Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'tpmdd-next-6.12-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd

Pull tpm fixes from Jarkko Sakkinen:
"Two bug fixes for TPM bus encryption (the remaining reported issues in
the feature)"

* tag 'tpmdd-next-6.12-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd:
tpm: Disable TPM on tpm2_create_primary() failure
tpm: Opt-in in disable PCR integrity protection

+87 -33
+9
Documentation/admin-guide/kernel-parameters.txt
··· 6727 6727 torture.verbose_sleep_duration= [KNL] 6728 6728 Duration of each verbose-printk() sleep in jiffies. 6729 6729 6730 + tpm.disable_pcr_integrity= [HW,TPM] 6731 + Do not protect PCR registers from unintended physical 6732 + access, or interposers in the bus by the means of 6733 + having an integrity protected session wrapped around 6734 + TPM2_PCR_Extend command. Consider this in a situation 6735 + where TPM is heavily utilized by IMA, thus protection 6736 + causing a major performance hit, and the space where 6737 + machines are deployed is by other means guarded. 6738 + 6730 6739 tpm_suspend_pcr=[HW,TPM] 6731 6740 Format: integer pcr id 6732 6741 Specify that at suspend time, the tpm driver
+20
drivers/char/tpm/tpm-buf.c
··· 147 147 EXPORT_SYMBOL_GPL(tpm_buf_append_u32); 148 148 149 149 /** 150 + * tpm_buf_append_handle() - Add a handle 151 + * @chip: &tpm_chip instance 152 + * @buf: &tpm_buf instance 153 + * @handle: a TPM object handle 154 + * 155 + * Add a handle to the buffer, and increase the count tracking the number of 156 + * handles in the command buffer. Works only for command buffers. 157 + */ 158 + void tpm_buf_append_handle(struct tpm_chip *chip, struct tpm_buf *buf, u32 handle) 159 + { 160 + if (buf->flags & TPM_BUF_TPM2B) { 161 + dev_err(&chip->dev, "Invalid buffer type (TPM2B)\n"); 162 + return; 163 + } 164 + 165 + tpm_buf_append_u32(buf, handle); 166 + buf->handles++; 167 + } 168 + 169 + /** 150 170 * tpm_buf_read() - Read from a TPM buffer 151 171 * @buf: &tpm_buf instance 152 172 * @offset: offset within the buffer
+22 -8
drivers/char/tpm/tpm2-cmd.c
··· 14 14 #include "tpm.h" 15 15 #include <crypto/hash_info.h> 16 16 17 + static bool disable_pcr_integrity; 18 + module_param(disable_pcr_integrity, bool, 0444); 19 + MODULE_PARM_DESC(disable_pcr_integrity, "Disable integrity protection of TPM2_PCR_Extend"); 20 + 17 21 static struct tpm2_hash tpm2_hash_map[] = { 18 22 {HASH_ALGO_SHA1, TPM_ALG_SHA1}, 19 23 {HASH_ALGO_SHA256, TPM_ALG_SHA256}, ··· 236 232 int rc; 237 233 int i; 238 234 239 - rc = tpm2_start_auth_session(chip); 240 - if (rc) 241 - return rc; 235 + if (!disable_pcr_integrity) { 236 + rc = tpm2_start_auth_session(chip); 237 + if (rc) 238 + return rc; 239 + } 242 240 243 241 rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND); 244 242 if (rc) { 245 - tpm2_end_auth_session(chip); 243 + if (!disable_pcr_integrity) 244 + tpm2_end_auth_session(chip); 246 245 return rc; 247 246 } 248 247 249 - tpm_buf_append_name(chip, &buf, pcr_idx, NULL); 250 - tpm_buf_append_hmac_session(chip, &buf, 0, NULL, 0); 248 + if (!disable_pcr_integrity) { 249 + tpm_buf_append_name(chip, &buf, pcr_idx, NULL); 250 + tpm_buf_append_hmac_session(chip, &buf, 0, NULL, 0); 251 + } else { 252 + tpm_buf_append_handle(chip, &buf, pcr_idx); 253 + tpm_buf_append_auth(chip, &buf, 0, NULL, 0); 254 + } 251 255 252 256 tpm_buf_append_u32(&buf, chip->nr_allocated_banks); 253 257 ··· 265 253 chip->allocated_banks[i].digest_size); 266 254 } 267 255 268 - tpm_buf_fill_hmac_session(chip, &buf); 256 + if (!disable_pcr_integrity) 257 + tpm_buf_fill_hmac_session(chip, &buf); 269 258 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting extend a PCR value"); 270 - rc = tpm_buf_check_hmac_response(chip, &buf, rc); 259 + if (!disable_pcr_integrity) 260 + rc = tpm_buf_check_hmac_response(chip, &buf, rc); 271 261 272 262 tpm_buf_destroy(&buf); 273 263
+33 -25
drivers/char/tpm/tpm2-sessions.c
··· 237 237 #endif 238 238 239 239 if (!tpm2_chip_auth(chip)) { 240 - tpm_buf_append_u32(buf, handle); 241 - /* count the number of handles in the upper bits of flags */ 242 - buf->handles++; 240 + tpm_buf_append_handle(chip, buf, handle); 243 241 return; 244 242 } 245 243 ··· 269 271 #endif 270 272 } 271 273 EXPORT_SYMBOL_GPL(tpm_buf_append_name); 274 + 275 + void tpm_buf_append_auth(struct tpm_chip *chip, struct tpm_buf *buf, 276 + u8 attributes, u8 *passphrase, int passphrase_len) 277 + { 278 + /* offset tells us where the sessions area begins */ 279 + int offset = buf->handles * 4 + TPM_HEADER_SIZE; 280 + u32 len = 9 + passphrase_len; 281 + 282 + if (tpm_buf_length(buf) != offset) { 283 + /* not the first session so update the existing length */ 284 + len += get_unaligned_be32(&buf->data[offset]); 285 + put_unaligned_be32(len, &buf->data[offset]); 286 + } else { 287 + tpm_buf_append_u32(buf, len); 288 + } 289 + /* auth handle */ 290 + tpm_buf_append_u32(buf, TPM2_RS_PW); 291 + /* nonce */ 292 + tpm_buf_append_u16(buf, 0); 293 + /* attributes */ 294 + tpm_buf_append_u8(buf, 0); 295 + /* passphrase */ 296 + tpm_buf_append_u16(buf, passphrase_len); 297 + tpm_buf_append(buf, passphrase, passphrase_len); 298 + } 272 299 273 300 /** 274 301 * tpm_buf_append_hmac_session() - Append a TPM session element ··· 332 309 #endif 333 310 334 311 if (!tpm2_chip_auth(chip)) { 335 - /* offset tells us where the sessions area begins */ 336 - int offset = buf->handles * 4 + TPM_HEADER_SIZE; 337 - u32 len = 9 + passphrase_len; 338 - 339 - if (tpm_buf_length(buf) != offset) { 340 - /* not the first session so update the existing length */ 341 - len += get_unaligned_be32(&buf->data[offset]); 342 - put_unaligned_be32(len, &buf->data[offset]); 343 - } else { 344 - tpm_buf_append_u32(buf, len); 345 - } 346 - /* auth handle */ 347 - tpm_buf_append_u32(buf, TPM2_RS_PW); 348 - /* nonce */ 349 - tpm_buf_append_u16(buf, 0); 350 - /* attributes */ 351 - tpm_buf_append_u8(buf, 0); 352 - /* passphrase */ 353 - tpm_buf_append_u16(buf, passphrase_len); 354 - tpm_buf_append(buf, passphrase, passphrase_len); 312 + tpm_buf_append_auth(chip, buf, attributes, passphrase, 313 + passphrase_len); 355 314 return; 356 315 } 357 316 ··· 953 948 /* Deduce from the name change TPM interference: */ 954 949 dev_err(&chip->dev, "null key integrity check failed\n"); 955 950 tpm2_flush_context(chip, tmp_null_key); 956 - chip->flags |= TPM_CHIP_FLAG_DISABLE; 957 951 958 952 err: 959 - return rc ? -ENODEV : 0; 953 + if (rc) { 954 + chip->flags |= TPM_CHIP_FLAG_DISABLE; 955 + rc = -ENODEV; 956 + } 957 + return rc; 960 958 } 961 959 962 960 /**
+3
include/linux/tpm.h
··· 421 421 u8 tpm_buf_read_u8(struct tpm_buf *buf, off_t *offset); 422 422 u16 tpm_buf_read_u16(struct tpm_buf *buf, off_t *offset); 423 423 u32 tpm_buf_read_u32(struct tpm_buf *buf, off_t *offset); 424 + void tpm_buf_append_handle(struct tpm_chip *chip, struct tpm_buf *buf, u32 handle); 424 425 425 426 /* 426 427 * Check if TPM device is in the firmware upgrade mode. ··· 506 505 void tpm_buf_append_hmac_session(struct tpm_chip *chip, struct tpm_buf *buf, 507 506 u8 attributes, u8 *passphrase, 508 507 int passphraselen); 508 + void tpm_buf_append_auth(struct tpm_chip *chip, struct tpm_buf *buf, 509 + u8 attributes, u8 *passphrase, int passphraselen); 509 510 static inline void tpm_buf_append_hmac_session_opt(struct tpm_chip *chip, 510 511 struct tpm_buf *buf, 511 512 u8 attributes,