[PATCH v5 4/5] tpm: Allocate chip->auth in tpm2_start_auth_session()

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jarkko Sakkinen <jarkko@kernel.org>
To: linux-integrity@vger.kernel.org
Cc: James.Bottomley@HansenPartnership.com, roberto.sassu@huawei.com,
	mapengyu@gmail.com, Jarkko Sakkinen <jarkko@kernel.org>,
	stable@vger.kernel.org, Mimi Zohar <zohar@linux.ibm.com>,
	David Howells <dhowells@redhat.com>,
	Paul Moore <paul@paul-moore.com>,
	James Morris <jmorris@namei.org>,
	"Serge E. Hallyn" <serge@hallyn.com>,
	Peter Huewe <peterhuewe@gmx.de>, Jason Gunthorpe <jgg@ziepe.ca>,
	keyrings@vger.kernel.org, linux-security-module@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: [PATCH v5 4/5] tpm: Allocate chip->auth in tpm2_start_auth_session()
Date: Sat, 21 Sep 2024 15:08:04 +0300	[thread overview]
Message-ID: <20240921120811.1264985-5-jarkko@kernel.org> (raw)
In-Reply-To: <20240921120811.1264985-1-jarkko@kernel.org>

Move allocation of chip->auth to tpm2_start_auth_session() so that the
field can be used as flag to tell whether auth session is active or not.

Cc: stable@vger.kernel.org # v6.10+
Fixes: 699e3efd6c64 ("tpm: Add HMAC session start and end functions")
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
---
v5:
- No changes.
v4:
- Change to bug.
v3:
- No changes.
v2:
- A new patch.
---
 drivers/char/tpm/tpm2-sessions.c | 43 +++++++++++++++++++-------------
 1 file changed, 25 insertions(+), 18 deletions(-)

diff --git a/drivers/char/tpm/tpm2-sessions.c b/drivers/char/tpm/tpm2-sessions.c
index 1aef5b1f9c90..a8d3d5d52178 100644
--- a/drivers/char/tpm/tpm2-sessions.c
+++ b/drivers/char/tpm/tpm2-sessions.c
@@ -484,7 +484,8 @@ static void tpm2_KDFe(u8 z[EC_PT_SZ], const char *str, u8 *pt_u, u8 *pt_v,
 	sha256_final(&sctx, out);
 }
 
-static void tpm_buf_append_salt(struct tpm_buf *buf, struct tpm_chip *chip)
+static void tpm_buf_append_salt(struct tpm_buf *buf, struct tpm_chip *chip,
+				struct tpm2_auth *auth)
 {
 	struct crypto_kpp *kpp;
 	struct kpp_request *req;
@@ -543,7 +544,7 @@ static void tpm_buf_append_salt(struct tpm_buf *buf, struct tpm_chip *chip)
 	sg_set_buf(&s[0], chip->null_ec_key_x, EC_PT_SZ);
 	sg_set_buf(&s[1], chip->null_ec_key_y, EC_PT_SZ);
 	kpp_request_set_input(req, s, EC_PT_SZ*2);
-	sg_init_one(d, chip->auth->salt, EC_PT_SZ);
+	sg_init_one(d, auth->salt, EC_PT_SZ);
 	kpp_request_set_output(req, d, EC_PT_SZ);
 	crypto_kpp_compute_shared_secret(req);
 	kpp_request_free(req);
@@ -554,8 +555,7 @@ static void tpm_buf_append_salt(struct tpm_buf *buf, struct tpm_chip *chip)
 	 * This works because KDFe fully consumes the secret before it
 	 * writes the salt
 	 */
-	tpm2_KDFe(chip->auth->salt, "SECRET", x, chip->null_ec_key_x,
-		  chip->auth->salt);
+	tpm2_KDFe(auth->salt, "SECRET", x, chip->null_ec_key_x, auth->salt);
 
  out:
 	crypto_free_kpp(kpp);
@@ -854,6 +854,8 @@ int tpm_buf_check_hmac_response(struct tpm_chip *chip, struct tpm_buf *buf,
 			/* manually close the session if it wasn't consumed */
 			tpm2_flush_context(chip, auth->handle);
 		memzero_explicit(auth, sizeof(*auth));
+		kfree(auth);
+		chip->auth = NULL;
 	} else {
 		/* reset for next use  */
 		auth->session = TPM_HEADER_SIZE;
@@ -882,6 +884,8 @@ void tpm2_end_auth_session(struct tpm_chip *chip)
 
 	tpm2_flush_context(chip, auth->handle);
 	memzero_explicit(auth, sizeof(*auth));
+	kfree(auth);
+	chip->auth = NULL;
 }
 EXPORT_SYMBOL(tpm2_end_auth_session);
 
@@ -970,25 +974,29 @@ static int tpm2_load_null(struct tpm_chip *chip, u32 *null_key)
  */
 int tpm2_start_auth_session(struct tpm_chip *chip)
 {
+	struct tpm2_auth *auth;
 	struct tpm_buf buf;
-	struct tpm2_auth *auth = chip->auth;
-	int rc;
 	u32 null_key;
+	int rc;
 
-	if (!auth) {
-		dev_warn_once(&chip->dev, "auth session is not active\n");
+	if (chip->auth) {
+		dev_warn_once(&chip->dev, "auth session is active\n");
 		return 0;
 	}
 
+	auth = kzalloc(sizeof(*auth), GFP_KERNEL);
+	if (!auth)
+		return -ENOMEM;
+
 	rc = tpm2_load_null(chip, &null_key);
 	if (rc)
-		goto out;
+		goto err;
 
 	auth->session = TPM_HEADER_SIZE;
 
 	rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_START_AUTH_SESS);
 	if (rc)
-		goto out;
+		goto err;
 
 	/* salt key handle */
 	tpm_buf_append_u32(&buf, null_key);
@@ -1000,7 +1008,7 @@ int tpm2_start_auth_session(struct tpm_chip *chip)
 	tpm_buf_append(&buf, auth->our_nonce, sizeof(auth->our_nonce));
 
 	/* append encrypted salt and squirrel away unencrypted in auth */
-	tpm_buf_append_salt(&buf, chip);
+	tpm_buf_append_salt(&buf, chip, auth);
 	/* session type (HMAC, audit or policy) */
 	tpm_buf_append_u8(&buf, TPM2_SE_HMAC);
 
@@ -1021,10 +1029,13 @@ int tpm2_start_auth_session(struct tpm_chip *chip)
 
 	tpm_buf_destroy(&buf);
 
-	if (rc)
-		goto out;
+	if (rc == TPM2_RC_SUCCESS) {
+		chip->auth = auth;
+		return 0;
+	}
 
- out:
+err:
+	kfree(auth);
 	return rc;
 }
 EXPORT_SYMBOL(tpm2_start_auth_session);
@@ -1371,10 +1382,6 @@ int tpm2_sessions_init(struct tpm_chip *chip)
 	if (rc)
 		return rc;
 
-	chip->auth = kmalloc(sizeof(*chip->auth), GFP_KERNEL);
-	if (!chip->auth)
-		return -ENOMEM;
-
 	return rc;
 }
 #endif /* CONFIG_TCG_TPM2_HMAC */
-- 
2.46.1

next prev parent reply	other threads:[~2024-09-21 12:08 UTC|newest]

Thread overview: 44+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-09-21 12:08 [PATCH v5 0/5] Lazy flush for the auth session Jarkko Sakkinen
2024-09-21 12:08 ` [PATCH v5 1/5] tpm: Return on tpm2_create_null_primary() failure Jarkko Sakkinen
2024-10-03 14:57   ` Stefan Berger
2024-10-07 23:47     ` Jarkko Sakkinen
2024-09-21 12:08 ` [PATCH v5 2/5] tpm: Implement tpm2_load_null() rollback Jarkko Sakkinen
2024-10-03 15:27   ` Stefan Berger
2024-09-21 12:08 ` [PATCH v5 3/5] tpm: flush the null key only when /dev/tpm0 is accessed Jarkko Sakkinen
2024-09-21 12:08 ` Jarkko Sakkinen [this message]
2024-09-24 13:33   ` [PATCH v5 4/5] tpm: Allocate chip->auth in tpm2_start_auth_session() James Bottomley
2024-09-24 16:13     ` Jarkko Sakkinen
2024-09-24 18:13     ` Jarkko Sakkinen
2024-09-21 12:08 ` [PATCH v5 5/5] tpm: flush the auth session only when /dev/tpm0 is open Jarkko Sakkinen
2024-09-24 13:43   ` James Bottomley
2024-09-24 16:13     ` Jarkko Sakkinen
2024-09-24 18:07     ` Jarkko Sakkinen
2024-09-24 18:40       ` James Bottomley
2024-09-24 21:35         ` Jarkko Sakkinen
2024-09-24 21:51           ` James Bottomley
2024-09-25  7:42             ` Jarkko Sakkinen
2024-09-25  7:46               ` Jarkko Sakkinen
2024-09-25  7:53                 ` Jarkko Sakkinen
2024-09-21 12:36 ` [PATCH v5 0/5] Lazy flush for the auth session Paul Menzel
2024-09-21 13:13   ` Jarkko Sakkinen
2024-09-21 14:38     ` Jarkko Sakkinen
2024-09-22 17:51 ` Jarkko Sakkinen
2024-09-24 13:48   ` James Bottomley
2024-09-24 16:29     ` Jarkko Sakkinen
2024-09-24 16:33       ` James Bottomley
2024-09-24 16:36         ` Jarkko Sakkinen
2024-09-24 17:26           ` Jarkko Sakkinen
2024-09-24 17:28             ` Jarkko Sakkinen
2024-09-24 18:01               ` Jarkko Sakkinen
2024-10-01 18:10   ` Mimi Zohar
2024-10-07 23:45     ` Jarkko Sakkinen
2024-10-03 15:14 ` Stefan Berger
2024-10-07 23:49   ` Jarkko Sakkinen
2024-10-11 14:06 ` Jarkko Sakkinen
2024-10-11 16:10   ` Roberto Sassu
2024-10-11 16:25     ` Jarkko Sakkinen
2024-10-12 10:56       ` Jarkko Sakkinen
2024-10-14 11:45         ` Mimi Zohar
2024-10-14 12:34           ` Jarkko Sakkinen
2024-10-15 20:08             ` Mimi Zohar
2024-10-15 22:14               ` Jarkko Sakkinen

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:1aef5b1f9c9 dfblob:a8d3d5d5217 )
 OR (
bs:"[PATCH v5 4/5] tpm: Allocate chip->auth in tpm2_start_auth_session()" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240921120811.1264985-5-jarkko@kernel.org \
    --to=jarkko@kernel.org \
    --cc=James.Bottomley@HansenPartnership.com \
    --cc=dhowells@redhat.com \
    --cc=jgg@ziepe.ca \
    --cc=jmorris@namei.org \
    --cc=keyrings@vger.kernel.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=mapengyu@gmail.com \
    --cc=paul@paul-moore.com \
    --cc=peterhuewe@gmx.de \
    --cc=roberto.sassu@huawei.com \
    --cc=serge@hallyn.com \
    --cc=stable@vger.kernel.org \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.