FAILED: patch "[PATCH] tpm: Unify the mismatching TPM space buffer sizes" failed to apply to 4.14-stable tree

FAILED: patch "[PATCH] tpm: Unify the mismatching TPM space buffer sizes" failed to apply to 4.14-stable tree

[gregkh]

The patch below does not apply to the 4.14-stable tree.
If someone wants it applied there, or to any other stable or longterm
tree, then please email the backport, including the original git commit
id to <stable@vger.kernel.org>.

thanks,

greg k-h

------------------ original commit in Linus's tree ------------------

From 6c4e79d99e6f42b79040f1a33cd4018f5425030b Mon Sep 17 00:00:00 2001
From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Date: Fri, 3 Jul 2020 01:55:59 +0300
Subject: [PATCH] tpm: Unify the mismatching TPM space buffer sizes

The size of the buffers for storing context's and sessions can vary from
arch to arch as PAGE_SIZE can be anything between 4 kB and 256 kB (the
maximum for PPC64). Define a fixed buffer size set to 16 kB. This should be
enough for most use with three handles (that is how many we allow at the
moment). Parametrize the buffer size while doing this, so that it is easier
to revisit this later on if required.

Cc: stable@vger.kernel.org
Reported-by: Stefan Berger <stefanb@linux.ibm.com>
Fixes: 745b361e989a ("tpm: infrastructure for TPM spaces")
Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
index 8c77e88012e9..ddaeceb7e109 100644
--- a/drivers/char/tpm/tpm-chip.c
+++ b/drivers/char/tpm/tpm-chip.c
@@ -386,13 +386,8 @@ struct tpm_chip *tpm_chip_alloc(struct device *pdev,
 	chip->cdev.owner = THIS_MODULE;
 	chip->cdevs.owner = THIS_MODULE;
 
-	chip->work_space.context_buf = kzalloc(PAGE_SIZE, GFP_KERNEL);
-	if (!chip->work_space.context_buf) {
-		rc = -ENOMEM;
-		goto out;
-	}
-	chip->work_space.session_buf = kzalloc(PAGE_SIZE, GFP_KERNEL);
-	if (!chip->work_space.session_buf) {
+	rc = tpm2_init_space(&chip->work_space, TPM2_SPACE_BUFFER_SIZE);
+	if (rc) {
 		rc = -ENOMEM;
 		goto out;
 	}
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 0fbcede241ea..947d1db0a5cc 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -59,6 +59,9 @@ enum tpm_addr {
 
 #define TPM_TAG_RQU_COMMAND 193
 
+/* TPM2 specific constants. */
+#define TPM2_SPACE_BUFFER_SIZE		16384 /* 16 kB */
+
 struct	stclear_flags_t {
 	__be16	tag;
 	u8	deactivated;
@@ -228,7 +231,7 @@ unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
 int tpm2_probe(struct tpm_chip *chip);
 int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip);
 int tpm2_find_cc(struct tpm_chip *chip, u32 cc);
-int tpm2_init_space(struct tpm_space *space);
+int tpm2_init_space(struct tpm_space *space, unsigned int buf_size);
 void tpm2_del_space(struct tpm_chip *chip, struct tpm_space *space);
 void tpm2_flush_space(struct tpm_chip *chip);
 int tpm2_prepare_space(struct tpm_chip *chip, struct tpm_space *space, u8 *cmd,
diff --git a/drivers/char/tpm/tpm2-space.c b/drivers/char/tpm/tpm2-space.c
index 982d341d8837..784b8b3cb903 100644
--- a/drivers/char/tpm/tpm2-space.c
+++ b/drivers/char/tpm/tpm2-space.c
@@ -38,18 +38,21 @@ static void tpm2_flush_sessions(struct tpm_chip *chip, struct tpm_space *space)
 	}
 }
 
-int tpm2_init_space(struct tpm_space *space)
+int tpm2_init_space(struct tpm_space *space, unsigned int buf_size)
 {
-	space->context_buf = kzalloc(PAGE_SIZE, GFP_KERNEL);
+	space->context_buf = kzalloc(buf_size, GFP_KERNEL);
 	if (!space->context_buf)
 		return -ENOMEM;
 
-	space->session_buf = kzalloc(PAGE_SIZE, GFP_KERNEL);
+	space->session_buf = kzalloc(buf_size, GFP_KERNEL);
 	if (space->session_buf == NULL) {
 		kfree(space->context_buf);
+		/* Prevent caller getting a dangling pointer. */
+		space->context_buf = NULL;
 		return -ENOMEM;
 	}
 
+	space->buf_size = buf_size;
 	return 0;
 }
 
@@ -311,8 +314,10 @@ int tpm2_prepare_space(struct tpm_chip *chip, struct tpm_space *space, u8 *cmd,
 	       sizeof(space->context_tbl));
 	memcpy(&chip->work_space.session_tbl, &space->session_tbl,
 	       sizeof(space->session_tbl));
-	memcpy(chip->work_space.context_buf, space->context_buf, PAGE_SIZE);
-	memcpy(chip->work_space.session_buf, space->session_buf, PAGE_SIZE);
+	memcpy(chip->work_space.context_buf, space->context_buf,
+	       space->buf_size);
+	memcpy(chip->work_space.session_buf, space->session_buf,
+	       space->buf_size);
 
 	rc = tpm2_load_space(chip);
 	if (rc) {
@@ -492,7 +497,7 @@ static int tpm2_save_space(struct tpm_chip *chip)
 			continue;
 
 		rc = tpm2_save_context(chip, space->context_tbl[i],
-				       space->context_buf, PAGE_SIZE,
+				       space->context_buf, space->buf_size,
 				       &offset);
 		if (rc == -ENOENT) {
 			space->context_tbl[i] = 0;
@@ -509,9 +514,8 @@ static int tpm2_save_space(struct tpm_chip *chip)
 			continue;
 
 		rc = tpm2_save_context(chip, space->session_tbl[i],
-				       space->session_buf, PAGE_SIZE,
+				       space->session_buf, space->buf_size,
 				       &offset);
-
 		if (rc == -ENOENT) {
 			/* handle error saving session, just forget it */
 			space->session_tbl[i] = 0;
@@ -557,8 +561,10 @@ int tpm2_commit_space(struct tpm_chip *chip, struct tpm_space *space,
 	       sizeof(space->context_tbl));
 	memcpy(&space->session_tbl, &chip->work_space.session_tbl,
 	       sizeof(space->session_tbl));
-	memcpy(space->context_buf, chip->work_space.context_buf, PAGE_SIZE);
-	memcpy(space->session_buf, chip->work_space.session_buf, PAGE_SIZE);
+	memcpy(space->context_buf, chip->work_space.context_buf,
+	       space->buf_size);
+	memcpy(space->session_buf, chip->work_space.session_buf,
+	       space->buf_size);
 
 	return 0;
 out:
diff --git a/drivers/char/tpm/tpmrm-dev.c b/drivers/char/tpm/tpmrm-dev.c
index 7a0a7051a06f..eef0fb06ea83 100644
--- a/drivers/char/tpm/tpmrm-dev.c
+++ b/drivers/char/tpm/tpmrm-dev.c
@@ -21,7 +21,7 @@ static int tpmrm_open(struct inode *inode, struct file *file)
 	if (priv == NULL)
 		return -ENOMEM;
 
-	rc = tpm2_init_space(&priv->space);
+	rc = tpm2_init_space(&priv->space, TPM2_SPACE_BUFFER_SIZE);
 	if (rc) {
 		kfree(priv);
 		return -ENOMEM;
diff --git a/include/linux/tpm.h b/include/linux/tpm.h
index 03e9b184411b..8f4ff39f51e7 100644
--- a/include/linux/tpm.h
+++ b/include/linux/tpm.h
@@ -96,6 +96,7 @@ struct tpm_space {
 	u8 *context_buf;
 	u32 session_tbl[3];
 	u8 *session_buf;
+	u32 buf_size;
 };
 
 struct tpm_bios_log {

Re: FAILED: patch "[PATCH] tpm: Unify the mismatching TPM space buffer sizes" failed to apply to 4.14-stable tree

[Jarkko Sakkinen]

Stefan, are you concerned of not having this in 4.14 and 4.19?

/Jarkko

On Mon, Aug 17, 2020 at 12:14:09PM +0200, gregkh@linuxfoundation.org wrote:
> 
> The patch below does not apply to the 4.14-stable tree.
> If someone wants it applied there, or to any other stable or longterm
> tree, then please email the backport, including the original git commit
> id to <stable@vger.kernel.org>.
> 
> thanks,
> 
> greg k-h
> 
> ------------------ original commit in Linus's tree ------------------
> 
> From 6c4e79d99e6f42b79040f1a33cd4018f5425030b Mon Sep 17 00:00:00 2001
> From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> Date: Fri, 3 Jul 2020 01:55:59 +0300
> Subject: [PATCH] tpm: Unify the mismatching TPM space buffer sizes
> 
> The size of the buffers for storing context's and sessions can vary from
> arch to arch as PAGE_SIZE can be anything between 4 kB and 256 kB (the
> maximum for PPC64). Define a fixed buffer size set to 16 kB. This should be
> enough for most use with three handles (that is how many we allow at the
> moment). Parametrize the buffer size while doing this, so that it is easier
> to revisit this later on if required.
> 
> Cc: stable@vger.kernel.org
> Reported-by: Stefan Berger <stefanb@linux.ibm.com>
> Fixes: 745b361e989a ("tpm: infrastructure for TPM spaces")
> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com>
> Tested-by: Stefan Berger <stefanb@linux.ibm.com>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> 
> diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
> index 8c77e88012e9..ddaeceb7e109 100644
> --- a/drivers/char/tpm/tpm-chip.c
> +++ b/drivers/char/tpm/tpm-chip.c
> @@ -386,13 +386,8 @@ struct tpm_chip *tpm_chip_alloc(struct device *pdev,
>  	chip->cdev.owner = THIS_MODULE;
>  	chip->cdevs.owner = THIS_MODULE;
>  
> -	chip->work_space.context_buf = kzalloc(PAGE_SIZE, GFP_KERNEL);
> -	if (!chip->work_space.context_buf) {
> -		rc = -ENOMEM;
> -		goto out;
> -	}
> -	chip->work_space.session_buf = kzalloc(PAGE_SIZE, GFP_KERNEL);
> -	if (!chip->work_space.session_buf) {
> +	rc = tpm2_init_space(&chip->work_space, TPM2_SPACE_BUFFER_SIZE);
> +	if (rc) {
>  		rc = -ENOMEM;
>  		goto out;
>  	}
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index 0fbcede241ea..947d1db0a5cc 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -59,6 +59,9 @@ enum tpm_addr {
>  
>  #define TPM_TAG_RQU_COMMAND 193
>  
> +/* TPM2 specific constants. */
> +#define TPM2_SPACE_BUFFER_SIZE		16384 /* 16 kB */
> +
>  struct	stclear_flags_t {
>  	__be16	tag;
>  	u8	deactivated;
> @@ -228,7 +231,7 @@ unsigned long tpm2_calc_ordinal_duration(struct tpm_chip *chip, u32 ordinal);
>  int tpm2_probe(struct tpm_chip *chip);
>  int tpm2_get_cc_attrs_tbl(struct tpm_chip *chip);
>  int tpm2_find_cc(struct tpm_chip *chip, u32 cc);
> -int tpm2_init_space(struct tpm_space *space);
> +int tpm2_init_space(struct tpm_space *space, unsigned int buf_size);
>  void tpm2_del_space(struct tpm_chip *chip, struct tpm_space *space);
>  void tpm2_flush_space(struct tpm_chip *chip);
>  int tpm2_prepare_space(struct tpm_chip *chip, struct tpm_space *space, u8 *cmd,
> diff --git a/drivers/char/tpm/tpm2-space.c b/drivers/char/tpm/tpm2-space.c
> index 982d341d8837..784b8b3cb903 100644
> --- a/drivers/char/tpm/tpm2-space.c
> +++ b/drivers/char/tpm/tpm2-space.c
> @@ -38,18 +38,21 @@ static void tpm2_flush_sessions(struct tpm_chip *chip, struct tpm_space *space)
>  	}
>  }
>  
> -int tpm2_init_space(struct tpm_space *space)
> +int tpm2_init_space(struct tpm_space *space, unsigned int buf_size)
>  {
> -	space->context_buf = kzalloc(PAGE_SIZE, GFP_KERNEL);
> +	space->context_buf = kzalloc(buf_size, GFP_KERNEL);
>  	if (!space->context_buf)
>  		return -ENOMEM;
>  
> -	space->session_buf = kzalloc(PAGE_SIZE, GFP_KERNEL);
> +	space->session_buf = kzalloc(buf_size, GFP_KERNEL);
>  	if (space->session_buf == NULL) {
>  		kfree(space->context_buf);
> +		/* Prevent caller getting a dangling pointer. */
> +		space->context_buf = NULL;
>  		return -ENOMEM;
>  	}
>  
> +	space->buf_size = buf_size;
>  	return 0;
>  }
>  
> @@ -311,8 +314,10 @@ int tpm2_prepare_space(struct tpm_chip *chip, struct tpm_space *space, u8 *cmd,
>  	       sizeof(space->context_tbl));
>  	memcpy(&chip->work_space.session_tbl, &space->session_tbl,
>  	       sizeof(space->session_tbl));
> -	memcpy(chip->work_space.context_buf, space->context_buf, PAGE_SIZE);
> -	memcpy(chip->work_space.session_buf, space->session_buf, PAGE_SIZE);
> +	memcpy(chip->work_space.context_buf, space->context_buf,
> +	       space->buf_size);
> +	memcpy(chip->work_space.session_buf, space->session_buf,
> +	       space->buf_size);
>  
>  	rc = tpm2_load_space(chip);
>  	if (rc) {
> @@ -492,7 +497,7 @@ static int tpm2_save_space(struct tpm_chip *chip)
>  			continue;
>  
>  		rc = tpm2_save_context(chip, space->context_tbl[i],
> -				       space->context_buf, PAGE_SIZE,
> +				       space->context_buf, space->buf_size,
>  				       &offset);
>  		if (rc == -ENOENT) {
>  			space->context_tbl[i] = 0;
> @@ -509,9 +514,8 @@ static int tpm2_save_space(struct tpm_chip *chip)
>  			continue;
>  
>  		rc = tpm2_save_context(chip, space->session_tbl[i],
> -				       space->session_buf, PAGE_SIZE,
> +				       space->session_buf, space->buf_size,
>  				       &offset);
> -
>  		if (rc == -ENOENT) {
>  			/* handle error saving session, just forget it */
>  			space->session_tbl[i] = 0;
> @@ -557,8 +561,10 @@ int tpm2_commit_space(struct tpm_chip *chip, struct tpm_space *space,
>  	       sizeof(space->context_tbl));
>  	memcpy(&space->session_tbl, &chip->work_space.session_tbl,
>  	       sizeof(space->session_tbl));
> -	memcpy(space->context_buf, chip->work_space.context_buf, PAGE_SIZE);
> -	memcpy(space->session_buf, chip->work_space.session_buf, PAGE_SIZE);
> +	memcpy(space->context_buf, chip->work_space.context_buf,
> +	       space->buf_size);
> +	memcpy(space->session_buf, chip->work_space.session_buf,
> +	       space->buf_size);
>  
>  	return 0;
>  out:
> diff --git a/drivers/char/tpm/tpmrm-dev.c b/drivers/char/tpm/tpmrm-dev.c
> index 7a0a7051a06f..eef0fb06ea83 100644
> --- a/drivers/char/tpm/tpmrm-dev.c
> +++ b/drivers/char/tpm/tpmrm-dev.c
> @@ -21,7 +21,7 @@ static int tpmrm_open(struct inode *inode, struct file *file)
>  	if (priv == NULL)
>  		return -ENOMEM;
>  
> -	rc = tpm2_init_space(&priv->space);
> +	rc = tpm2_init_space(&priv->space, TPM2_SPACE_BUFFER_SIZE);
>  	if (rc) {
>  		kfree(priv);
>  		return -ENOMEM;
> diff --git a/include/linux/tpm.h b/include/linux/tpm.h
> index 03e9b184411b..8f4ff39f51e7 100644
> --- a/include/linux/tpm.h
> +++ b/include/linux/tpm.h
> @@ -96,6 +96,7 @@ struct tpm_space {
>  	u8 *context_buf;
>  	u32 session_tbl[3];
>  	u8 *session_buf;
> +	u32 buf_size;
>  };
>  
>  struct tpm_bios_log {
> 

Re: FAILED: patch "[PATCH] tpm: Unify the mismatching TPM space buffer sizes" failed to apply to 4.14-stable tree

[Stefan Berger]

On 8/18/20 11:36 AM, Jarkko Sakkinen wrote:
> Stefan, are you concerned of not having this in 4.14 and 4.19?

Yes. The problematic scenario is when libtpms  is updated to a version 
(future v0.8.0) that supports 3072 bit RSA keys and software inside a VM 
is using /dev/tpmrm0 and things start failing because of this. My hope 
would be that the distro run inside the VM has a way forward and the 
long term stable kernels seem to help here. Because of this scenario I 
have to delay the release of libtpms v0.8.0 for several months.

    Stefan

Re: FAILED: patch "[PATCH] tpm: Unify the mismatching TPM space buffer sizes" failed to apply to 4.14-stable tree

[Stefan Berger]

On 8/18/20 2:54 PM, Stefan Berger wrote:
> On 8/18/20 11:36 AM, Jarkko Sakkinen wrote:
>> Stefan, are you concerned of not having this in 4.14 and 4.19?
>
> Yes. The problematic scenario is when libtpms  is updated to a version 
> (future v0.8.0) that supports 3072 bit RSA keys and software inside a 
> VM is using /dev/tpmrm0 and things start failing because of this. My 
> hope would be that the distro run inside the VM has a way forward and 
> the long term stable kernels seem to help here. Because of this 
> scenario I have to delay the release of libtpms v0.8.0 for several 
> months.
>
I just ported it to 4.19.139 and will try to do the port to 4.14.191++ 
as well. I will post it here once I ran some (basic) tests with it.

    Stefan

Re: FAILED: patch "[PATCH] tpm: Unify the mismatching TPM space buffer sizes" failed to apply to 4.14-stable tree

[Stefan Berger]

On 8/18/20 5:25 PM, Stefan Berger wrote:
> On 8/18/20 2:54 PM, Stefan Berger wrote:
>> On 8/18/20 11:36 AM, Jarkko Sakkinen wrote:
>>> Stefan, are you concerned of not having this in 4.14 and 4.19?
>>
>> Yes. The problematic scenario is when libtpms  is updated to a 
>> version (future v0.8.0) that supports 3072 bit RSA keys and software 
>> inside a VM is using /dev/tpmrm0 and things start failing because of 
>> this. My hope would be that the distro run inside the VM has a way 
>> forward and the long term stable kernels seem to help here. Because 
>> of this scenario I have to delay the release of libtpms v0.8.0 for 
>> several months.
>>
> I just ported it to 4.19.139 and will try to do the port to 4.14.191++ 
> as well. I will post it here once I ran some (basic) tests with it.

The porting is done and I tested the changes. The problem on these 
kernel versions is that I cannot recreate the problem (inside a VM).

On a host with libtpms-0.8.0 (tip of master) running a VM with attached 
vTPM and the guest running kernel 5.6.18-300.fc2 the following command 
line just hangs:

echo test | clevis encrypt tpm2 '{"key":"rsa"}' | clevis decrypt


dmesg shows:

tpm tpm0: tpm2_save_context: out of backing store

tpm2_commit_space: error -12


On these 4.14 and 4.19 kernels the expected output of 'test' just 
appears on the screen. The context swapping behavior seems to be different.

Though based on the benefits of the larger buffer size that may prevent 
unnecessary problems, if context swapping somehow kicks in, we should 
apply the patches there as well.

    Stefan