Oct 30 15:47:07 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roberto Sassu X-Patchwork-Id: 10661157 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4BA4113B5 for ; Tue, 30 Oct 2018 15:50:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 3CD412A76E for ; Tue, 30 Oct 2018 15:50:47 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3B3702A75E; Tue, 30 Oct 2018 15:50:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id E4F282A77E for ; Tue, 30 Oct 2018 15:50:46 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727722AbeJaAop (ORCPT ); Tue, 30 Oct 2018 20:44:45 -0400 Received: from lhrrgout.huawei.com ([185.176.76.210]:32704 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726792AbeJaAop (ORCPT ); Tue, 30 Oct 2018 20:44:45 -0400 Received: from lhreml703-cah.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id 13B9732EFFD8B; Tue, 30 Oct 2018 15:50:43 +0000 (GMT) Received: from roberto-HP-EliteDesk-800-G2-DM-65W.huawei.com (10.204.65.153) by smtpsuk.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 30 Oct 2018 15:50:37 +0000 From: Roberto Sassu To: , CC: , , , , Roberto Sassu Subject: [PATCH v3 1/5] tpm: change the end marker of the active_banks array to zero Date: Tue, 30 Oct 2018 16:47:07 +0100 Message-ID: <20181030154711.2782-2-roberto.sassu@huawei.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181030154711.2782-1-roberto.sassu@huawei.com> References: <20181030154711.2782-1-roberto.sassu@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.204.65.153] X-CFilter-Loop: Reflected Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This patch changes the end marker of the active_banks array from TPM2_ALG_ERROR to zero. Signed-off-by: Roberto Sassu Reviewed-by: Jarkko Sakkinen --- drivers/char/tpm/tpm-interface.c | 2 +- drivers/char/tpm/tpm2-cmd.c | 3 --- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 1a803b0cf980..f7fc4b5ee239 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -1051,7 +1051,7 @@ int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash) memset(digest_list, 0, sizeof(digest_list)); for (i = 0; i < ARRAY_SIZE(chip->active_banks) && - chip->active_banks[i] != TPM2_ALG_ERROR; i++) { + chip->active_banks[i]; i++) { digest_list[i].alg_id = chip->active_banks[i]; memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE); count++; diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index c31b490bd41d..046c9d8f3c1e 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -908,9 +908,6 @@ static ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip) } out: - if (i < ARRAY_SIZE(chip->active_banks)) - chip->active_banks[i] = TPM2_ALG_ERROR; - tpm_buf_destroy(&buf); return rc; From patchwork Tue Oct 30 15:47:08 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roberto Sassu X-Patchwork-Id: 10661161 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 4567D3CF1 for ; Tue, 30 Oct 2018 15:51:01 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 359B22A80B for ; Tue, 30 Oct 2018 15:51:01 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 32EF12A814; Tue, 30 Oct 2018 15:51:01 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A6A192A7AB for ; Tue, 30 Oct 2018 15:51:00 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727744AbeJaAo7 (ORCPT ); Tue, 30 Oct 2018 20:44:59 -0400 Received: from lhrrgout.huawei.com ([185.176.76.210]:32705 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726792AbeJaAo7 (ORCPT ); Tue, 30 Oct 2018 20:44:59 -0400 Received: from lhreml703-cah.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id 350C4A9FA103; Tue, 30 Oct 2018 15:50:53 +0000 (GMT) Received: from roberto-HP-EliteDesk-800-G2-DM-65W.huawei.com (10.204.65.153) by smtpsuk.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 30 Oct 2018 15:50:45 +0000 From: Roberto Sassu To: , CC: , , , , Roberto Sassu Subject: [PATCH v3 2/5] tpm: rename and export tpm2_digest and tpm2_algorithms Date: Tue, 30 Oct 2018 16:47:08 +0100 Message-ID: <20181030154711.2782-3-roberto.sassu@huawei.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181030154711.2782-1-roberto.sassu@huawei.com> References: <20181030154711.2782-1-roberto.sassu@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.204.65.153] X-CFilter-Loop: Reflected Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Rename tpm2_* to tpm_* and move the definitions to include/linux/tpm.h so that these can be used by other kernel subsystems (e.g. IMA). Signed-off-by: Roberto Sassu Reviewed-by: Jarkko Sakkinen Acked-by: Mimi Zohar --- drivers/char/tpm/tpm-interface.c | 2 +- drivers/char/tpm/tpm.h | 13 +------------ drivers/char/tpm/tpm2-cmd.c | 18 +++++++++--------- include/linux/tpm.h | 18 ++++++++++++++++++ include/linux/tpm_eventlog.h | 9 ++------- 5 files changed, 31 insertions(+), 29 deletions(-) diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index f7fc4b5ee239..48c8d3ef5944 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -1039,7 +1039,7 @@ static int tpm1_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash, int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash) { int rc; - struct tpm2_digest digest_list[ARRAY_SIZE(chip->active_banks)]; + struct tpm_digest digest_list[ARRAY_SIZE(chip->active_banks)]; u32 count = 0; int i; diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index f3501d05264f..b928ba44d864 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -122,17 +122,6 @@ enum tpm2_return_codes { TPM2_RC_RETRY = 0x0922, }; -enum tpm2_algorithms { - TPM2_ALG_ERROR = 0x0000, - TPM2_ALG_SHA1 = 0x0004, - TPM2_ALG_KEYEDHASH = 0x0008, - TPM2_ALG_SHA256 = 0x000B, - TPM2_ALG_SHA384 = 0x000C, - TPM2_ALG_SHA512 = 0x000D, - TPM2_ALG_NULL = 0x0010, - TPM2_ALG_SM3_256 = 0x0012, -}; - enum tpm2_command_codes { TPM2_CC_FIRST = 0x011F, TPM2_CC_CREATE_PRIMARY = 0x0131, @@ -577,7 +566,7 @@ static inline u32 tpm2_rc_value(u32 rc) int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf); int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, - struct tpm2_digest *digests); + struct tpm_digest *digests); int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max); void tpm2_flush_context_cmd(struct tpm_chip *chip, u32 handle, unsigned int flags); diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index 046c9d8f3c1e..4744ab3a6df2 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -33,11 +33,11 @@ struct tpm2_hash { }; static struct tpm2_hash tpm2_hash_map[] = { - {HASH_ALGO_SHA1, TPM2_ALG_SHA1}, - {HASH_ALGO_SHA256, TPM2_ALG_SHA256}, - {HASH_ALGO_SHA384, TPM2_ALG_SHA384}, - {HASH_ALGO_SHA512, TPM2_ALG_SHA512}, - {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256}, + {HASH_ALGO_SHA1, TPM_ALG_SHA1}, + {HASH_ALGO_SHA256, TPM_ALG_SHA256}, + {HASH_ALGO_SHA384, TPM_ALG_SHA384}, + {HASH_ALGO_SHA512, TPM_ALG_SHA512}, + {HASH_ALGO_SM3_256, TPM_ALG_SM3_256}, }; /* @@ -200,7 +200,7 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7); tpm_buf_append_u32(&buf, 1); - tpm_buf_append_u16(&buf, TPM2_ALG_SHA1); + tpm_buf_append_u16(&buf, TPM_ALG_SHA1); tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN); tpm_buf_append(&buf, (const unsigned char *)pcr_select, sizeof(pcr_select)); @@ -234,7 +234,7 @@ struct tpm2_null_auth_area { * Return: Same as with tpm_transmit_cmd. */ int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, - struct tpm2_digest *digests) + struct tpm_digest *digests) { struct tpm_buf buf; struct tpm2_null_auth_area auth_area; @@ -457,7 +457,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip, /* public */ tpm_buf_append_u16(&buf, 14 + options->policydigest_len); - tpm_buf_append_u16(&buf, TPM2_ALG_KEYEDHASH); + tpm_buf_append_u16(&buf, TPM_ALG_KEYEDHASH); tpm_buf_append_u16(&buf, hash); /* policy */ @@ -472,7 +472,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip, } /* public parameters */ - tpm_buf_append_u16(&buf, TPM2_ALG_NULL); + tpm_buf_append_u16(&buf, TPM_ALG_NULL); tpm_buf_append_u16(&buf, 0); /* outside info */ diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 4609b94142d4..71d7bbf5f690 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -22,12 +22,30 @@ #ifndef __LINUX_TPM_H__ #define __LINUX_TPM_H__ +#include + #define TPM_DIGEST_SIZE 20 /* Max TPM v1.2 PCR size */ struct tpm_chip; struct trusted_key_payload; struct trusted_key_options; +enum tpm_algorithms { + TPM_ALG_ERROR = 0x0000, + TPM_ALG_SHA1 = 0x0004, + TPM_ALG_KEYEDHASH = 0x0008, + TPM_ALG_SHA256 = 0x000B, + TPM_ALG_SHA384 = 0x000C, + TPM_ALG_SHA512 = 0x000D, + TPM_ALG_NULL = 0x0010, + TPM_ALG_SM3_256 = 0x0012, +}; + +struct tpm_digest { + u16 alg_id; + u8 digest[SHA512_DIGEST_SIZE]; +} __packed; + enum TPM_OPS_FLAGS { TPM_OPS_AUTO_STARTUP = BIT(0), }; diff --git a/include/linux/tpm_eventlog.h b/include/linux/tpm_eventlog.h index 20d9da77fc11..1481186749f0 100644 --- a/include/linux/tpm_eventlog.h +++ b/include/linux/tpm_eventlog.h @@ -3,7 +3,7 @@ #ifndef __LINUX_TPM_EVENTLOG_H__ #define __LINUX_TPM_EVENTLOG_H__ -#include +#include #define TCG_EVENT_NAME_LEN_MAX 255 #define MAX_TEXT_EVENT 1000 /* Max event string length */ @@ -108,16 +108,11 @@ struct tcg_event_field { u8 event[0]; } __packed; -struct tpm2_digest { - u16 alg_id; - u8 digest[SHA512_DIGEST_SIZE]; -} __packed; - struct tcg_pcr_event2 { u32 pcr_idx; u32 event_type; u32 count; - struct tpm2_digest digests[TPM2_ACTIVE_PCR_BANKS]; + struct tpm_digest digests[TPM2_ACTIVE_PCR_BANKS]; struct tcg_event_field event; } __packed; From patchwork Tue Oct 30 15:47:09 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roberto Sassu X-Patchwork-Id: 10661165 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 967ED13B5 for ; Tue, 30 Oct 2018 15:51:09 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 861022A80D for ; Tue, 30 Oct 2018 15:51:09 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 837CF2A7FD; Tue, 30 Oct 2018 15:51:09 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 077B62A7D6 for ; Tue, 30 Oct 2018 15:51:08 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727543AbeJaApH (ORCPT ); Tue, 30 Oct 2018 20:45:07 -0400 Received: from lhrrgout.huawei.com ([185.176.76.210]:32706 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726792AbeJaApG (ORCPT ); Tue, 30 Oct 2018 20:45:06 -0400 Received: from lhreml703-cah.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id 5DC4D575F0DA7; Tue, 30 Oct 2018 15:51:03 +0000 (GMT) Received: from roberto-HP-EliteDesk-800-G2-DM-65W.huawei.com (10.204.65.153) by smtpsuk.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 30 Oct 2018 15:50:55 +0000 From: Roberto Sassu To: , CC: , , , , Roberto Sassu Subject: [PATCH v3 3/5] tpm: modify tpm_pcr_read() definition to pass a TPM hash algorithm Date: Tue, 30 Oct 2018 16:47:09 +0100 Message-ID: <20181030154711.2782-4-roberto.sassu@huawei.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181030154711.2782-1-roberto.sassu@huawei.com> References: <20181030154711.2782-1-roberto.sassu@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.204.65.153] X-CFilter-Loop: Reflected Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Currently the TPM driver allows other kernel subsystems to read only the SHA1 PCR bank. This patch modifies the parameters of tpm_pcr_read() and tpm2_pcr_read() to pass a tpm_digest structure, which contains the desired hash algorithm. Also, since commit 125a22105410 ("tpm: React correctly to RC_TESTING from TPM 2.0 self tests") removed the call to tpm2_pcr_read(), the new parameter is expected to be always not NULL. Due to the API change, IMA functions have been modified. Signed-off-by: Roberto Sassu Acked-by: Mimi Zohar --- drivers/char/tpm/tpm-interface.c | 9 +++++---- drivers/char/tpm/tpm.h | 3 ++- drivers/char/tpm/tpm2-cmd.c | 23 ++++++++++++++++------- include/linux/tpm.h | 6 ++++-- security/integrity/ima/ima_crypto.c | 10 +++++----- 5 files changed, 32 insertions(+), 19 deletions(-) diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 48c8d3ef5944..4d0f5da5bf98 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -976,11 +976,12 @@ EXPORT_SYMBOL_GPL(tpm_is_tpm2); * tpm_pcr_read - read a PCR value from SHA1 bank * @chip: a &struct tpm_chip instance, %NULL for the default chip * @pcr_idx: the PCR to be retrieved - * @res_buf: the value of the PCR + * @digest_struct: pcr bank and buffer current PCR value is written to * * Return: same as with tpm_transmit_cmd() */ -int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) +int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, + struct tpm_digest *digest_struct) { int rc; @@ -988,9 +989,9 @@ int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) if (!chip) return -ENODEV; if (chip->flags & TPM_CHIP_FLAG_TPM2) - rc = tpm2_pcr_read(chip, pcr_idx, res_buf); + rc = tpm2_pcr_read(chip, pcr_idx, digest_struct); else - rc = tpm_pcr_read_dev(chip, pcr_idx, res_buf); + rc = tpm_pcr_read_dev(chip, pcr_idx, digest_struct->digest); tpm_put_ops(chip); return rc; } diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index b928ba44d864..633e16f42107 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -564,7 +564,8 @@ static inline u32 tpm2_rc_value(u32 rc) return (rc & BIT(7)) ? rc & 0xff : rc; } -int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf); +int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, + struct tpm_digest *digest_struct); int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, struct tpm_digest *digests); int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max); diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index 4744ab3a6df2..8babd826ad27 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -179,16 +179,18 @@ struct tpm2_pcr_read_out { * tpm2_pcr_read() - read a PCR value * @chip: TPM chip to use. * @pcr_idx: index of the PCR to read. - * @res_buf: buffer to store the resulting hash. + * @digest_struct: pcr bank and buffer current PCR value is written to. * * Return: Same as with tpm_transmit_cmd. */ -int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) +int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, + struct tpm_digest *digest_struct) { int rc; struct tpm_buf buf; struct tpm2_pcr_read_out *out; u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0}; + u16 digest_size; if (pcr_idx >= TPM2_PLATFORM_PCR) return -EINVAL; @@ -200,18 +202,25 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7); tpm_buf_append_u32(&buf, 1); - tpm_buf_append_u16(&buf, TPM_ALG_SHA1); + tpm_buf_append_u16(&buf, digest_struct->alg_id); tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN); tpm_buf_append(&buf, (const unsigned char *)pcr_select, sizeof(pcr_select)); rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, - res_buf ? "attempting to read a pcr value" : NULL); - if (rc == 0 && res_buf) { - out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE]; - memcpy(res_buf, out->digest, SHA1_DIGEST_SIZE); + "attempting to read a pcr value"); + if (rc) + goto out; + + out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE]; + digest_size = be16_to_cpu(out->digest_size); + if (digest_size > sizeof(digest_struct->digest)) { + rc = -EINVAL; + goto out; } + memcpy(digest_struct->digest, out->digest, digest_size); +out: tpm_buf_destroy(&buf); return rc; } diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 71d7bbf5f690..4f00daf44dd2 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -71,7 +71,8 @@ struct tpm_class_ops { #if defined(CONFIG_TCG_TPM) || defined(CONFIG_TCG_TPM_MODULE) extern int tpm_is_tpm2(struct tpm_chip *chip); -extern int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf); +extern int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, + struct tpm_digest *digest_struct); extern int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash); extern int tpm_send(struct tpm_chip *chip, void *cmd, size_t buflen); extern int tpm_get_random(struct tpm_chip *chip, u8 *data, size_t max); @@ -87,7 +88,8 @@ static inline int tpm_is_tpm2(struct tpm_chip *chip) { return -ENODEV; } -static inline int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf) +static inline int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, + struct tpm_digest *digest_struct) { return -ENODEV; } diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index 7e7e7e7c250a..8985e34eb3ac 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c @@ -629,12 +629,12 @@ int ima_calc_buffer_hash(const void *buf, loff_t len, return calc_buffer_shash(buf, len, hash); } -static void __init ima_pcrread(int idx, u8 *pcr) +static void __init ima_pcrread(int idx, struct tpm_digest *d) { if (!ima_tpm_chip) return; - if (tpm_pcr_read(ima_tpm_chip, idx, pcr) != 0) + if (tpm_pcr_read(ima_tpm_chip, idx, d) != 0) pr_err("Error Communicating to TPM chip\n"); } @@ -644,7 +644,7 @@ static void __init ima_pcrread(int idx, u8 *pcr) static int __init ima_calc_boot_aggregate_tfm(char *digest, struct crypto_shash *tfm) { - u8 pcr_i[TPM_DIGEST_SIZE]; + struct tpm_digest d = { .alg_id = TPM_ALG_SHA1, .digest = {0} }; int rc, i; SHASH_DESC_ON_STACK(shash, tfm); @@ -657,9 +657,9 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest, /* cumulative sha1 over tpm registers 0-7 */ for (i = TPM_PCR0; i < TPM_PCR8; i++) { - ima_pcrread(i, pcr_i); + ima_pcrread(i, &d); /* now accumulate with current aggregate */ - rc = crypto_shash_update(shash, pcr_i, TPM_DIGEST_SIZE); + rc = crypto_shash_update(shash, d.digest, TPM_DIGEST_SIZE); } if (!rc) crypto_shash_final(shash, digest); From patchwork Tue Oct 30 15:47:10 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roberto Sassu X-Patchwork-Id: 10661169 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 1218313B5 for ; Tue, 30 Oct 2018 15:51:18 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0380C2A848 for ; Tue, 30 Oct 2018 15:51:18 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 01E372A76E; Tue, 30 Oct 2018 15:51:17 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=unavailable version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 6B1002A73E for ; Tue, 30 Oct 2018 15:51:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727801AbeJaApQ (ORCPT ); Tue, 30 Oct 2018 20:45:16 -0400 Received: from lhrrgout.huawei.com ([185.176.76.210]:32707 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726792AbeJaApQ (ORCPT ); Tue, 30 Oct 2018 20:45:16 -0400 Received: from lhreml703-cah.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id 83D28D21C2631; Tue, 30 Oct 2018 15:51:13 +0000 (GMT) Received: from roberto-HP-EliteDesk-800-G2-DM-65W.huawei.com (10.204.65.153) by smtpsuk.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 30 Oct 2018 15:51:05 +0000 From: Roberto Sassu To: , CC: , , , , Roberto Sassu Subject: [PATCH v3 4/5] tpm: retrieve digest size of unknown algorithms with PCR read Date: Tue, 30 Oct 2018 16:47:10 +0100 Message-ID: <20181030154711.2782-5-roberto.sassu@huawei.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181030154711.2782-1-roberto.sassu@huawei.com> References: <20181030154711.2782-1-roberto.sassu@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.204.65.153] X-CFilter-Loop: Reflected Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP Currently, the TPM driver retrieves the digest size from a table mapping TPM algorithms identifiers to identifiers defined by the crypto subsystem. If the algorithm is not defined by the latter, the digest size can be retrieved from the output of the PCR read command. The patch retrieves at TPM startup the digest sizes for each PCR bank and stores them in the new structure tpm_bank_info, member of tpm_chip, so that the information can be passed to other kernel subsystems. tpm_bank_info contains: the TPM algorithm identifier, necessary to generate the event log as defined by Trusted Computing Group (TCG); the digest size, to pad/truncate a digest calculated with a different algorithm; the crypto subsystem identifier, to calculate the digest of event data. Signed-off-by: Roberto Sassu Reviewed-by: Jarkko Sakkinen Acked-by: Mimi Zohar --- drivers/char/tpm/tpm-interface.c | 10 ++++--- drivers/char/tpm/tpm.h | 4 +-- drivers/char/tpm/tpm2-cmd.c | 45 ++++++++++++++++++++++++-------- include/linux/tpm.h | 6 +++++ 4 files changed, 49 insertions(+), 16 deletions(-) diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 4d0f5da5bf98..49761c88c21e 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -989,7 +989,7 @@ int tpm_pcr_read(struct tpm_chip *chip, int pcr_idx, if (!chip) return -ENODEV; if (chip->flags & TPM_CHIP_FLAG_TPM2) - rc = tpm2_pcr_read(chip, pcr_idx, digest_struct); + rc = tpm2_pcr_read(chip, pcr_idx, digest_struct, NULL); else rc = tpm_pcr_read_dev(chip, pcr_idx, digest_struct->digest); tpm_put_ops(chip); @@ -1052,8 +1052,8 @@ int tpm_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash) memset(digest_list, 0, sizeof(digest_list)); for (i = 0; i < ARRAY_SIZE(chip->active_banks) && - chip->active_banks[i]; i++) { - digest_list[i].alg_id = chip->active_banks[i]; + chip->active_banks[i].alg_id; i++) { + digest_list[i].alg_id = chip->active_banks[i].alg_id; memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE); count++; } @@ -1154,6 +1154,10 @@ int tpm1_auto_startup(struct tpm_chip *chip) goto out; } + chip->active_banks[0].alg_id = TPM_ALG_SHA1; + chip->active_banks[0].digest_size = hash_digest_size[HASH_ALGO_SHA1]; + chip->active_banks[0].crypto_id = HASH_ALGO_SHA1; + return rc; out: if (rc > 0) diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h index 633e16f42107..8662e8587dce 100644 --- a/drivers/char/tpm/tpm.h +++ b/drivers/char/tpm/tpm.h @@ -237,7 +237,7 @@ struct tpm_chip { const struct attribute_group *groups[3]; unsigned int groups_cnt; - u16 active_banks[7]; + struct tpm_bank_info active_banks[7]; #ifdef CONFIG_ACPI acpi_handle acpi_dev_handle; char ppi_version[TPM_PPI_VERSION_LEN + 1]; @@ -565,7 +565,7 @@ static inline u32 tpm2_rc_value(u32 rc) } int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, - struct tpm_digest *digest_struct); + struct tpm_digest *digest_struct, u16 *digest_size_ptr); int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, struct tpm_digest *digests); int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max); diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index 8babd826ad27..8e821e7b4674 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -180,11 +180,12 @@ struct tpm2_pcr_read_out { * @chip: TPM chip to use. * @pcr_idx: index of the PCR to read. * @digest_struct: pcr bank and buffer current PCR value is written to. + * @digest_size_ptr: pointer to variable that stores the digest size. * * Return: Same as with tpm_transmit_cmd. */ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, - struct tpm_digest *digest_struct) + struct tpm_digest *digest_struct, u16 *digest_size_ptr) { int rc; struct tpm_buf buf; @@ -219,6 +220,9 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, goto out; } + if (digest_size_ptr) + *digest_size_ptr = digest_size; + memcpy(digest_struct->digest, out->digest, digest_size); out: tpm_buf_destroy(&buf); @@ -249,7 +253,6 @@ int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, struct tpm2_null_auth_area auth_area; int rc; int i; - int j; if (count > ARRAY_SIZE(chip->active_banks)) return -EINVAL; @@ -271,14 +274,9 @@ int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count, tpm_buf_append_u32(&buf, count); for (i = 0; i < count; i++) { - for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) { - if (digests[i].alg_id != tpm2_hash_map[j].tpm_id) - continue; - tpm_buf_append_u16(&buf, digests[i].alg_id); - tpm_buf_append(&buf, (const unsigned char - *)&digests[i].digest, - hash_digest_size[tpm2_hash_map[j].crypto_id]); - } + tpm_buf_append_u16(&buf, digests[i].alg_id); + tpm_buf_append(&buf, (const unsigned char *)&digests[i].digest, + chip->active_banks[i].digest_size); } rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0, @@ -855,6 +853,26 @@ int tpm2_probe(struct tpm_chip *chip) } EXPORT_SYMBOL_GPL(tpm2_probe); +static int tpm2_init_bank_info(struct tpm_chip *chip, + struct tpm_bank_info *bank) +{ + struct tpm_digest digest = {.alg_id = bank->alg_id}; + int i; + + for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) { + enum hash_algo crypto_algo = tpm2_hash_map[i].crypto_id; + + if (bank->alg_id != tpm2_hash_map[i].tpm_id) + continue; + + bank->digest_size = hash_digest_size[crypto_algo]; + bank->crypto_id = crypto_algo; + return 0; + } + + return tpm2_pcr_read(chip, 0, &digest, &bank->digest_size); +} + struct tpm2_pcr_selection { __be16 hash_alg; u8 size_of_select; @@ -909,7 +927,12 @@ static ssize_t tpm2_get_pcr_allocation(struct tpm_chip *chip) } memcpy(&pcr_selection, marker, sizeof(pcr_selection)); - chip->active_banks[i] = be16_to_cpu(pcr_selection.hash_alg); + chip->active_banks[i].alg_id = + be16_to_cpu(pcr_selection.hash_alg); + rc = tpm2_init_bank_info(chip, &chip->active_banks[i]); + if (rc) + break; + sizeof_pcr_selection = sizeof(pcr_selection.hash_alg) + sizeof(pcr_selection.size_of_select) + pcr_selection.size_of_select; diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 4f00daf44dd2..3f91124837cf 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -46,6 +46,12 @@ struct tpm_digest { u8 digest[SHA512_DIGEST_SIZE]; } __packed; +struct tpm_bank_info { + u16 alg_id; + u16 digest_size; + u16 crypto_id; +}; + enum TPM_OPS_FLAGS { TPM_OPS_AUTO_STARTUP = BIT(0), }; From patchwork Tue Oct 30 15:47:11 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roberto Sassu X-Patchwork-Id: 10661173 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 50F4213BF for ; Tue, 30 Oct 2018 15:51:28 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 409BB2A802 for ; Tue, 30 Oct 2018 15:51:28 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 3EE0C2A800; Tue, 30 Oct 2018 15:51:28 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 248AE2A84F for ; Tue, 30 Oct 2018 15:51:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727387AbeJaAp0 (ORCPT ); Tue, 30 Oct 2018 20:45:26 -0400 Received: from lhrrgout.huawei.com ([185.176.76.210]:32708 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726792AbeJaAp0 (ORCPT ); Tue, 30 Oct 2018 20:45:26 -0400 Received: from lhreml703-cah.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id A0FA8A7E41F59; Tue, 30 Oct 2018 15:51:23 +0000 (GMT) Received: from roberto-HP-EliteDesk-800-G2-DM-65W.huawei.com (10.204.65.153) by smtpsuk.huawei.com (10.201.108.44) with Microsoft SMTP Server (TLS) id 14.3.408.0; Tue, 30 Oct 2018 15:51:15 +0000 From: Roberto Sassu To: , CC: , , , , Roberto Sassu Subject: [PATCH v3 5/5] tpm: ensure that output of PCR read contains the correct digest size Date: Tue, 30 Oct 2018 16:47:11 +0100 Message-ID: <20181030154711.2782-6-roberto.sassu@huawei.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181030154711.2782-1-roberto.sassu@huawei.com> References: <20181030154711.2782-1-roberto.sassu@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.204.65.153] X-CFilter-Loop: Reflected Sender: owner-linux-security-module@vger.kernel.org Precedence: bulk List-ID: X-Virus-Scanned: ClamAV using ClamSMTP This patch ensures that the digest size returned by the TPM during a PCR read matches the size of the algorithm passed as argument to tpm2_pcr_read(). The check is performed after information about the PCR banks has been retrieved. Signed-off-by: Roberto Sassu --- drivers/char/tpm/tpm2-cmd.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index 8e821e7b4674..477dcc30fc53 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -187,15 +187,28 @@ struct tpm2_pcr_read_out { int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, struct tpm_digest *digest_struct, u16 *digest_size_ptr) { + int i; int rc; struct tpm_buf buf; struct tpm2_pcr_read_out *out; u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0}; u16 digest_size; + u16 expected_digest_size = 0; if (pcr_idx >= TPM2_PLATFORM_PCR) return -EINVAL; + if (!digest_size_ptr) { + for (i = 0; i < ARRAY_SIZE(chip->active_banks) && + chip->active_banks[i].alg_id != digest_struct->alg_id; i++) + ; + + if (i == ARRAY_SIZE(chip->active_banks)) + return -EINVAL; + + expected_digest_size = chip->active_banks[i].digest_size; + } + rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ); if (rc) return rc; @@ -215,7 +228,8 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE]; digest_size = be16_to_cpu(out->digest_size); - if (digest_size > sizeof(digest_struct->digest)) { + if ((digest_size_ptr && digest_size > sizeof(digest_struct->digest)) || + (!digest_size_ptr && digest_size != expected_digest_size)) { rc = -EINVAL; goto out; }