* [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks
2017-01-20 17:05 [PATCH v6 0/2] enhance TPM 2.0 extend function to support multiple PCR banks Nayna Jain
@ 2017-01-20 17:05 ` Nayna Jain
0 siblings, 0 replies; 14+ messages in thread
From: Nayna Jain @ 2017-01-20 17:05 UTC (permalink / raw)
To: tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA
The current TPM 2.0 device driver extends only the SHA1 PCR bank
but the TCG Specification[1] recommends extending all active PCR
banks, to prevent malicious users from setting unused PCR banks with
fake measurements and quoting them.
The existing in-kernel interface(tpm_pcr_extend()) expects only a
SHA1 digest. To extend all active PCR banks with differing
digest sizes, the SHA1 digest is padded with trailing 0's as needed.
This patch reuses the defined digest sizes from the crypto subsystem,
adding a dependency on CRYPTO_HASH_INFO module.
[1] TPM 2.0 Specification referred here is "TCG PC Client Specific
Platform Firmware Profile for TPM 2.0"
Signed-off-by: Nayna Jain <nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
---
drivers/char/tpm/Kconfig | 1 +
drivers/char/tpm/tpm-interface.c | 15 ++++++-
drivers/char/tpm/tpm.h | 3 +-
drivers/char/tpm/tpm2-cmd.c | 91 +++++++++++++++++++++-------------------
drivers/char/tpm/tpm_eventlog.h | 7 ++++
5 files changed, 73 insertions(+), 44 deletions(-)
diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
index 277186d..af985cc 100644
--- a/drivers/char/tpm/Kconfig
+++ b/drivers/char/tpm/Kconfig
@@ -6,6 +6,7 @@ menuconfig TCG_TPM
tristate "TPM Hardware Support"
depends on HAS_IOMEM
select SECURITYFS
+ select CRYPTO_HASH_INFO
---help---
If you have a TPM security chip in your system, which
implements the Trusted Computing Group's specification,
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index a3461cb..cf959c3 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -772,13 +772,26 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
struct tpm_cmd_t cmd;
int rc;
struct tpm_chip *chip;
+ int max_active_banks = ARRAY_SIZE(chip->active_banks);
+ struct tpm2_digest digest_list[max_active_banks];
+ u32 count = 0;
+ int i;
chip = tpm_chip_find_get(chip_num);
if (chip == NULL)
return -ENODEV;
if (chip->flags & TPM_CHIP_FLAG_TPM2) {
- rc = tpm2_pcr_extend(chip, pcr_idx, hash);
+ memset(digest_list, 0, sizeof(digest_list));
+
+ for (i = 0; (chip->active_banks[i] != TPM2_ALG_ERROR) &&
+ (i < max_active_banks); i++) {
+ digest_list[i].alg_id = chip->active_banks[i];
+ memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
+ count++;
+ }
+
+ rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
tpm_put_ops(chip);
return rc;
}
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index c291f19..07a0677 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -534,7 +534,8 @@ static inline void tpm_add_ppi(struct tpm_chip *chip)
#endif
int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
-int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
+int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
+ struct tpm2_digest *digests);
int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
int tpm2_seal_trusted(struct tpm_chip *chip,
struct trusted_key_payload *payload,
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 0e000a3..d78adb8 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -53,22 +53,6 @@ struct tpm2_pcr_read_out {
u8 digest[TPM_DIGEST_SIZE];
} __packed;
-struct tpm2_null_auth_area {
- __be32 handle;
- __be16 nonce_size;
- u8 attributes;
- __be16 auth_size;
-} __packed;
-
-struct tpm2_pcr_extend_in {
- __be32 pcr_idx;
- __be32 auth_area_size;
- struct tpm2_null_auth_area auth_area;
- __be32 digest_cnt;
- __be16 hash_alg;
- u8 digest[TPM_DIGEST_SIZE];
-} __packed;
-
struct tpm2_get_tpm_pt_in {
__be32 cap_id;
__be32 property_id;
@@ -97,7 +81,6 @@ union tpm2_cmd_params {
struct tpm2_self_test_in selftest_in;
struct tpm2_pcr_read_in pcrread_in;
struct tpm2_pcr_read_out pcrread_out;
- struct tpm2_pcr_extend_in pcrextend_in;
struct tpm2_get_tpm_pt_in get_tpm_pt_in;
struct tpm2_get_tpm_pt_out get_tpm_pt_out;
struct tpm2_get_random_in getrandom_in;
@@ -290,46 +273,68 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
return rc;
}
-#define TPM2_GET_PCREXTEND_IN_SIZE \
- (sizeof(struct tpm_input_header) + \
- sizeof(struct tpm2_pcr_extend_in))
-
-static const struct tpm_input_header tpm2_pcrextend_header = {
- .tag = cpu_to_be16(TPM2_ST_SESSIONS),
- .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE),
- .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND)
-};
+struct tpm2_null_auth_area {
+ __be32 handle;
+ __be16 nonce_size;
+ u8 attributes;
+ __be16 auth_size;
+} __packed;
/**
* tpm2_pcr_extend() - extend a PCR value
*
* @chip: TPM chip to use.
* @pcr_idx: index of the PCR.
- * @hash: hash value to use for the extend operation.
+ * @count: number of digests passed.
+ * @digests: list of pcr banks and corresponding digest values to extend.
*
* Return: Same as with tpm_transmit_cmd.
*/
-int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
+int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
+ struct tpm2_digest *digests)
{
- struct tpm2_cmd cmd;
+ struct tpm_buf buf;
+ struct tpm2_null_auth_area auth_area;
int rc;
+ int i;
+ int j;
+
+ if (count > ARRAY_SIZE(chip->active_banks))
+ return -EINVAL;
- cmd.header.in = tpm2_pcrextend_header;
- cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
- cmd.params.pcrextend_in.auth_area_size =
- cpu_to_be32(sizeof(struct tpm2_null_auth_area));
- cmd.params.pcrextend_in.auth_area.handle =
- cpu_to_be32(TPM2_RS_PW);
- cmd.params.pcrextend_in.auth_area.nonce_size = 0;
- cmd.params.pcrextend_in.auth_area.attributes = 0;
- cmd.params.pcrextend_in.auth_area.auth_size = 0;
- cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1);
- cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
- memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE);
+ rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
+ if (rc)
+ return rc;
- rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
+ tpm_buf_append_u32(&buf, pcr_idx);
+
+ auth_area.handle = cpu_to_be32(TPM2_RS_PW);
+ auth_area.nonce_size = 0;
+ auth_area.attributes = 0;
+ auth_area.auth_size = 0;
+
+ tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
+ tpm_buf_append(&buf, (const unsigned char *)&auth_area,
+ sizeof(auth_area));
+ tpm_buf_append_u32(&buf, count);
+
+ for (i = 0; i < count; i++) {
+ for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) {
+ if (digests[i].alg_id != tpm2_hash_map[j].tpm_id)
+ continue;
+
+ tpm_buf_append_u16(&buf, digests[i].alg_id);
+ tpm_buf_append(&buf, (const unsigned char
+ *)&digests[i].digest,
+ hash_digest_size[tpm2_hash_map[j].crypto_id]);
+ }
+ }
+
+ rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0,
"attempting extend a PCR value");
+ tpm_buf_destroy(&buf);
+
return rc;
}
@@ -993,6 +998,8 @@ int tpm2_auto_startup(struct tpm_chip *chip)
}
}
+ rc = tpm2_get_pcr_allocation(chip);
+
out:
if (rc > 0)
rc = -ENODEV;
diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h
index 1660d74..b5ae372 100644
--- a/drivers/char/tpm/tpm_eventlog.h
+++ b/drivers/char/tpm/tpm_eventlog.h
@@ -2,6 +2,8 @@
#ifndef __TPM_EVENTLOG_H__
#define __TPM_EVENTLOG_H__
+#include <crypto/hash_info.h>
+
#define TCG_EVENT_NAME_LEN_MAX 255
#define MAX_TEXT_EVENT 1000 /* Max event string length */
#define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */
@@ -73,6 +75,11 @@ enum tcpa_pc_event_ids {
HOST_TABLE_OF_DEVICES,
};
+struct tpm2_digest {
+ u16 alg_id;
+ u8 digest[SHA512_DIGEST_SIZE];
+} __packed;
+
#if defined(CONFIG_ACPI)
int tpm_read_log_acpi(struct tpm_chip *chip);
#else
--
2.5.0
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
^ permalink raw reply related [flat|nested] 14+ messages in thread
* [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks
@ 2017-01-20 17:05 ` Nayna Jain
0 siblings, 0 replies; 14+ messages in thread
From: Nayna Jain @ 2017-01-20 17:05 UTC (permalink / raw)
To: tpmdd-devel
Cc: peterhuewe, tpmdd, jarkko.sakkinen, jgunthorpe,
linux-security-module, linux-kernel, Nayna Jain
The current TPM 2.0 device driver extends only the SHA1 PCR bank
but the TCG Specification[1] recommends extending all active PCR
banks, to prevent malicious users from setting unused PCR banks with
fake measurements and quoting them.
The existing in-kernel interface(tpm_pcr_extend()) expects only a
SHA1 digest. To extend all active PCR banks with differing
digest sizes, the SHA1 digest is padded with trailing 0's as needed.
This patch reuses the defined digest sizes from the crypto subsystem,
adding a dependency on CRYPTO_HASH_INFO module.
[1] TPM 2.0 Specification referred here is "TCG PC Client Specific
Platform Firmware Profile for TPM 2.0"
Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
drivers/char/tpm/Kconfig | 1 +
drivers/char/tpm/tpm-interface.c | 15 ++++++-
drivers/char/tpm/tpm.h | 3 +-
drivers/char/tpm/tpm2-cmd.c | 91 +++++++++++++++++++++-------------------
drivers/char/tpm/tpm_eventlog.h | 7 ++++
5 files changed, 73 insertions(+), 44 deletions(-)
diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
index 277186d..af985cc 100644
--- a/drivers/char/tpm/Kconfig
+++ b/drivers/char/tpm/Kconfig
@@ -6,6 +6,7 @@ menuconfig TCG_TPM
tristate "TPM Hardware Support"
depends on HAS_IOMEM
select SECURITYFS
+ select CRYPTO_HASH_INFO
---help---
If you have a TPM security chip in your system, which
implements the Trusted Computing Group's specification,
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index a3461cb..cf959c3 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -772,13 +772,26 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
struct tpm_cmd_t cmd;
int rc;
struct tpm_chip *chip;
+ int max_active_banks = ARRAY_SIZE(chip->active_banks);
+ struct tpm2_digest digest_list[max_active_banks];
+ u32 count = 0;
+ int i;
chip = tpm_chip_find_get(chip_num);
if (chip == NULL)
return -ENODEV;
if (chip->flags & TPM_CHIP_FLAG_TPM2) {
- rc = tpm2_pcr_extend(chip, pcr_idx, hash);
+ memset(digest_list, 0, sizeof(digest_list));
+
+ for (i = 0; (chip->active_banks[i] != TPM2_ALG_ERROR) &&
+ (i < max_active_banks); i++) {
+ digest_list[i].alg_id = chip->active_banks[i];
+ memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
+ count++;
+ }
+
+ rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
tpm_put_ops(chip);
return rc;
}
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index c291f19..07a0677 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -534,7 +534,8 @@ static inline void tpm_add_ppi(struct tpm_chip *chip)
#endif
int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
-int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
+int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
+ struct tpm2_digest *digests);
int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
int tpm2_seal_trusted(struct tpm_chip *chip,
struct trusted_key_payload *payload,
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 0e000a3..d78adb8 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -53,22 +53,6 @@ struct tpm2_pcr_read_out {
u8 digest[TPM_DIGEST_SIZE];
} __packed;
-struct tpm2_null_auth_area {
- __be32 handle;
- __be16 nonce_size;
- u8 attributes;
- __be16 auth_size;
-} __packed;
-
-struct tpm2_pcr_extend_in {
- __be32 pcr_idx;
- __be32 auth_area_size;
- struct tpm2_null_auth_area auth_area;
- __be32 digest_cnt;
- __be16 hash_alg;
- u8 digest[TPM_DIGEST_SIZE];
-} __packed;
-
struct tpm2_get_tpm_pt_in {
__be32 cap_id;
__be32 property_id;
@@ -97,7 +81,6 @@ union tpm2_cmd_params {
struct tpm2_self_test_in selftest_in;
struct tpm2_pcr_read_in pcrread_in;
struct tpm2_pcr_read_out pcrread_out;
- struct tpm2_pcr_extend_in pcrextend_in;
struct tpm2_get_tpm_pt_in get_tpm_pt_in;
struct tpm2_get_tpm_pt_out get_tpm_pt_out;
struct tpm2_get_random_in getrandom_in;
@@ -290,46 +273,68 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
return rc;
}
-#define TPM2_GET_PCREXTEND_IN_SIZE \
- (sizeof(struct tpm_input_header) + \
- sizeof(struct tpm2_pcr_extend_in))
-
-static const struct tpm_input_header tpm2_pcrextend_header = {
- .tag = cpu_to_be16(TPM2_ST_SESSIONS),
- .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE),
- .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND)
-};
+struct tpm2_null_auth_area {
+ __be32 handle;
+ __be16 nonce_size;
+ u8 attributes;
+ __be16 auth_size;
+} __packed;
/**
* tpm2_pcr_extend() - extend a PCR value
*
* @chip: TPM chip to use.
* @pcr_idx: index of the PCR.
- * @hash: hash value to use for the extend operation.
+ * @count: number of digests passed.
+ * @digests: list of pcr banks and corresponding digest values to extend.
*
* Return: Same as with tpm_transmit_cmd.
*/
-int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
+int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
+ struct tpm2_digest *digests)
{
- struct tpm2_cmd cmd;
+ struct tpm_buf buf;
+ struct tpm2_null_auth_area auth_area;
int rc;
+ int i;
+ int j;
+
+ if (count > ARRAY_SIZE(chip->active_banks))
+ return -EINVAL;
- cmd.header.in = tpm2_pcrextend_header;
- cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
- cmd.params.pcrextend_in.auth_area_size =
- cpu_to_be32(sizeof(struct tpm2_null_auth_area));
- cmd.params.pcrextend_in.auth_area.handle =
- cpu_to_be32(TPM2_RS_PW);
- cmd.params.pcrextend_in.auth_area.nonce_size = 0;
- cmd.params.pcrextend_in.auth_area.attributes = 0;
- cmd.params.pcrextend_in.auth_area.auth_size = 0;
- cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1);
- cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
- memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE);
+ rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
+ if (rc)
+ return rc;
- rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
+ tpm_buf_append_u32(&buf, pcr_idx);
+
+ auth_area.handle = cpu_to_be32(TPM2_RS_PW);
+ auth_area.nonce_size = 0;
+ auth_area.attributes = 0;
+ auth_area.auth_size = 0;
+
+ tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
+ tpm_buf_append(&buf, (const unsigned char *)&auth_area,
+ sizeof(auth_area));
+ tpm_buf_append_u32(&buf, count);
+
+ for (i = 0; i < count; i++) {
+ for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) {
+ if (digests[i].alg_id != tpm2_hash_map[j].tpm_id)
+ continue;
+
+ tpm_buf_append_u16(&buf, digests[i].alg_id);
+ tpm_buf_append(&buf, (const unsigned char
+ *)&digests[i].digest,
+ hash_digest_size[tpm2_hash_map[j].crypto_id]);
+ }
+ }
+
+ rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0,
"attempting extend a PCR value");
+ tpm_buf_destroy(&buf);
+
return rc;
}
@@ -993,6 +998,8 @@ int tpm2_auto_startup(struct tpm_chip *chip)
}
}
+ rc = tpm2_get_pcr_allocation(chip);
+
out:
if (rc > 0)
rc = -ENODEV;
diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h
index 1660d74..b5ae372 100644
--- a/drivers/char/tpm/tpm_eventlog.h
+++ b/drivers/char/tpm/tpm_eventlog.h
@@ -2,6 +2,8 @@
#ifndef __TPM_EVENTLOG_H__
#define __TPM_EVENTLOG_H__
+#include <crypto/hash_info.h>
+
#define TCG_EVENT_NAME_LEN_MAX 255
#define MAX_TEXT_EVENT 1000 /* Max event string length */
#define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */
@@ -73,6 +75,11 @@ enum tcpa_pc_event_ids {
HOST_TABLE_OF_DEVICES,
};
+struct tpm2_digest {
+ u16 alg_id;
+ u8 digest[SHA512_DIGEST_SIZE];
+} __packed;
+
#if defined(CONFIG_ACPI)
int tpm_read_log_acpi(struct tpm_chip *chip);
#else
--
2.5.0
^ permalink raw reply related [flat|nested] 14+ messages in thread
* Re: [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks
2017-01-20 17:05 ` Nayna Jain
@ 2017-01-23 15:19 ` Jarkko Sakkinen
-1 siblings, 0 replies; 14+ messages in thread
From: Jarkko Sakkinen @ 2017-01-23 15:19 UTC (permalink / raw)
To: Nayna Jain
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA,
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
On Fri, Jan 20, 2017 at 12:05:13PM -0500, Nayna Jain wrote:
> The current TPM 2.0 device driver extends only the SHA1 PCR bank
> but the TCG Specification[1] recommends extending all active PCR
> banks, to prevent malicious users from setting unused PCR banks with
> fake measurements and quoting them.
>
> The existing in-kernel interface(tpm_pcr_extend()) expects only a
> SHA1 digest. To extend all active PCR banks with differing
> digest sizes, the SHA1 digest is padded with trailing 0's as needed.
>
> This patch reuses the defined digest sizes from the crypto subsystem,
> adding a dependency on CRYPTO_HASH_INFO module.
>
> [1] TPM 2.0 Specification referred here is "TCG PC Client Specific
> Platform Firmware Profile for TPM 2.0"
>
> Signed-off-by: Nayna Jain <nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
> ---
> drivers/char/tpm/Kconfig | 1 +
> drivers/char/tpm/tpm-interface.c | 15 ++++++-
> drivers/char/tpm/tpm.h | 3 +-
> drivers/char/tpm/tpm2-cmd.c | 91 +++++++++++++++++++++-------------------
> drivers/char/tpm/tpm_eventlog.h | 7 ++++
> 5 files changed, 73 insertions(+), 44 deletions(-)
>
> diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
> index 277186d..af985cc 100644
> --- a/drivers/char/tpm/Kconfig
> +++ b/drivers/char/tpm/Kconfig
> @@ -6,6 +6,7 @@ menuconfig TCG_TPM
> tristate "TPM Hardware Support"
> depends on HAS_IOMEM
> select SECURITYFS
> + select CRYPTO_HASH_INFO
> ---help---
> If you have a TPM security chip in your system, which
> implements the Trusted Computing Group's specification,
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index a3461cb..cf959c3 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -772,13 +772,26 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
> struct tpm_cmd_t cmd;
> int rc;
> struct tpm_chip *chip;
> + int max_active_banks = ARRAY_SIZE(chip->active_banks);
> + struct tpm2_digest digest_list[max_active_banks];
> + u32 count = 0;
> + int i;
>
> chip = tpm_chip_find_get(chip_num);
> if (chip == NULL)
> return -ENODEV;
>
> if (chip->flags & TPM_CHIP_FLAG_TPM2) {
> - rc = tpm2_pcr_extend(chip, pcr_idx, hash);
> + memset(digest_list, 0, sizeof(digest_list));
> +
> + for (i = 0; (chip->active_banks[i] != TPM2_ALG_ERROR) &&
> + (i < max_active_banks); i++) {
> + digest_list[i].alg_id = chip->active_banks[i];
> + memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
> + count++;
> + }
> +
> + rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
> tpm_put_ops(chip);
> return rc;
> }
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index c291f19..07a0677 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -534,7 +534,8 @@ static inline void tpm_add_ppi(struct tpm_chip *chip)
> #endif
>
> int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
> +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> + struct tpm2_digest *digests);
> int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
> int tpm2_seal_trusted(struct tpm_chip *chip,
> struct trusted_key_payload *payload,
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index 0e000a3..d78adb8 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -53,22 +53,6 @@ struct tpm2_pcr_read_out {
> u8 digest[TPM_DIGEST_SIZE];
> } __packed;
>
> -struct tpm2_null_auth_area {
> - __be32 handle;
> - __be16 nonce_size;
> - u8 attributes;
> - __be16 auth_size;
> -} __packed;
> -
> -struct tpm2_pcr_extend_in {
> - __be32 pcr_idx;
> - __be32 auth_area_size;
> - struct tpm2_null_auth_area auth_area;
> - __be32 digest_cnt;
> - __be16 hash_alg;
> - u8 digest[TPM_DIGEST_SIZE];
> -} __packed;
> -
> struct tpm2_get_tpm_pt_in {
> __be32 cap_id;
> __be32 property_id;
> @@ -97,7 +81,6 @@ union tpm2_cmd_params {
> struct tpm2_self_test_in selftest_in;
> struct tpm2_pcr_read_in pcrread_in;
> struct tpm2_pcr_read_out pcrread_out;
> - struct tpm2_pcr_extend_in pcrextend_in;
> struct tpm2_get_tpm_pt_in get_tpm_pt_in;
> struct tpm2_get_tpm_pt_out get_tpm_pt_out;
> struct tpm2_get_random_in getrandom_in;
> @@ -290,46 +273,68 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> return rc;
> }
>
> -#define TPM2_GET_PCREXTEND_IN_SIZE \
> - (sizeof(struct tpm_input_header) + \
> - sizeof(struct tpm2_pcr_extend_in))
> -
> -static const struct tpm_input_header tpm2_pcrextend_header = {
> - .tag = cpu_to_be16(TPM2_ST_SESSIONS),
> - .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE),
> - .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND)
> -};
> +struct tpm2_null_auth_area {
> + __be32 handle;
> + __be16 nonce_size;
> + u8 attributes;
> + __be16 auth_size;
> +} __packed;
>
> /**
> * tpm2_pcr_extend() - extend a PCR value
> *
> * @chip: TPM chip to use.
> * @pcr_idx: index of the PCR.
> - * @hash: hash value to use for the extend operation.
> + * @count: number of digests passed.
> + * @digests: list of pcr banks and corresponding digest values to extend.
> *
> * Return: Same as with tpm_transmit_cmd.
> */
> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
> +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> + struct tpm2_digest *digests)
> {
> - struct tpm2_cmd cmd;
> + struct tpm_buf buf;
> + struct tpm2_null_auth_area auth_area;
> int rc;
> + int i;
> + int j;
> +
> + if (count > ARRAY_SIZE(chip->active_banks))
> + return -EINVAL;
>
> - cmd.header.in = tpm2_pcrextend_header;
> - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
> - cmd.params.pcrextend_in.auth_area_size =
> - cpu_to_be32(sizeof(struct tpm2_null_auth_area));
> - cmd.params.pcrextend_in.auth_area.handle =
> - cpu_to_be32(TPM2_RS_PW);
> - cmd.params.pcrextend_in.auth_area.nonce_size = 0;
> - cmd.params.pcrextend_in.auth_area.attributes = 0;
> - cmd.params.pcrextend_in.auth_area.auth_size = 0;
> - cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1);
> - cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
> - memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE);
> + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
> + if (rc)
> + return rc;
>
> - rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
> + tpm_buf_append_u32(&buf, pcr_idx);
> +
> + auth_area.handle = cpu_to_be32(TPM2_RS_PW);
> + auth_area.nonce_size = 0;
> + auth_area.attributes = 0;
> + auth_area.auth_size = 0;
> +
> + tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
> + tpm_buf_append(&buf, (const unsigned char *)&auth_area,
> + sizeof(auth_area));
> + tpm_buf_append_u32(&buf, count);
> +
> + for (i = 0; i < count; i++) {
> + for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) {
> + if (digests[i].alg_id != tpm2_hash_map[j].tpm_id)
> + continue;
> +
> + tpm_buf_append_u16(&buf, digests[i].alg_id);
> + tpm_buf_append(&buf, (const unsigned char
> + *)&digests[i].digest,
> + hash_digest_size[tpm2_hash_map[j].crypto_id]);
> + }
> + }
> +
> + rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0,
> "attempting extend a PCR value");
>
> + tpm_buf_destroy(&buf);
> +
> return rc;
> }
>
> @@ -993,6 +998,8 @@ int tpm2_auto_startup(struct tpm_chip *chip)
> }
> }
>
> + rc = tpm2_get_pcr_allocation(chip);
> +
> out:
> if (rc > 0)
> rc = -ENODEV;
> diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h
> index 1660d74..b5ae372 100644
> --- a/drivers/char/tpm/tpm_eventlog.h
> +++ b/drivers/char/tpm/tpm_eventlog.h
> @@ -2,6 +2,8 @@
> #ifndef __TPM_EVENTLOG_H__
> #define __TPM_EVENTLOG_H__
>
> +#include <crypto/hash_info.h>
> +
> #define TCG_EVENT_NAME_LEN_MAX 255
> #define MAX_TEXT_EVENT 1000 /* Max event string length */
> #define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */
> @@ -73,6 +75,11 @@ enum tcpa_pc_event_ids {
> HOST_TABLE_OF_DEVICES,
> };
>
> +struct tpm2_digest {
> + u16 alg_id;
> + u8 digest[SHA512_DIGEST_SIZE];
> +} __packed;
Shouldn't this be in tpm.h?
/Jarkko
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks
@ 2017-01-23 15:19 ` Jarkko Sakkinen
0 siblings, 0 replies; 14+ messages in thread
From: Jarkko Sakkinen @ 2017-01-23 15:19 UTC (permalink / raw)
To: Nayna Jain
Cc: tpmdd-devel, peterhuewe, tpmdd, jgunthorpe, linux-security-module,
linux-kernel
On Fri, Jan 20, 2017 at 12:05:13PM -0500, Nayna Jain wrote:
> The current TPM 2.0 device driver extends only the SHA1 PCR bank
> but the TCG Specification[1] recommends extending all active PCR
> banks, to prevent malicious users from setting unused PCR banks with
> fake measurements and quoting them.
>
> The existing in-kernel interface(tpm_pcr_extend()) expects only a
> SHA1 digest. To extend all active PCR banks with differing
> digest sizes, the SHA1 digest is padded with trailing 0's as needed.
>
> This patch reuses the defined digest sizes from the crypto subsystem,
> adding a dependency on CRYPTO_HASH_INFO module.
>
> [1] TPM 2.0 Specification referred here is "TCG PC Client Specific
> Platform Firmware Profile for TPM 2.0"
>
> Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
> drivers/char/tpm/Kconfig | 1 +
> drivers/char/tpm/tpm-interface.c | 15 ++++++-
> drivers/char/tpm/tpm.h | 3 +-
> drivers/char/tpm/tpm2-cmd.c | 91 +++++++++++++++++++++-------------------
> drivers/char/tpm/tpm_eventlog.h | 7 ++++
> 5 files changed, 73 insertions(+), 44 deletions(-)
>
> diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
> index 277186d..af985cc 100644
> --- a/drivers/char/tpm/Kconfig
> +++ b/drivers/char/tpm/Kconfig
> @@ -6,6 +6,7 @@ menuconfig TCG_TPM
> tristate "TPM Hardware Support"
> depends on HAS_IOMEM
> select SECURITYFS
> + select CRYPTO_HASH_INFO
> ---help---
> If you have a TPM security chip in your system, which
> implements the Trusted Computing Group's specification,
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index a3461cb..cf959c3 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -772,13 +772,26 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
> struct tpm_cmd_t cmd;
> int rc;
> struct tpm_chip *chip;
> + int max_active_banks = ARRAY_SIZE(chip->active_banks);
> + struct tpm2_digest digest_list[max_active_banks];
> + u32 count = 0;
> + int i;
>
> chip = tpm_chip_find_get(chip_num);
> if (chip == NULL)
> return -ENODEV;
>
> if (chip->flags & TPM_CHIP_FLAG_TPM2) {
> - rc = tpm2_pcr_extend(chip, pcr_idx, hash);
> + memset(digest_list, 0, sizeof(digest_list));
> +
> + for (i = 0; (chip->active_banks[i] != TPM2_ALG_ERROR) &&
> + (i < max_active_banks); i++) {
> + digest_list[i].alg_id = chip->active_banks[i];
> + memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
> + count++;
> + }
> +
> + rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
> tpm_put_ops(chip);
> return rc;
> }
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index c291f19..07a0677 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -534,7 +534,8 @@ static inline void tpm_add_ppi(struct tpm_chip *chip)
> #endif
>
> int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
> +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> + struct tpm2_digest *digests);
> int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
> int tpm2_seal_trusted(struct tpm_chip *chip,
> struct trusted_key_payload *payload,
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index 0e000a3..d78adb8 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -53,22 +53,6 @@ struct tpm2_pcr_read_out {
> u8 digest[TPM_DIGEST_SIZE];
> } __packed;
>
> -struct tpm2_null_auth_area {
> - __be32 handle;
> - __be16 nonce_size;
> - u8 attributes;
> - __be16 auth_size;
> -} __packed;
> -
> -struct tpm2_pcr_extend_in {
> - __be32 pcr_idx;
> - __be32 auth_area_size;
> - struct tpm2_null_auth_area auth_area;
> - __be32 digest_cnt;
> - __be16 hash_alg;
> - u8 digest[TPM_DIGEST_SIZE];
> -} __packed;
> -
> struct tpm2_get_tpm_pt_in {
> __be32 cap_id;
> __be32 property_id;
> @@ -97,7 +81,6 @@ union tpm2_cmd_params {
> struct tpm2_self_test_in selftest_in;
> struct tpm2_pcr_read_in pcrread_in;
> struct tpm2_pcr_read_out pcrread_out;
> - struct tpm2_pcr_extend_in pcrextend_in;
> struct tpm2_get_tpm_pt_in get_tpm_pt_in;
> struct tpm2_get_tpm_pt_out get_tpm_pt_out;
> struct tpm2_get_random_in getrandom_in;
> @@ -290,46 +273,68 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> return rc;
> }
>
> -#define TPM2_GET_PCREXTEND_IN_SIZE \
> - (sizeof(struct tpm_input_header) + \
> - sizeof(struct tpm2_pcr_extend_in))
> -
> -static const struct tpm_input_header tpm2_pcrextend_header = {
> - .tag = cpu_to_be16(TPM2_ST_SESSIONS),
> - .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE),
> - .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND)
> -};
> +struct tpm2_null_auth_area {
> + __be32 handle;
> + __be16 nonce_size;
> + u8 attributes;
> + __be16 auth_size;
> +} __packed;
>
> /**
> * tpm2_pcr_extend() - extend a PCR value
> *
> * @chip: TPM chip to use.
> * @pcr_idx: index of the PCR.
> - * @hash: hash value to use for the extend operation.
> + * @count: number of digests passed.
> + * @digests: list of pcr banks and corresponding digest values to extend.
> *
> * Return: Same as with tpm_transmit_cmd.
> */
> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
> +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> + struct tpm2_digest *digests)
> {
> - struct tpm2_cmd cmd;
> + struct tpm_buf buf;
> + struct tpm2_null_auth_area auth_area;
> int rc;
> + int i;
> + int j;
> +
> + if (count > ARRAY_SIZE(chip->active_banks))
> + return -EINVAL;
>
> - cmd.header.in = tpm2_pcrextend_header;
> - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
> - cmd.params.pcrextend_in.auth_area_size =
> - cpu_to_be32(sizeof(struct tpm2_null_auth_area));
> - cmd.params.pcrextend_in.auth_area.handle =
> - cpu_to_be32(TPM2_RS_PW);
> - cmd.params.pcrextend_in.auth_area.nonce_size = 0;
> - cmd.params.pcrextend_in.auth_area.attributes = 0;
> - cmd.params.pcrextend_in.auth_area.auth_size = 0;
> - cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1);
> - cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
> - memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE);
> + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
> + if (rc)
> + return rc;
>
> - rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
> + tpm_buf_append_u32(&buf, pcr_idx);
> +
> + auth_area.handle = cpu_to_be32(TPM2_RS_PW);
> + auth_area.nonce_size = 0;
> + auth_area.attributes = 0;
> + auth_area.auth_size = 0;
> +
> + tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
> + tpm_buf_append(&buf, (const unsigned char *)&auth_area,
> + sizeof(auth_area));
> + tpm_buf_append_u32(&buf, count);
> +
> + for (i = 0; i < count; i++) {
> + for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) {
> + if (digests[i].alg_id != tpm2_hash_map[j].tpm_id)
> + continue;
> +
> + tpm_buf_append_u16(&buf, digests[i].alg_id);
> + tpm_buf_append(&buf, (const unsigned char
> + *)&digests[i].digest,
> + hash_digest_size[tpm2_hash_map[j].crypto_id]);
> + }
> + }
> +
> + rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0,
> "attempting extend a PCR value");
>
> + tpm_buf_destroy(&buf);
> +
> return rc;
> }
>
> @@ -993,6 +998,8 @@ int tpm2_auto_startup(struct tpm_chip *chip)
> }
> }
>
> + rc = tpm2_get_pcr_allocation(chip);
> +
> out:
> if (rc > 0)
> rc = -ENODEV;
> diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h
> index 1660d74..b5ae372 100644
> --- a/drivers/char/tpm/tpm_eventlog.h
> +++ b/drivers/char/tpm/tpm_eventlog.h
> @@ -2,6 +2,8 @@
> #ifndef __TPM_EVENTLOG_H__
> #define __TPM_EVENTLOG_H__
>
> +#include <crypto/hash_info.h>
> +
> #define TCG_EVENT_NAME_LEN_MAX 255
> #define MAX_TEXT_EVENT 1000 /* Max event string length */
> #define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */
> @@ -73,6 +75,11 @@ enum tcpa_pc_event_ids {
> HOST_TABLE_OF_DEVICES,
> };
>
> +struct tpm2_digest {
> + u16 alg_id;
> + u8 digest[SHA512_DIGEST_SIZE];
> +} __packed;
Shouldn't this be in tpm.h?
/Jarkko
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks
2017-01-23 15:19 ` Jarkko Sakkinen
(?)
@ 2017-01-23 16:41 ` Nayna
2017-01-24 11:59 ` Jarkko Sakkinen
-1 siblings, 1 reply; 14+ messages in thread
From: Nayna @ 2017-01-23 16:41 UTC (permalink / raw)
To: Jarkko Sakkinen
Cc: tpmdd-devel, peterhuewe, tpmdd, jgunthorpe, linux-security-module,
linux-kernel
On 01/23/2017 08:49 PM, Jarkko Sakkinen wrote:
> On Fri, Jan 20, 2017 at 12:05:13PM -0500, Nayna Jain wrote:
>> The current TPM 2.0 device driver extends only the SHA1 PCR bank
>> but the TCG Specification[1] recommends extending all active PCR
>> banks, to prevent malicious users from setting unused PCR banks with
>> fake measurements and quoting them.
>>
>> The existing in-kernel interface(tpm_pcr_extend()) expects only a
>> SHA1 digest. To extend all active PCR banks with differing
>> digest sizes, the SHA1 digest is padded with trailing 0's as needed.
>>
>> This patch reuses the defined digest sizes from the crypto subsystem,
>> adding a dependency on CRYPTO_HASH_INFO module.
>>
>> [1] TPM 2.0 Specification referred here is "TCG PC Client Specific
>> Platform Firmware Profile for TPM 2.0"
>>
>> Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
>> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>> ---
>> drivers/char/tpm/Kconfig | 1 +
>> drivers/char/tpm/tpm-interface.c | 15 ++++++-
>> drivers/char/tpm/tpm.h | 3 +-
>> drivers/char/tpm/tpm2-cmd.c | 91 +++++++++++++++++++++-------------------
>> drivers/char/tpm/tpm_eventlog.h | 7 ++++
>> 5 files changed, 73 insertions(+), 44 deletions(-)
>>
>> diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
>> index 277186d..af985cc 100644
>> --- a/drivers/char/tpm/Kconfig
>> +++ b/drivers/char/tpm/Kconfig
>> @@ -6,6 +6,7 @@ menuconfig TCG_TPM
>> tristate "TPM Hardware Support"
>> depends on HAS_IOMEM
>> select SECURITYFS
>> + select CRYPTO_HASH_INFO
>> ---help---
>> If you have a TPM security chip in your system, which
>> implements the Trusted Computing Group's specification,
>> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
>> index a3461cb..cf959c3 100644
>> --- a/drivers/char/tpm/tpm-interface.c
>> +++ b/drivers/char/tpm/tpm-interface.c
>> @@ -772,13 +772,26 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
>> struct tpm_cmd_t cmd;
>> int rc;
>> struct tpm_chip *chip;
>> + int max_active_banks = ARRAY_SIZE(chip->active_banks);
>> + struct tpm2_digest digest_list[max_active_banks];
>> + u32 count = 0;
>> + int i;
>>
>> chip = tpm_chip_find_get(chip_num);
>> if (chip == NULL)
>> return -ENODEV;
>>
>> if (chip->flags & TPM_CHIP_FLAG_TPM2) {
>> - rc = tpm2_pcr_extend(chip, pcr_idx, hash);
>> + memset(digest_list, 0, sizeof(digest_list));
>> +
>> + for (i = 0; (chip->active_banks[i] != TPM2_ALG_ERROR) &&
>> + (i < max_active_banks); i++) {
>> + digest_list[i].alg_id = chip->active_banks[i];
>> + memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
>> + count++;
>> + }
>> +
>> + rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
>> tpm_put_ops(chip);
>> return rc;
>> }
>> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
>> index c291f19..07a0677 100644
>> --- a/drivers/char/tpm/tpm.h
>> +++ b/drivers/char/tpm/tpm.h
>> @@ -534,7 +534,8 @@ static inline void tpm_add_ppi(struct tpm_chip *chip)
>> #endif
>>
>> int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
>> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
>> +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
>> + struct tpm2_digest *digests);
>> int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
>> int tpm2_seal_trusted(struct tpm_chip *chip,
>> struct trusted_key_payload *payload,
>> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
>> index 0e000a3..d78adb8 100644
>> --- a/drivers/char/tpm/tpm2-cmd.c
>> +++ b/drivers/char/tpm/tpm2-cmd.c
>> @@ -53,22 +53,6 @@ struct tpm2_pcr_read_out {
>> u8 digest[TPM_DIGEST_SIZE];
>> } __packed;
>>
>> -struct tpm2_null_auth_area {
>> - __be32 handle;
>> - __be16 nonce_size;
>> - u8 attributes;
>> - __be16 auth_size;
>> -} __packed;
>> -
>> -struct tpm2_pcr_extend_in {
>> - __be32 pcr_idx;
>> - __be32 auth_area_size;
>> - struct tpm2_null_auth_area auth_area;
>> - __be32 digest_cnt;
>> - __be16 hash_alg;
>> - u8 digest[TPM_DIGEST_SIZE];
>> -} __packed;
>> -
>> struct tpm2_get_tpm_pt_in {
>> __be32 cap_id;
>> __be32 property_id;
>> @@ -97,7 +81,6 @@ union tpm2_cmd_params {
>> struct tpm2_self_test_in selftest_in;
>> struct tpm2_pcr_read_in pcrread_in;
>> struct tpm2_pcr_read_out pcrread_out;
>> - struct tpm2_pcr_extend_in pcrextend_in;
>> struct tpm2_get_tpm_pt_in get_tpm_pt_in;
>> struct tpm2_get_tpm_pt_out get_tpm_pt_out;
>> struct tpm2_get_random_in getrandom_in;
>> @@ -290,46 +273,68 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
>> return rc;
>> }
>>
>> -#define TPM2_GET_PCREXTEND_IN_SIZE \
>> - (sizeof(struct tpm_input_header) + \
>> - sizeof(struct tpm2_pcr_extend_in))
>> -
>> -static const struct tpm_input_header tpm2_pcrextend_header = {
>> - .tag = cpu_to_be16(TPM2_ST_SESSIONS),
>> - .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE),
>> - .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND)
>> -};
>> +struct tpm2_null_auth_area {
>> + __be32 handle;
>> + __be16 nonce_size;
>> + u8 attributes;
>> + __be16 auth_size;
>> +} __packed;
>>
>> /**
>> * tpm2_pcr_extend() - extend a PCR value
>> *
>> * @chip: TPM chip to use.
>> * @pcr_idx: index of the PCR.
>> - * @hash: hash value to use for the extend operation.
>> + * @count: number of digests passed.
>> + * @digests: list of pcr banks and corresponding digest values to extend.
>> *
>> * Return: Same as with tpm_transmit_cmd.
>> */
>> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
>> +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
>> + struct tpm2_digest *digests)
>> {
>> - struct tpm2_cmd cmd;
>> + struct tpm_buf buf;
>> + struct tpm2_null_auth_area auth_area;
>> int rc;
>> + int i;
>> + int j;
>> +
>> + if (count > ARRAY_SIZE(chip->active_banks))
>> + return -EINVAL;
>>
>> - cmd.header.in = tpm2_pcrextend_header;
>> - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
>> - cmd.params.pcrextend_in.auth_area_size =
>> - cpu_to_be32(sizeof(struct tpm2_null_auth_area));
>> - cmd.params.pcrextend_in.auth_area.handle =
>> - cpu_to_be32(TPM2_RS_PW);
>> - cmd.params.pcrextend_in.auth_area.nonce_size = 0;
>> - cmd.params.pcrextend_in.auth_area.attributes = 0;
>> - cmd.params.pcrextend_in.auth_area.auth_size = 0;
>> - cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1);
>> - cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
>> - memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE);
>> + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
>> + if (rc)
>> + return rc;
>>
>> - rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
>> + tpm_buf_append_u32(&buf, pcr_idx);
>> +
>> + auth_area.handle = cpu_to_be32(TPM2_RS_PW);
>> + auth_area.nonce_size = 0;
>> + auth_area.attributes = 0;
>> + auth_area.auth_size = 0;
>> +
>> + tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
>> + tpm_buf_append(&buf, (const unsigned char *)&auth_area,
>> + sizeof(auth_area));
>> + tpm_buf_append_u32(&buf, count);
>> +
>> + for (i = 0; i < count; i++) {
>> + for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) {
>> + if (digests[i].alg_id != tpm2_hash_map[j].tpm_id)
>> + continue;
>> +
>> + tpm_buf_append_u16(&buf, digests[i].alg_id);
>> + tpm_buf_append(&buf, (const unsigned char
>> + *)&digests[i].digest,
>> + hash_digest_size[tpm2_hash_map[j].crypto_id]);
>> + }
>> + }
>> +
>> + rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0,
>> "attempting extend a PCR value");
>>
>> + tpm_buf_destroy(&buf);
>> +
>> return rc;
>> }
>>
>> @@ -993,6 +998,8 @@ int tpm2_auto_startup(struct tpm_chip *chip)
>> }
>> }
>>
>> + rc = tpm2_get_pcr_allocation(chip);
>> +
>> out:
>> if (rc > 0)
>> rc = -ENODEV;
>> diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h
>> index 1660d74..b5ae372 100644
>> --- a/drivers/char/tpm/tpm_eventlog.h
>> +++ b/drivers/char/tpm/tpm_eventlog.h
>> @@ -2,6 +2,8 @@
>> #ifndef __TPM_EVENTLOG_H__
>> #define __TPM_EVENTLOG_H__
>>
>> +#include <crypto/hash_info.h>
>> +
>> #define TCG_EVENT_NAME_LEN_MAX 255
>> #define MAX_TEXT_EVENT 1000 /* Max event string length */
>> #define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */
>> @@ -73,6 +75,11 @@ enum tcpa_pc_event_ids {
>> HOST_TABLE_OF_DEVICES,
>> };
>>
>> +struct tpm2_digest {
>> + u16 alg_id;
>> + u8 digest[SHA512_DIGEST_SIZE];
>> +} __packed;
>
> Shouldn't this be in tpm.h?
This is a struct common for TPM 2.0 extend and eventlog structure i.e
struct tcg_pcr_event2.
And so I preferred to place it here.
Thanks & Regards,
- Nayna
>
> /Jarkko
>
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks
2017-01-23 16:41 ` Nayna
@ 2017-01-24 11:59 ` Jarkko Sakkinen
[not found] ` <20170124115937.s6folc7x4nxgxuv6-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
0 siblings, 1 reply; 14+ messages in thread
From: Jarkko Sakkinen @ 2017-01-24 11:59 UTC (permalink / raw)
To: Nayna
Cc: tpmdd-devel, peterhuewe, tpmdd, jgunthorpe, linux-security-module,
linux-kernel
On Mon, Jan 23, 2017 at 10:11:48PM +0530, Nayna wrote:
>
>
> On 01/23/2017 08:49 PM, Jarkko Sakkinen wrote:
> > On Fri, Jan 20, 2017 at 12:05:13PM -0500, Nayna Jain wrote:
> > > The current TPM 2.0 device driver extends only the SHA1 PCR bank
> > > but the TCG Specification[1] recommends extending all active PCR
> > > banks, to prevent malicious users from setting unused PCR banks with
> > > fake measurements and quoting them.
> > >
> > > The existing in-kernel interface(tpm_pcr_extend()) expects only a
> > > SHA1 digest. To extend all active PCR banks with differing
> > > digest sizes, the SHA1 digest is padded with trailing 0's as needed.
> > >
> > > This patch reuses the defined digest sizes from the crypto subsystem,
> > > adding a dependency on CRYPTO_HASH_INFO module.
> > >
> > > [1] TPM 2.0 Specification referred here is "TCG PC Client Specific
> > > Platform Firmware Profile for TPM 2.0"
> > >
> > > Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
> > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > ---
> > > drivers/char/tpm/Kconfig | 1 +
> > > drivers/char/tpm/tpm-interface.c | 15 ++++++-
> > > drivers/char/tpm/tpm.h | 3 +-
> > > drivers/char/tpm/tpm2-cmd.c | 91 +++++++++++++++++++++-------------------
> > > drivers/char/tpm/tpm_eventlog.h | 7 ++++
> > > 5 files changed, 73 insertions(+), 44 deletions(-)
> > >
> > > diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
> > > index 277186d..af985cc 100644
> > > --- a/drivers/char/tpm/Kconfig
> > > +++ b/drivers/char/tpm/Kconfig
> > > @@ -6,6 +6,7 @@ menuconfig TCG_TPM
> > > tristate "TPM Hardware Support"
> > > depends on HAS_IOMEM
> > > select SECURITYFS
> > > + select CRYPTO_HASH_INFO
> > > ---help---
> > > If you have a TPM security chip in your system, which
> > > implements the Trusted Computing Group's specification,
> > > diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> > > index a3461cb..cf959c3 100644
> > > --- a/drivers/char/tpm/tpm-interface.c
> > > +++ b/drivers/char/tpm/tpm-interface.c
> > > @@ -772,13 +772,26 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
> > > struct tpm_cmd_t cmd;
> > > int rc;
> > > struct tpm_chip *chip;
> > > + int max_active_banks = ARRAY_SIZE(chip->active_banks);
> > > + struct tpm2_digest digest_list[max_active_banks];
> > > + u32 count = 0;
> > > + int i;
> > >
> > > chip = tpm_chip_find_get(chip_num);
> > > if (chip == NULL)
> > > return -ENODEV;
> > >
> > > if (chip->flags & TPM_CHIP_FLAG_TPM2) {
> > > - rc = tpm2_pcr_extend(chip, pcr_idx, hash);
> > > + memset(digest_list, 0, sizeof(digest_list));
> > > +
> > > + for (i = 0; (chip->active_banks[i] != TPM2_ALG_ERROR) &&
> > > + (i < max_active_banks); i++) {
> > > + digest_list[i].alg_id = chip->active_banks[i];
> > > + memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
> > > + count++;
> > > + }
> > > +
> > > + rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
> > > tpm_put_ops(chip);
> > > return rc;
> > > }
> > > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> > > index c291f19..07a0677 100644
> > > --- a/drivers/char/tpm/tpm.h
> > > +++ b/drivers/char/tpm/tpm.h
> > > @@ -534,7 +534,8 @@ static inline void tpm_add_ppi(struct tpm_chip *chip)
> > > #endif
> > >
> > > int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> > > -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
> > > +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> > > + struct tpm2_digest *digests);
> > > int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
> > > int tpm2_seal_trusted(struct tpm_chip *chip,
> > > struct trusted_key_payload *payload,
> > > diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> > > index 0e000a3..d78adb8 100644
> > > --- a/drivers/char/tpm/tpm2-cmd.c
> > > +++ b/drivers/char/tpm/tpm2-cmd.c
> > > @@ -53,22 +53,6 @@ struct tpm2_pcr_read_out {
> > > u8 digest[TPM_DIGEST_SIZE];
> > > } __packed;
> > >
> > > -struct tpm2_null_auth_area {
> > > - __be32 handle;
> > > - __be16 nonce_size;
> > > - u8 attributes;
> > > - __be16 auth_size;
> > > -} __packed;
> > > -
> > > -struct tpm2_pcr_extend_in {
> > > - __be32 pcr_idx;
> > > - __be32 auth_area_size;
> > > - struct tpm2_null_auth_area auth_area;
> > > - __be32 digest_cnt;
> > > - __be16 hash_alg;
> > > - u8 digest[TPM_DIGEST_SIZE];
> > > -} __packed;
> > > -
> > > struct tpm2_get_tpm_pt_in {
> > > __be32 cap_id;
> > > __be32 property_id;
> > > @@ -97,7 +81,6 @@ union tpm2_cmd_params {
> > > struct tpm2_self_test_in selftest_in;
> > > struct tpm2_pcr_read_in pcrread_in;
> > > struct tpm2_pcr_read_out pcrread_out;
> > > - struct tpm2_pcr_extend_in pcrextend_in;
> > > struct tpm2_get_tpm_pt_in get_tpm_pt_in;
> > > struct tpm2_get_tpm_pt_out get_tpm_pt_out;
> > > struct tpm2_get_random_in getrandom_in;
> > > @@ -290,46 +273,68 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> > > return rc;
> > > }
> > >
> > > -#define TPM2_GET_PCREXTEND_IN_SIZE \
> > > - (sizeof(struct tpm_input_header) + \
> > > - sizeof(struct tpm2_pcr_extend_in))
> > > -
> > > -static const struct tpm_input_header tpm2_pcrextend_header = {
> > > - .tag = cpu_to_be16(TPM2_ST_SESSIONS),
> > > - .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE),
> > > - .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND)
> > > -};
> > > +struct tpm2_null_auth_area {
> > > + __be32 handle;
> > > + __be16 nonce_size;
> > > + u8 attributes;
> > > + __be16 auth_size;
> > > +} __packed;
> > >
> > > /**
> > > * tpm2_pcr_extend() - extend a PCR value
> > > *
> > > * @chip: TPM chip to use.
> > > * @pcr_idx: index of the PCR.
> > > - * @hash: hash value to use for the extend operation.
> > > + * @count: number of digests passed.
> > > + * @digests: list of pcr banks and corresponding digest values to extend.
> > > *
> > > * Return: Same as with tpm_transmit_cmd.
> > > */
> > > -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
> > > +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> > > + struct tpm2_digest *digests)
> > > {
> > > - struct tpm2_cmd cmd;
> > > + struct tpm_buf buf;
> > > + struct tpm2_null_auth_area auth_area;
> > > int rc;
> > > + int i;
> > > + int j;
> > > +
> > > + if (count > ARRAY_SIZE(chip->active_banks))
> > > + return -EINVAL;
> > >
> > > - cmd.header.in = tpm2_pcrextend_header;
> > > - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
> > > - cmd.params.pcrextend_in.auth_area_size =
> > > - cpu_to_be32(sizeof(struct tpm2_null_auth_area));
> > > - cmd.params.pcrextend_in.auth_area.handle =
> > > - cpu_to_be32(TPM2_RS_PW);
> > > - cmd.params.pcrextend_in.auth_area.nonce_size = 0;
> > > - cmd.params.pcrextend_in.auth_area.attributes = 0;
> > > - cmd.params.pcrextend_in.auth_area.auth_size = 0;
> > > - cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1);
> > > - cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
> > > - memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE);
> > > + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
> > > + if (rc)
> > > + return rc;
> > >
> > > - rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
> > > + tpm_buf_append_u32(&buf, pcr_idx);
> > > +
> > > + auth_area.handle = cpu_to_be32(TPM2_RS_PW);
> > > + auth_area.nonce_size = 0;
> > > + auth_area.attributes = 0;
> > > + auth_area.auth_size = 0;
> > > +
> > > + tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
> > > + tpm_buf_append(&buf, (const unsigned char *)&auth_area,
> > > + sizeof(auth_area));
> > > + tpm_buf_append_u32(&buf, count);
> > > +
> > > + for (i = 0; i < count; i++) {
> > > + for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) {
> > > + if (digests[i].alg_id != tpm2_hash_map[j].tpm_id)
> > > + continue;
> > > +
> > > + tpm_buf_append_u16(&buf, digests[i].alg_id);
> > > + tpm_buf_append(&buf, (const unsigned char
> > > + *)&digests[i].digest,
> > > + hash_digest_size[tpm2_hash_map[j].crypto_id]);
> > > + }
> > > + }
> > > +
> > > + rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0,
> > > "attempting extend a PCR value");
> > >
> > > + tpm_buf_destroy(&buf);
> > > +
> > > return rc;
> > > }
> > >
> > > @@ -993,6 +998,8 @@ int tpm2_auto_startup(struct tpm_chip *chip)
> > > }
> > > }
> > >
> > > + rc = tpm2_get_pcr_allocation(chip);
> > > +
> > > out:
> > > if (rc > 0)
> > > rc = -ENODEV;
> > > diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h
> > > index 1660d74..b5ae372 100644
> > > --- a/drivers/char/tpm/tpm_eventlog.h
> > > +++ b/drivers/char/tpm/tpm_eventlog.h
> > > @@ -2,6 +2,8 @@
> > > #ifndef __TPM_EVENTLOG_H__
> > > #define __TPM_EVENTLOG_H__
> > >
> > > +#include <crypto/hash_info.h>
> > > +
> > > #define TCG_EVENT_NAME_LEN_MAX 255
> > > #define MAX_TEXT_EVENT 1000 /* Max event string length */
> > > #define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */
> > > @@ -73,6 +75,11 @@ enum tcpa_pc_event_ids {
> > > HOST_TABLE_OF_DEVICES,
> > > };
> > >
> > > +struct tpm2_digest {
> > > + u16 alg_id;
> > > + u8 digest[SHA512_DIGEST_SIZE];
> > > +} __packed;
> >
> > Shouldn't this be in tpm.h?
>
> This is a struct common for TPM 2.0 extend and eventlog structure i.e
> struct tcg_pcr_event2.
> And so I preferred to place it here.
>
If it is common, why is it in tpm_eventlog.h and not in tpm.h?
> Thanks & Regards,
> - Nayna
/Jarkko
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks
2017-01-24 11:59 ` Jarkko Sakkinen
@ 2017-01-24 13:04 ` Nayna
0 siblings, 0 replies; 14+ messages in thread
From: Nayna @ 2017-01-24 13:04 UTC (permalink / raw)
To: Jarkko Sakkinen
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA,
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
On 01/24/2017 05:29 PM, Jarkko Sakkinen wrote:
> On Mon, Jan 23, 2017 at 10:11:48PM +0530, Nayna wrote:
>>
>>
>> On 01/23/2017 08:49 PM, Jarkko Sakkinen wrote:
>>> On Fri, Jan 20, 2017 at 12:05:13PM -0500, Nayna Jain wrote:
>>>> The current TPM 2.0 device driver extends only the SHA1 PCR bank
>>>> but the TCG Specification[1] recommends extending all active PCR
>>>> banks, to prevent malicious users from setting unused PCR banks with
>>>> fake measurements and quoting them.
>>>>
>>>> The existing in-kernel interface(tpm_pcr_extend()) expects only a
>>>> SHA1 digest. To extend all active PCR banks with differing
>>>> digest sizes, the SHA1 digest is padded with trailing 0's as needed.
>>>>
>>>> This patch reuses the defined digest sizes from the crypto subsystem,
>>>> adding a dependency on CRYPTO_HASH_INFO module.
>>>>
>>>> [1] TPM 2.0 Specification referred here is "TCG PC Client Specific
>>>> Platform Firmware Profile for TPM 2.0"
>>>>
>>>> Signed-off-by: Nayna Jain <nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
>>>> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
>>>> ---
>>>> drivers/char/tpm/Kconfig | 1 +
>>>> drivers/char/tpm/tpm-interface.c | 15 ++++++-
>>>> drivers/char/tpm/tpm.h | 3 +-
>>>> drivers/char/tpm/tpm2-cmd.c | 91 +++++++++++++++++++++-------------------
>>>> drivers/char/tpm/tpm_eventlog.h | 7 ++++
>>>> 5 files changed, 73 insertions(+), 44 deletions(-)
>>>>
>>>> diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
>>>> index 277186d..af985cc 100644
>>>> --- a/drivers/char/tpm/Kconfig
>>>> +++ b/drivers/char/tpm/Kconfig
>>>> @@ -6,6 +6,7 @@ menuconfig TCG_TPM
>>>> tristate "TPM Hardware Support"
>>>> depends on HAS_IOMEM
>>>> select SECURITYFS
>>>> + select CRYPTO_HASH_INFO
>>>> ---help---
>>>> If you have a TPM security chip in your system, which
>>>> implements the Trusted Computing Group's specification,
>>>> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
>>>> index a3461cb..cf959c3 100644
>>>> --- a/drivers/char/tpm/tpm-interface.c
>>>> +++ b/drivers/char/tpm/tpm-interface.c
>>>> @@ -772,13 +772,26 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
>>>> struct tpm_cmd_t cmd;
>>>> int rc;
>>>> struct tpm_chip *chip;
>>>> + int max_active_banks = ARRAY_SIZE(chip->active_banks);
>>>> + struct tpm2_digest digest_list[max_active_banks];
>>>> + u32 count = 0;
>>>> + int i;
>>>>
>>>> chip = tpm_chip_find_get(chip_num);
>>>> if (chip == NULL)
>>>> return -ENODEV;
>>>>
>>>> if (chip->flags & TPM_CHIP_FLAG_TPM2) {
>>>> - rc = tpm2_pcr_extend(chip, pcr_idx, hash);
>>>> + memset(digest_list, 0, sizeof(digest_list));
>>>> +
>>>> + for (i = 0; (chip->active_banks[i] != TPM2_ALG_ERROR) &&
>>>> + (i < max_active_banks); i++) {
>>>> + digest_list[i].alg_id = chip->active_banks[i];
>>>> + memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
>>>> + count++;
>>>> + }
>>>> +
>>>> + rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
>>>> tpm_put_ops(chip);
>>>> return rc;
>>>> }
>>>> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
>>>> index c291f19..07a0677 100644
>>>> --- a/drivers/char/tpm/tpm.h
>>>> +++ b/drivers/char/tpm/tpm.h
>>>> @@ -534,7 +534,8 @@ static inline void tpm_add_ppi(struct tpm_chip *chip)
>>>> #endif
>>>>
>>>> int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
>>>> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
>>>> +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
>>>> + struct tpm2_digest *digests);
>>>> int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
>>>> int tpm2_seal_trusted(struct tpm_chip *chip,
>>>> struct trusted_key_payload *payload,
>>>> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
>>>> index 0e000a3..d78adb8 100644
>>>> --- a/drivers/char/tpm/tpm2-cmd.c
>>>> +++ b/drivers/char/tpm/tpm2-cmd.c
>>>> @@ -53,22 +53,6 @@ struct tpm2_pcr_read_out {
>>>> u8 digest[TPM_DIGEST_SIZE];
>>>> } __packed;
>>>>
>>>> -struct tpm2_null_auth_area {
>>>> - __be32 handle;
>>>> - __be16 nonce_size;
>>>> - u8 attributes;
>>>> - __be16 auth_size;
>>>> -} __packed;
>>>> -
>>>> -struct tpm2_pcr_extend_in {
>>>> - __be32 pcr_idx;
>>>> - __be32 auth_area_size;
>>>> - struct tpm2_null_auth_area auth_area;
>>>> - __be32 digest_cnt;
>>>> - __be16 hash_alg;
>>>> - u8 digest[TPM_DIGEST_SIZE];
>>>> -} __packed;
>>>> -
>>>> struct tpm2_get_tpm_pt_in {
>>>> __be32 cap_id;
>>>> __be32 property_id;
>>>> @@ -97,7 +81,6 @@ union tpm2_cmd_params {
>>>> struct tpm2_self_test_in selftest_in;
>>>> struct tpm2_pcr_read_in pcrread_in;
>>>> struct tpm2_pcr_read_out pcrread_out;
>>>> - struct tpm2_pcr_extend_in pcrextend_in;
>>>> struct tpm2_get_tpm_pt_in get_tpm_pt_in;
>>>> struct tpm2_get_tpm_pt_out get_tpm_pt_out;
>>>> struct tpm2_get_random_in getrandom_in;
>>>> @@ -290,46 +273,68 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
>>>> return rc;
>>>> }
>>>>
>>>> -#define TPM2_GET_PCREXTEND_IN_SIZE \
>>>> - (sizeof(struct tpm_input_header) + \
>>>> - sizeof(struct tpm2_pcr_extend_in))
>>>> -
>>>> -static const struct tpm_input_header tpm2_pcrextend_header = {
>>>> - .tag = cpu_to_be16(TPM2_ST_SESSIONS),
>>>> - .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE),
>>>> - .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND)
>>>> -};
>>>> +struct tpm2_null_auth_area {
>>>> + __be32 handle;
>>>> + __be16 nonce_size;
>>>> + u8 attributes;
>>>> + __be16 auth_size;
>>>> +} __packed;
>>>>
>>>> /**
>>>> * tpm2_pcr_extend() - extend a PCR value
>>>> *
>>>> * @chip: TPM chip to use.
>>>> * @pcr_idx: index of the PCR.
>>>> - * @hash: hash value to use for the extend operation.
>>>> + * @count: number of digests passed.
>>>> + * @digests: list of pcr banks and corresponding digest values to extend.
>>>> *
>>>> * Return: Same as with tpm_transmit_cmd.
>>>> */
>>>> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
>>>> +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
>>>> + struct tpm2_digest *digests)
>>>> {
>>>> - struct tpm2_cmd cmd;
>>>> + struct tpm_buf buf;
>>>> + struct tpm2_null_auth_area auth_area;
>>>> int rc;
>>>> + int i;
>>>> + int j;
>>>> +
>>>> + if (count > ARRAY_SIZE(chip->active_banks))
>>>> + return -EINVAL;
>>>>
>>>> - cmd.header.in = tpm2_pcrextend_header;
>>>> - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
>>>> - cmd.params.pcrextend_in.auth_area_size =
>>>> - cpu_to_be32(sizeof(struct tpm2_null_auth_area));
>>>> - cmd.params.pcrextend_in.auth_area.handle =
>>>> - cpu_to_be32(TPM2_RS_PW);
>>>> - cmd.params.pcrextend_in.auth_area.nonce_size = 0;
>>>> - cmd.params.pcrextend_in.auth_area.attributes = 0;
>>>> - cmd.params.pcrextend_in.auth_area.auth_size = 0;
>>>> - cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1);
>>>> - cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
>>>> - memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE);
>>>> + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
>>>> + if (rc)
>>>> + return rc;
>>>>
>>>> - rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
>>>> + tpm_buf_append_u32(&buf, pcr_idx);
>>>> +
>>>> + auth_area.handle = cpu_to_be32(TPM2_RS_PW);
>>>> + auth_area.nonce_size = 0;
>>>> + auth_area.attributes = 0;
>>>> + auth_area.auth_size = 0;
>>>> +
>>>> + tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
>>>> + tpm_buf_append(&buf, (const unsigned char *)&auth_area,
>>>> + sizeof(auth_area));
>>>> + tpm_buf_append_u32(&buf, count);
>>>> +
>>>> + for (i = 0; i < count; i++) {
>>>> + for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) {
>>>> + if (digests[i].alg_id != tpm2_hash_map[j].tpm_id)
>>>> + continue;
>>>> +
>>>> + tpm_buf_append_u16(&buf, digests[i].alg_id);
>>>> + tpm_buf_append(&buf, (const unsigned char
>>>> + *)&digests[i].digest,
>>>> + hash_digest_size[tpm2_hash_map[j].crypto_id]);
>>>> + }
>>>> + }
>>>> +
>>>> + rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0,
>>>> "attempting extend a PCR value");
>>>>
>>>> + tpm_buf_destroy(&buf);
>>>> +
>>>> return rc;
>>>> }
>>>>
>>>> @@ -993,6 +998,8 @@ int tpm2_auto_startup(struct tpm_chip *chip)
>>>> }
>>>> }
>>>>
>>>> + rc = tpm2_get_pcr_allocation(chip);
>>>> +
>>>> out:
>>>> if (rc > 0)
>>>> rc = -ENODEV;
>>>> diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h
>>>> index 1660d74..b5ae372 100644
>>>> --- a/drivers/char/tpm/tpm_eventlog.h
>>>> +++ b/drivers/char/tpm/tpm_eventlog.h
>>>> @@ -2,6 +2,8 @@
>>>> #ifndef __TPM_EVENTLOG_H__
>>>> #define __TPM_EVENTLOG_H__
>>>>
>>>> +#include <crypto/hash_info.h>
>>>> +
>>>> #define TCG_EVENT_NAME_LEN_MAX 255
>>>> #define MAX_TEXT_EVENT 1000 /* Max event string length */
>>>> #define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */
>>>> @@ -73,6 +75,11 @@ enum tcpa_pc_event_ids {
>>>> HOST_TABLE_OF_DEVICES,
>>>> };
>>>>
>>>> +struct tpm2_digest {
>>>> + u16 alg_id;
>>>> + u8 digest[SHA512_DIGEST_SIZE];
>>>> +} __packed;
>>>
>>> Shouldn't this be in tpm.h?
>>
>> This is a struct common for TPM 2.0 extend and eventlog structure i.e
>> struct tcg_pcr_event2.
>> And so I preferred to place it here.
>>
>
> If it is common, why is it in tpm_eventlog.h and not in tpm.h?
Hmm, the way I took it was that all event log structs are in
tpm_eventlog.h. So, I have defined all structs related to event log into
tpm_eventlog.h, including this one.
Also, currently, tpm_eventlog.h has no dependency on tpm.h, but tpm.h
does include tpm_eventlog.h.
Hmm.. is it an issue to have it in tpm_eventlog.h ?
Thanks & Regards,
- Nayna
>
>> Thanks & Regards,
>> - Nayna
>
> /Jarkko
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks
@ 2017-01-24 13:04 ` Nayna
0 siblings, 0 replies; 14+ messages in thread
From: Nayna @ 2017-01-24 13:04 UTC (permalink / raw)
To: Jarkko Sakkinen
Cc: tpmdd-devel, peterhuewe, tpmdd, jgunthorpe, linux-security-module,
linux-kernel
On 01/24/2017 05:29 PM, Jarkko Sakkinen wrote:
> On Mon, Jan 23, 2017 at 10:11:48PM +0530, Nayna wrote:
>>
>>
>> On 01/23/2017 08:49 PM, Jarkko Sakkinen wrote:
>>> On Fri, Jan 20, 2017 at 12:05:13PM -0500, Nayna Jain wrote:
>>>> The current TPM 2.0 device driver extends only the SHA1 PCR bank
>>>> but the TCG Specification[1] recommends extending all active PCR
>>>> banks, to prevent malicious users from setting unused PCR banks with
>>>> fake measurements and quoting them.
>>>>
>>>> The existing in-kernel interface(tpm_pcr_extend()) expects only a
>>>> SHA1 digest. To extend all active PCR banks with differing
>>>> digest sizes, the SHA1 digest is padded with trailing 0's as needed.
>>>>
>>>> This patch reuses the defined digest sizes from the crypto subsystem,
>>>> adding a dependency on CRYPTO_HASH_INFO module.
>>>>
>>>> [1] TPM 2.0 Specification referred here is "TCG PC Client Specific
>>>> Platform Firmware Profile for TPM 2.0"
>>>>
>>>> Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
>>>> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>>>> ---
>>>> drivers/char/tpm/Kconfig | 1 +
>>>> drivers/char/tpm/tpm-interface.c | 15 ++++++-
>>>> drivers/char/tpm/tpm.h | 3 +-
>>>> drivers/char/tpm/tpm2-cmd.c | 91 +++++++++++++++++++++-------------------
>>>> drivers/char/tpm/tpm_eventlog.h | 7 ++++
>>>> 5 files changed, 73 insertions(+), 44 deletions(-)
>>>>
>>>> diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
>>>> index 277186d..af985cc 100644
>>>> --- a/drivers/char/tpm/Kconfig
>>>> +++ b/drivers/char/tpm/Kconfig
>>>> @@ -6,6 +6,7 @@ menuconfig TCG_TPM
>>>> tristate "TPM Hardware Support"
>>>> depends on HAS_IOMEM
>>>> select SECURITYFS
>>>> + select CRYPTO_HASH_INFO
>>>> ---help---
>>>> If you have a TPM security chip in your system, which
>>>> implements the Trusted Computing Group's specification,
>>>> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
>>>> index a3461cb..cf959c3 100644
>>>> --- a/drivers/char/tpm/tpm-interface.c
>>>> +++ b/drivers/char/tpm/tpm-interface.c
>>>> @@ -772,13 +772,26 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
>>>> struct tpm_cmd_t cmd;
>>>> int rc;
>>>> struct tpm_chip *chip;
>>>> + int max_active_banks = ARRAY_SIZE(chip->active_banks);
>>>> + struct tpm2_digest digest_list[max_active_banks];
>>>> + u32 count = 0;
>>>> + int i;
>>>>
>>>> chip = tpm_chip_find_get(chip_num);
>>>> if (chip == NULL)
>>>> return -ENODEV;
>>>>
>>>> if (chip->flags & TPM_CHIP_FLAG_TPM2) {
>>>> - rc = tpm2_pcr_extend(chip, pcr_idx, hash);
>>>> + memset(digest_list, 0, sizeof(digest_list));
>>>> +
>>>> + for (i = 0; (chip->active_banks[i] != TPM2_ALG_ERROR) &&
>>>> + (i < max_active_banks); i++) {
>>>> + digest_list[i].alg_id = chip->active_banks[i];
>>>> + memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
>>>> + count++;
>>>> + }
>>>> +
>>>> + rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
>>>> tpm_put_ops(chip);
>>>> return rc;
>>>> }
>>>> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
>>>> index c291f19..07a0677 100644
>>>> --- a/drivers/char/tpm/tpm.h
>>>> +++ b/drivers/char/tpm/tpm.h
>>>> @@ -534,7 +534,8 @@ static inline void tpm_add_ppi(struct tpm_chip *chip)
>>>> #endif
>>>>
>>>> int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
>>>> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
>>>> +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
>>>> + struct tpm2_digest *digests);
>>>> int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
>>>> int tpm2_seal_trusted(struct tpm_chip *chip,
>>>> struct trusted_key_payload *payload,
>>>> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
>>>> index 0e000a3..d78adb8 100644
>>>> --- a/drivers/char/tpm/tpm2-cmd.c
>>>> +++ b/drivers/char/tpm/tpm2-cmd.c
>>>> @@ -53,22 +53,6 @@ struct tpm2_pcr_read_out {
>>>> u8 digest[TPM_DIGEST_SIZE];
>>>> } __packed;
>>>>
>>>> -struct tpm2_null_auth_area {
>>>> - __be32 handle;
>>>> - __be16 nonce_size;
>>>> - u8 attributes;
>>>> - __be16 auth_size;
>>>> -} __packed;
>>>> -
>>>> -struct tpm2_pcr_extend_in {
>>>> - __be32 pcr_idx;
>>>> - __be32 auth_area_size;
>>>> - struct tpm2_null_auth_area auth_area;
>>>> - __be32 digest_cnt;
>>>> - __be16 hash_alg;
>>>> - u8 digest[TPM_DIGEST_SIZE];
>>>> -} __packed;
>>>> -
>>>> struct tpm2_get_tpm_pt_in {
>>>> __be32 cap_id;
>>>> __be32 property_id;
>>>> @@ -97,7 +81,6 @@ union tpm2_cmd_params {
>>>> struct tpm2_self_test_in selftest_in;
>>>> struct tpm2_pcr_read_in pcrread_in;
>>>> struct tpm2_pcr_read_out pcrread_out;
>>>> - struct tpm2_pcr_extend_in pcrextend_in;
>>>> struct tpm2_get_tpm_pt_in get_tpm_pt_in;
>>>> struct tpm2_get_tpm_pt_out get_tpm_pt_out;
>>>> struct tpm2_get_random_in getrandom_in;
>>>> @@ -290,46 +273,68 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
>>>> return rc;
>>>> }
>>>>
>>>> -#define TPM2_GET_PCREXTEND_IN_SIZE \
>>>> - (sizeof(struct tpm_input_header) + \
>>>> - sizeof(struct tpm2_pcr_extend_in))
>>>> -
>>>> -static const struct tpm_input_header tpm2_pcrextend_header = {
>>>> - .tag = cpu_to_be16(TPM2_ST_SESSIONS),
>>>> - .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE),
>>>> - .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND)
>>>> -};
>>>> +struct tpm2_null_auth_area {
>>>> + __be32 handle;
>>>> + __be16 nonce_size;
>>>> + u8 attributes;
>>>> + __be16 auth_size;
>>>> +} __packed;
>>>>
>>>> /**
>>>> * tpm2_pcr_extend() - extend a PCR value
>>>> *
>>>> * @chip: TPM chip to use.
>>>> * @pcr_idx: index of the PCR.
>>>> - * @hash: hash value to use for the extend operation.
>>>> + * @count: number of digests passed.
>>>> + * @digests: list of pcr banks and corresponding digest values to extend.
>>>> *
>>>> * Return: Same as with tpm_transmit_cmd.
>>>> */
>>>> -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
>>>> +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
>>>> + struct tpm2_digest *digests)
>>>> {
>>>> - struct tpm2_cmd cmd;
>>>> + struct tpm_buf buf;
>>>> + struct tpm2_null_auth_area auth_area;
>>>> int rc;
>>>> + int i;
>>>> + int j;
>>>> +
>>>> + if (count > ARRAY_SIZE(chip->active_banks))
>>>> + return -EINVAL;
>>>>
>>>> - cmd.header.in = tpm2_pcrextend_header;
>>>> - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
>>>> - cmd.params.pcrextend_in.auth_area_size =
>>>> - cpu_to_be32(sizeof(struct tpm2_null_auth_area));
>>>> - cmd.params.pcrextend_in.auth_area.handle =
>>>> - cpu_to_be32(TPM2_RS_PW);
>>>> - cmd.params.pcrextend_in.auth_area.nonce_size = 0;
>>>> - cmd.params.pcrextend_in.auth_area.attributes = 0;
>>>> - cmd.params.pcrextend_in.auth_area.auth_size = 0;
>>>> - cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1);
>>>> - cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
>>>> - memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE);
>>>> + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
>>>> + if (rc)
>>>> + return rc;
>>>>
>>>> - rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
>>>> + tpm_buf_append_u32(&buf, pcr_idx);
>>>> +
>>>> + auth_area.handle = cpu_to_be32(TPM2_RS_PW);
>>>> + auth_area.nonce_size = 0;
>>>> + auth_area.attributes = 0;
>>>> + auth_area.auth_size = 0;
>>>> +
>>>> + tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
>>>> + tpm_buf_append(&buf, (const unsigned char *)&auth_area,
>>>> + sizeof(auth_area));
>>>> + tpm_buf_append_u32(&buf, count);
>>>> +
>>>> + for (i = 0; i < count; i++) {
>>>> + for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) {
>>>> + if (digests[i].alg_id != tpm2_hash_map[j].tpm_id)
>>>> + continue;
>>>> +
>>>> + tpm_buf_append_u16(&buf, digests[i].alg_id);
>>>> + tpm_buf_append(&buf, (const unsigned char
>>>> + *)&digests[i].digest,
>>>> + hash_digest_size[tpm2_hash_map[j].crypto_id]);
>>>> + }
>>>> + }
>>>> +
>>>> + rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0,
>>>> "attempting extend a PCR value");
>>>>
>>>> + tpm_buf_destroy(&buf);
>>>> +
>>>> return rc;
>>>> }
>>>>
>>>> @@ -993,6 +998,8 @@ int tpm2_auto_startup(struct tpm_chip *chip)
>>>> }
>>>> }
>>>>
>>>> + rc = tpm2_get_pcr_allocation(chip);
>>>> +
>>>> out:
>>>> if (rc > 0)
>>>> rc = -ENODEV;
>>>> diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h
>>>> index 1660d74..b5ae372 100644
>>>> --- a/drivers/char/tpm/tpm_eventlog.h
>>>> +++ b/drivers/char/tpm/tpm_eventlog.h
>>>> @@ -2,6 +2,8 @@
>>>> #ifndef __TPM_EVENTLOG_H__
>>>> #define __TPM_EVENTLOG_H__
>>>>
>>>> +#include <crypto/hash_info.h>
>>>> +
>>>> #define TCG_EVENT_NAME_LEN_MAX 255
>>>> #define MAX_TEXT_EVENT 1000 /* Max event string length */
>>>> #define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */
>>>> @@ -73,6 +75,11 @@ enum tcpa_pc_event_ids {
>>>> HOST_TABLE_OF_DEVICES,
>>>> };
>>>>
>>>> +struct tpm2_digest {
>>>> + u16 alg_id;
>>>> + u8 digest[SHA512_DIGEST_SIZE];
>>>> +} __packed;
>>>
>>> Shouldn't this be in tpm.h?
>>
>> This is a struct common for TPM 2.0 extend and eventlog structure i.e
>> struct tcg_pcr_event2.
>> And so I preferred to place it here.
>>
>
> If it is common, why is it in tpm_eventlog.h and not in tpm.h?
Hmm, the way I took it was that all event log structs are in
tpm_eventlog.h. So, I have defined all structs related to event log into
tpm_eventlog.h, including this one.
Also, currently, tpm_eventlog.h has no dependency on tpm.h, but tpm.h
does include tpm_eventlog.h.
Hmm.. is it an issue to have it in tpm_eventlog.h ?
Thanks & Regards,
- Nayna
>
>> Thanks & Regards,
>> - Nayna
>
> /Jarkko
>
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks
2017-01-24 13:04 ` Nayna
@ 2017-01-25 19:49 ` Jarkko Sakkinen
-1 siblings, 0 replies; 14+ messages in thread
From: Jarkko Sakkinen @ 2017-01-25 19:49 UTC (permalink / raw)
To: Nayna
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA,
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
On Tue, Jan 24, 2017 at 06:34:54PM +0530, Nayna wrote:
>
>
> On 01/24/2017 05:29 PM, Jarkko Sakkinen wrote:
> > On Mon, Jan 23, 2017 at 10:11:48PM +0530, Nayna wrote:
> > >
> > >
> > > On 01/23/2017 08:49 PM, Jarkko Sakkinen wrote:
> > > > On Fri, Jan 20, 2017 at 12:05:13PM -0500, Nayna Jain wrote:
> > > > > The current TPM 2.0 device driver extends only the SHA1 PCR bank
> > > > > but the TCG Specification[1] recommends extending all active PCR
> > > > > banks, to prevent malicious users from setting unused PCR banks with
> > > > > fake measurements and quoting them.
> > > > >
> > > > > The existing in-kernel interface(tpm_pcr_extend()) expects only a
> > > > > SHA1 digest. To extend all active PCR banks with differing
> > > > > digest sizes, the SHA1 digest is padded with trailing 0's as needed.
> > > > >
> > > > > This patch reuses the defined digest sizes from the crypto subsystem,
> > > > > adding a dependency on CRYPTO_HASH_INFO module.
> > > > >
> > > > > [1] TPM 2.0 Specification referred here is "TCG PC Client Specific
> > > > > Platform Firmware Profile for TPM 2.0"
> > > > >
> > > > > Signed-off-by: Nayna Jain <nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
> > > > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
> > > > > ---
> > > > > drivers/char/tpm/Kconfig | 1 +
> > > > > drivers/char/tpm/tpm-interface.c | 15 ++++++-
> > > > > drivers/char/tpm/tpm.h | 3 +-
> > > > > drivers/char/tpm/tpm2-cmd.c | 91 +++++++++++++++++++++-------------------
> > > > > drivers/char/tpm/tpm_eventlog.h | 7 ++++
> > > > > 5 files changed, 73 insertions(+), 44 deletions(-)
> > > > >
> > > > > diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
> > > > > index 277186d..af985cc 100644
> > > > > --- a/drivers/char/tpm/Kconfig
> > > > > +++ b/drivers/char/tpm/Kconfig
> > > > > @@ -6,6 +6,7 @@ menuconfig TCG_TPM
> > > > > tristate "TPM Hardware Support"
> > > > > depends on HAS_IOMEM
> > > > > select SECURITYFS
> > > > > + select CRYPTO_HASH_INFO
> > > > > ---help---
> > > > > If you have a TPM security chip in your system, which
> > > > > implements the Trusted Computing Group's specification,
> > > > > diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> > > > > index a3461cb..cf959c3 100644
> > > > > --- a/drivers/char/tpm/tpm-interface.c
> > > > > +++ b/drivers/char/tpm/tpm-interface.c
> > > > > @@ -772,13 +772,26 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
> > > > > struct tpm_cmd_t cmd;
> > > > > int rc;
> > > > > struct tpm_chip *chip;
> > > > > + int max_active_banks = ARRAY_SIZE(chip->active_banks);
> > > > > + struct tpm2_digest digest_list[max_active_banks];
> > > > > + u32 count = 0;
> > > > > + int i;
> > > > >
> > > > > chip = tpm_chip_find_get(chip_num);
> > > > > if (chip == NULL)
> > > > > return -ENODEV;
> > > > >
> > > > > if (chip->flags & TPM_CHIP_FLAG_TPM2) {
> > > > > - rc = tpm2_pcr_extend(chip, pcr_idx, hash);
> > > > > + memset(digest_list, 0, sizeof(digest_list));
> > > > > +
> > > > > + for (i = 0; (chip->active_banks[i] != TPM2_ALG_ERROR) &&
> > > > > + (i < max_active_banks); i++) {
> > > > > + digest_list[i].alg_id = chip->active_banks[i];
> > > > > + memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
> > > > > + count++;
> > > > > + }
> > > > > +
> > > > > + rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
> > > > > tpm_put_ops(chip);
> > > > > return rc;
> > > > > }
> > > > > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> > > > > index c291f19..07a0677 100644
> > > > > --- a/drivers/char/tpm/tpm.h
> > > > > +++ b/drivers/char/tpm/tpm.h
> > > > > @@ -534,7 +534,8 @@ static inline void tpm_add_ppi(struct tpm_chip *chip)
> > > > > #endif
> > > > >
> > > > > int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> > > > > -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
> > > > > +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> > > > > + struct tpm2_digest *digests);
> > > > > int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
> > > > > int tpm2_seal_trusted(struct tpm_chip *chip,
> > > > > struct trusted_key_payload *payload,
> > > > > diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> > > > > index 0e000a3..d78adb8 100644
> > > > > --- a/drivers/char/tpm/tpm2-cmd.c
> > > > > +++ b/drivers/char/tpm/tpm2-cmd.c
> > > > > @@ -53,22 +53,6 @@ struct tpm2_pcr_read_out {
> > > > > u8 digest[TPM_DIGEST_SIZE];
> > > > > } __packed;
> > > > >
> > > > > -struct tpm2_null_auth_area {
> > > > > - __be32 handle;
> > > > > - __be16 nonce_size;
> > > > > - u8 attributes;
> > > > > - __be16 auth_size;
> > > > > -} __packed;
> > > > > -
> > > > > -struct tpm2_pcr_extend_in {
> > > > > - __be32 pcr_idx;
> > > > > - __be32 auth_area_size;
> > > > > - struct tpm2_null_auth_area auth_area;
> > > > > - __be32 digest_cnt;
> > > > > - __be16 hash_alg;
> > > > > - u8 digest[TPM_DIGEST_SIZE];
> > > > > -} __packed;
> > > > > -
> > > > > struct tpm2_get_tpm_pt_in {
> > > > > __be32 cap_id;
> > > > > __be32 property_id;
> > > > > @@ -97,7 +81,6 @@ union tpm2_cmd_params {
> > > > > struct tpm2_self_test_in selftest_in;
> > > > > struct tpm2_pcr_read_in pcrread_in;
> > > > > struct tpm2_pcr_read_out pcrread_out;
> > > > > - struct tpm2_pcr_extend_in pcrextend_in;
> > > > > struct tpm2_get_tpm_pt_in get_tpm_pt_in;
> > > > > struct tpm2_get_tpm_pt_out get_tpm_pt_out;
> > > > > struct tpm2_get_random_in getrandom_in;
> > > > > @@ -290,46 +273,68 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> > > > > return rc;
> > > > > }
> > > > >
> > > > > -#define TPM2_GET_PCREXTEND_IN_SIZE \
> > > > > - (sizeof(struct tpm_input_header) + \
> > > > > - sizeof(struct tpm2_pcr_extend_in))
> > > > > -
> > > > > -static const struct tpm_input_header tpm2_pcrextend_header = {
> > > > > - .tag = cpu_to_be16(TPM2_ST_SESSIONS),
> > > > > - .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE),
> > > > > - .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND)
> > > > > -};
> > > > > +struct tpm2_null_auth_area {
> > > > > + __be32 handle;
> > > > > + __be16 nonce_size;
> > > > > + u8 attributes;
> > > > > + __be16 auth_size;
> > > > > +} __packed;
> > > > >
> > > > > /**
> > > > > * tpm2_pcr_extend() - extend a PCR value
> > > > > *
> > > > > * @chip: TPM chip to use.
> > > > > * @pcr_idx: index of the PCR.
> > > > > - * @hash: hash value to use for the extend operation.
> > > > > + * @count: number of digests passed.
> > > > > + * @digests: list of pcr banks and corresponding digest values to extend.
> > > > > *
> > > > > * Return: Same as with tpm_transmit_cmd.
> > > > > */
> > > > > -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
> > > > > +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> > > > > + struct tpm2_digest *digests)
> > > > > {
> > > > > - struct tpm2_cmd cmd;
> > > > > + struct tpm_buf buf;
> > > > > + struct tpm2_null_auth_area auth_area;
> > > > > int rc;
> > > > > + int i;
> > > > > + int j;
> > > > > +
> > > > > + if (count > ARRAY_SIZE(chip->active_banks))
> > > > > + return -EINVAL;
> > > > >
> > > > > - cmd.header.in = tpm2_pcrextend_header;
> > > > > - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
> > > > > - cmd.params.pcrextend_in.auth_area_size =
> > > > > - cpu_to_be32(sizeof(struct tpm2_null_auth_area));
> > > > > - cmd.params.pcrextend_in.auth_area.handle =
> > > > > - cpu_to_be32(TPM2_RS_PW);
> > > > > - cmd.params.pcrextend_in.auth_area.nonce_size = 0;
> > > > > - cmd.params.pcrextend_in.auth_area.attributes = 0;
> > > > > - cmd.params.pcrextend_in.auth_area.auth_size = 0;
> > > > > - cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1);
> > > > > - cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
> > > > > - memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE);
> > > > > + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
> > > > > + if (rc)
> > > > > + return rc;
> > > > >
> > > > > - rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
> > > > > + tpm_buf_append_u32(&buf, pcr_idx);
> > > > > +
> > > > > + auth_area.handle = cpu_to_be32(TPM2_RS_PW);
> > > > > + auth_area.nonce_size = 0;
> > > > > + auth_area.attributes = 0;
> > > > > + auth_area.auth_size = 0;
> > > > > +
> > > > > + tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
> > > > > + tpm_buf_append(&buf, (const unsigned char *)&auth_area,
> > > > > + sizeof(auth_area));
> > > > > + tpm_buf_append_u32(&buf, count);
> > > > > +
> > > > > + for (i = 0; i < count; i++) {
> > > > > + for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) {
> > > > > + if (digests[i].alg_id != tpm2_hash_map[j].tpm_id)
> > > > > + continue;
> > > > > +
> > > > > + tpm_buf_append_u16(&buf, digests[i].alg_id);
> > > > > + tpm_buf_append(&buf, (const unsigned char
> > > > > + *)&digests[i].digest,
> > > > > + hash_digest_size[tpm2_hash_map[j].crypto_id]);
> > > > > + }
> > > > > + }
> > > > > +
> > > > > + rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0,
> > > > > "attempting extend a PCR value");
> > > > >
> > > > > + tpm_buf_destroy(&buf);
> > > > > +
> > > > > return rc;
> > > > > }
> > > > >
> > > > > @@ -993,6 +998,8 @@ int tpm2_auto_startup(struct tpm_chip *chip)
> > > > > }
> > > > > }
> > > > >
> > > > > + rc = tpm2_get_pcr_allocation(chip);
> > > > > +
> > > > > out:
> > > > > if (rc > 0)
> > > > > rc = -ENODEV;
> > > > > diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h
> > > > > index 1660d74..b5ae372 100644
> > > > > --- a/drivers/char/tpm/tpm_eventlog.h
> > > > > +++ b/drivers/char/tpm/tpm_eventlog.h
> > > > > @@ -2,6 +2,8 @@
> > > > > #ifndef __TPM_EVENTLOG_H__
> > > > > #define __TPM_EVENTLOG_H__
> > > > >
> > > > > +#include <crypto/hash_info.h>
> > > > > +
> > > > > #define TCG_EVENT_NAME_LEN_MAX 255
> > > > > #define MAX_TEXT_EVENT 1000 /* Max event string length */
> > > > > #define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */
> > > > > @@ -73,6 +75,11 @@ enum tcpa_pc_event_ids {
> > > > > HOST_TABLE_OF_DEVICES,
> > > > > };
> > > > >
> > > > > +struct tpm2_digest {
> > > > > + u16 alg_id;
> > > > > + u8 digest[SHA512_DIGEST_SIZE];
> > > > > +} __packed;
> > > >
> > > > Shouldn't this be in tpm.h?
> > >
> > > This is a struct common for TPM 2.0 extend and eventlog structure i.e
> > > struct tcg_pcr_event2.
> > > And so I preferred to place it here.
> > >
> >
> > If it is common, why is it in tpm_eventlog.h and not in tpm.h?
>
> Hmm, the way I took it was that all event log structs are in tpm_eventlog.h.
> So, I have defined all structs related to event log into tpm_eventlog.h,
> including this one.
>
> Also, currently, tpm_eventlog.h has no dependency on tpm.h, but tpm.h does
> include tpm_eventlog.h.
>
> Hmm.. is it an issue to have it in tpm_eventlog.h ?
>
> Thanks & Regards,
> - Nayna
I'm not sure why tpm.h should include tpm_eventlog.h.
The struct tpm2_digest is part of the internal API. Other structs are not.
/Jarkko
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks
@ 2017-01-25 19:49 ` Jarkko Sakkinen
0 siblings, 0 replies; 14+ messages in thread
From: Jarkko Sakkinen @ 2017-01-25 19:49 UTC (permalink / raw)
To: Nayna
Cc: tpmdd-devel, peterhuewe, tpmdd, jgunthorpe, linux-security-module,
linux-kernel
On Tue, Jan 24, 2017 at 06:34:54PM +0530, Nayna wrote:
>
>
> On 01/24/2017 05:29 PM, Jarkko Sakkinen wrote:
> > On Mon, Jan 23, 2017 at 10:11:48PM +0530, Nayna wrote:
> > >
> > >
> > > On 01/23/2017 08:49 PM, Jarkko Sakkinen wrote:
> > > > On Fri, Jan 20, 2017 at 12:05:13PM -0500, Nayna Jain wrote:
> > > > > The current TPM 2.0 device driver extends only the SHA1 PCR bank
> > > > > but the TCG Specification[1] recommends extending all active PCR
> > > > > banks, to prevent malicious users from setting unused PCR banks with
> > > > > fake measurements and quoting them.
> > > > >
> > > > > The existing in-kernel interface(tpm_pcr_extend()) expects only a
> > > > > SHA1 digest. To extend all active PCR banks with differing
> > > > > digest sizes, the SHA1 digest is padded with trailing 0's as needed.
> > > > >
> > > > > This patch reuses the defined digest sizes from the crypto subsystem,
> > > > > adding a dependency on CRYPTO_HASH_INFO module.
> > > > >
> > > > > [1] TPM 2.0 Specification referred here is "TCG PC Client Specific
> > > > > Platform Firmware Profile for TPM 2.0"
> > > > >
> > > > > Signed-off-by: Nayna Jain <nayna@linux.vnet.ibm.com>
> > > > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > > > > ---
> > > > > drivers/char/tpm/Kconfig | 1 +
> > > > > drivers/char/tpm/tpm-interface.c | 15 ++++++-
> > > > > drivers/char/tpm/tpm.h | 3 +-
> > > > > drivers/char/tpm/tpm2-cmd.c | 91 +++++++++++++++++++++-------------------
> > > > > drivers/char/tpm/tpm_eventlog.h | 7 ++++
> > > > > 5 files changed, 73 insertions(+), 44 deletions(-)
> > > > >
> > > > > diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
> > > > > index 277186d..af985cc 100644
> > > > > --- a/drivers/char/tpm/Kconfig
> > > > > +++ b/drivers/char/tpm/Kconfig
> > > > > @@ -6,6 +6,7 @@ menuconfig TCG_TPM
> > > > > tristate "TPM Hardware Support"
> > > > > depends on HAS_IOMEM
> > > > > select SECURITYFS
> > > > > + select CRYPTO_HASH_INFO
> > > > > ---help---
> > > > > If you have a TPM security chip in your system, which
> > > > > implements the Trusted Computing Group's specification,
> > > > > diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> > > > > index a3461cb..cf959c3 100644
> > > > > --- a/drivers/char/tpm/tpm-interface.c
> > > > > +++ b/drivers/char/tpm/tpm-interface.c
> > > > > @@ -772,13 +772,26 @@ int tpm_pcr_extend(u32 chip_num, int pcr_idx, const u8 *hash)
> > > > > struct tpm_cmd_t cmd;
> > > > > int rc;
> > > > > struct tpm_chip *chip;
> > > > > + int max_active_banks = ARRAY_SIZE(chip->active_banks);
> > > > > + struct tpm2_digest digest_list[max_active_banks];
> > > > > + u32 count = 0;
> > > > > + int i;
> > > > >
> > > > > chip = tpm_chip_find_get(chip_num);
> > > > > if (chip == NULL)
> > > > > return -ENODEV;
> > > > >
> > > > > if (chip->flags & TPM_CHIP_FLAG_TPM2) {
> > > > > - rc = tpm2_pcr_extend(chip, pcr_idx, hash);
> > > > > + memset(digest_list, 0, sizeof(digest_list));
> > > > > +
> > > > > + for (i = 0; (chip->active_banks[i] != TPM2_ALG_ERROR) &&
> > > > > + (i < max_active_banks); i++) {
> > > > > + digest_list[i].alg_id = chip->active_banks[i];
> > > > > + memcpy(digest_list[i].digest, hash, TPM_DIGEST_SIZE);
> > > > > + count++;
> > > > > + }
> > > > > +
> > > > > + rc = tpm2_pcr_extend(chip, pcr_idx, count, digest_list);
> > > > > tpm_put_ops(chip);
> > > > > return rc;
> > > > > }
> > > > > diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> > > > > index c291f19..07a0677 100644
> > > > > --- a/drivers/char/tpm/tpm.h
> > > > > +++ b/drivers/char/tpm/tpm.h
> > > > > @@ -534,7 +534,8 @@ static inline void tpm_add_ppi(struct tpm_chip *chip)
> > > > > #endif
> > > > >
> > > > > int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
> > > > > -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
> > > > > +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> > > > > + struct tpm2_digest *digests);
> > > > > int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
> > > > > int tpm2_seal_trusted(struct tpm_chip *chip,
> > > > > struct trusted_key_payload *payload,
> > > > > diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> > > > > index 0e000a3..d78adb8 100644
> > > > > --- a/drivers/char/tpm/tpm2-cmd.c
> > > > > +++ b/drivers/char/tpm/tpm2-cmd.c
> > > > > @@ -53,22 +53,6 @@ struct tpm2_pcr_read_out {
> > > > > u8 digest[TPM_DIGEST_SIZE];
> > > > > } __packed;
> > > > >
> > > > > -struct tpm2_null_auth_area {
> > > > > - __be32 handle;
> > > > > - __be16 nonce_size;
> > > > > - u8 attributes;
> > > > > - __be16 auth_size;
> > > > > -} __packed;
> > > > > -
> > > > > -struct tpm2_pcr_extend_in {
> > > > > - __be32 pcr_idx;
> > > > > - __be32 auth_area_size;
> > > > > - struct tpm2_null_auth_area auth_area;
> > > > > - __be32 digest_cnt;
> > > > > - __be16 hash_alg;
> > > > > - u8 digest[TPM_DIGEST_SIZE];
> > > > > -} __packed;
> > > > > -
> > > > > struct tpm2_get_tpm_pt_in {
> > > > > __be32 cap_id;
> > > > > __be32 property_id;
> > > > > @@ -97,7 +81,6 @@ union tpm2_cmd_params {
> > > > > struct tpm2_self_test_in selftest_in;
> > > > > struct tpm2_pcr_read_in pcrread_in;
> > > > > struct tpm2_pcr_read_out pcrread_out;
> > > > > - struct tpm2_pcr_extend_in pcrextend_in;
> > > > > struct tpm2_get_tpm_pt_in get_tpm_pt_in;
> > > > > struct tpm2_get_tpm_pt_out get_tpm_pt_out;
> > > > > struct tpm2_get_random_in getrandom_in;
> > > > > @@ -290,46 +273,68 @@ int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> > > > > return rc;
> > > > > }
> > > > >
> > > > > -#define TPM2_GET_PCREXTEND_IN_SIZE \
> > > > > - (sizeof(struct tpm_input_header) + \
> > > > > - sizeof(struct tpm2_pcr_extend_in))
> > > > > -
> > > > > -static const struct tpm_input_header tpm2_pcrextend_header = {
> > > > > - .tag = cpu_to_be16(TPM2_ST_SESSIONS),
> > > > > - .length = cpu_to_be32(TPM2_GET_PCREXTEND_IN_SIZE),
> > > > > - .ordinal = cpu_to_be32(TPM2_CC_PCR_EXTEND)
> > > > > -};
> > > > > +struct tpm2_null_auth_area {
> > > > > + __be32 handle;
> > > > > + __be16 nonce_size;
> > > > > + u8 attributes;
> > > > > + __be16 auth_size;
> > > > > +} __packed;
> > > > >
> > > > > /**
> > > > > * tpm2_pcr_extend() - extend a PCR value
> > > > > *
> > > > > * @chip: TPM chip to use.
> > > > > * @pcr_idx: index of the PCR.
> > > > > - * @hash: hash value to use for the extend operation.
> > > > > + * @count: number of digests passed.
> > > > > + * @digests: list of pcr banks and corresponding digest values to extend.
> > > > > *
> > > > > * Return: Same as with tpm_transmit_cmd.
> > > > > */
> > > > > -int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash)
> > > > > +int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
> > > > > + struct tpm2_digest *digests)
> > > > > {
> > > > > - struct tpm2_cmd cmd;
> > > > > + struct tpm_buf buf;
> > > > > + struct tpm2_null_auth_area auth_area;
> > > > > int rc;
> > > > > + int i;
> > > > > + int j;
> > > > > +
> > > > > + if (count > ARRAY_SIZE(chip->active_banks))
> > > > > + return -EINVAL;
> > > > >
> > > > > - cmd.header.in = tpm2_pcrextend_header;
> > > > > - cmd.params.pcrextend_in.pcr_idx = cpu_to_be32(pcr_idx);
> > > > > - cmd.params.pcrextend_in.auth_area_size =
> > > > > - cpu_to_be32(sizeof(struct tpm2_null_auth_area));
> > > > > - cmd.params.pcrextend_in.auth_area.handle =
> > > > > - cpu_to_be32(TPM2_RS_PW);
> > > > > - cmd.params.pcrextend_in.auth_area.nonce_size = 0;
> > > > > - cmd.params.pcrextend_in.auth_area.attributes = 0;
> > > > > - cmd.params.pcrextend_in.auth_area.auth_size = 0;
> > > > > - cmd.params.pcrextend_in.digest_cnt = cpu_to_be32(1);
> > > > > - cmd.params.pcrextend_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
> > > > > - memcpy(cmd.params.pcrextend_in.digest, hash, TPM_DIGEST_SIZE);
> > > > > + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND);
> > > > > + if (rc)
> > > > > + return rc;
> > > > >
> > > > > - rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
> > > > > + tpm_buf_append_u32(&buf, pcr_idx);
> > > > > +
> > > > > + auth_area.handle = cpu_to_be32(TPM2_RS_PW);
> > > > > + auth_area.nonce_size = 0;
> > > > > + auth_area.attributes = 0;
> > > > > + auth_area.auth_size = 0;
> > > > > +
> > > > > + tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area));
> > > > > + tpm_buf_append(&buf, (const unsigned char *)&auth_area,
> > > > > + sizeof(auth_area));
> > > > > + tpm_buf_append_u32(&buf, count);
> > > > > +
> > > > > + for (i = 0; i < count; i++) {
> > > > > + for (j = 0; j < ARRAY_SIZE(tpm2_hash_map); j++) {
> > > > > + if (digests[i].alg_id != tpm2_hash_map[j].tpm_id)
> > > > > + continue;
> > > > > +
> > > > > + tpm_buf_append_u16(&buf, digests[i].alg_id);
> > > > > + tpm_buf_append(&buf, (const unsigned char
> > > > > + *)&digests[i].digest,
> > > > > + hash_digest_size[tpm2_hash_map[j].crypto_id]);
> > > > > + }
> > > > > + }
> > > > > +
> > > > > + rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0,
> > > > > "attempting extend a PCR value");
> > > > >
> > > > > + tpm_buf_destroy(&buf);
> > > > > +
> > > > > return rc;
> > > > > }
> > > > >
> > > > > @@ -993,6 +998,8 @@ int tpm2_auto_startup(struct tpm_chip *chip)
> > > > > }
> > > > > }
> > > > >
> > > > > + rc = tpm2_get_pcr_allocation(chip);
> > > > > +
> > > > > out:
> > > > > if (rc > 0)
> > > > > rc = -ENODEV;
> > > > > diff --git a/drivers/char/tpm/tpm_eventlog.h b/drivers/char/tpm/tpm_eventlog.h
> > > > > index 1660d74..b5ae372 100644
> > > > > --- a/drivers/char/tpm/tpm_eventlog.h
> > > > > +++ b/drivers/char/tpm/tpm_eventlog.h
> > > > > @@ -2,6 +2,8 @@
> > > > > #ifndef __TPM_EVENTLOG_H__
> > > > > #define __TPM_EVENTLOG_H__
> > > > >
> > > > > +#include <crypto/hash_info.h>
> > > > > +
> > > > > #define TCG_EVENT_NAME_LEN_MAX 255
> > > > > #define MAX_TEXT_EVENT 1000 /* Max event string length */
> > > > > #define ACPI_TCPA_SIG "TCPA" /* 0x41504354 /'TCPA' */
> > > > > @@ -73,6 +75,11 @@ enum tcpa_pc_event_ids {
> > > > > HOST_TABLE_OF_DEVICES,
> > > > > };
> > > > >
> > > > > +struct tpm2_digest {
> > > > > + u16 alg_id;
> > > > > + u8 digest[SHA512_DIGEST_SIZE];
> > > > > +} __packed;
> > > >
> > > > Shouldn't this be in tpm.h?
> > >
> > > This is a struct common for TPM 2.0 extend and eventlog structure i.e
> > > struct tcg_pcr_event2.
> > > And so I preferred to place it here.
> > >
> >
> > If it is common, why is it in tpm_eventlog.h and not in tpm.h?
>
> Hmm, the way I took it was that all event log structs are in tpm_eventlog.h.
> So, I have defined all structs related to event log into tpm_eventlog.h,
> including this one.
>
> Also, currently, tpm_eventlog.h has no dependency on tpm.h, but tpm.h does
> include tpm_eventlog.h.
>
> Hmm.. is it an issue to have it in tpm_eventlog.h ?
>
> Thanks & Regards,
> - Nayna
I'm not sure why tpm.h should include tpm_eventlog.h.
The struct tpm2_digest is part of the internal API. Other structs are not.
/Jarkko
^ permalink raw reply [flat|nested] 14+ messages in thread
* [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to, support multiple banks
@ 2017-01-25 22:11 ` Ken Goldman
0 siblings, 0 replies; 14+ messages in thread
From: Ken Goldman @ 2017-01-25 22:11 UTC (permalink / raw)
To: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA,
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
> The current TPM 2.0 device driver extends only the SHA1 PCR bank
> but the TCG Specification[1] recommends extending all active PCR
> banks, to prevent malicious users from setting unused PCR banks with
> fake measurements and quoting them.
>
> The existing in-kernel interface(tpm_pcr_extend()) expects only a
> SHA1 digest. To extend all active PCR banks with differing
> digest sizes, the SHA1 digest is padded with trailing 0's as needed.
>
> This patch reuses the defined digest sizes from the crypto subsystem,
> adding a dependency on CRYPTO_HASH_INFO module.
>
> [1] TPM 2.0 Specification referred here is "TCG PC Client Specific
> Platform Firmware Profile for TPM 2.0"
Tested-by: Kenneth Goldman <kgold-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
I obtained an IMA event log from a Power platform, along with the PCR 10
value from both the SHA-1 and SHA-256 banks of its Nuvoton TPM 2.0. I
independently validated that the event log matches the TPM PCR values.
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
^ permalink raw reply [flat|nested] 14+ messages in thread
* [tpmdd-devel] [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to,support multiple banks
@ 2017-01-25 22:11 ` Ken Goldman
0 siblings, 0 replies; 14+ messages in thread
From: Ken Goldman @ 2017-01-25 22:11 UTC (permalink / raw)
To: linux-kernel, linux-security-module, tpmdd-devel
> The current TPM 2.0 device driver extends only the SHA1 PCR bank
> but the TCG Specification[1] recommends extending all active PCR
> banks, to prevent malicious users from setting unused PCR banks with
> fake measurements and quoting them.
>
> The existing in-kernel interface(tpm_pcr_extend()) expects only a
> SHA1 digest. To extend all active PCR banks with differing
> digest sizes, the SHA1 digest is padded with trailing 0's as needed.
>
> This patch reuses the defined digest sizes from the crypto subsystem,
> adding a dependency on CRYPTO_HASH_INFO module.
>
> [1] TPM 2.0 Specification referred here is "TCG PC Client Specific
> Platform Firmware Profile for TPM 2.0"
Tested-by: Kenneth Goldman <kgold@linux.vnet.ibm.com>
I obtained an IMA event log from a Power platform, along with the PCR 10
value from both the SHA-1 and SHA-256 banks of its Nuvoton TPM 2.0. I
independently validated that the event log matches the TPM PCR values.
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to, support multiple banks
2017-01-25 22:11 ` [tpmdd-devel] [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to,support " Ken Goldman
@ 2017-01-30 10:01 ` Nayna
-1 siblings, 0 replies; 14+ messages in thread
From: Nayna @ 2017-01-30 10:01 UTC (permalink / raw)
To: Ken Goldman
Cc: linux-security-module-u79uwXL29TY76Z2rM5mHXA,
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f,
linux-kernel-u79uwXL29TY76Z2rM5mHXA
On 01/26/2017 03:41 AM, Ken Goldman wrote:
>> The current TPM 2.0 device driver extends only the SHA1 PCR bank
>> but the TCG Specification[1] recommends extending all active PCR
>> banks, to prevent malicious users from setting unused PCR banks with
>> fake measurements and quoting them.
>>
>> The existing in-kernel interface(tpm_pcr_extend()) expects only a
>> SHA1 digest. To extend all active PCR banks with differing
>> digest sizes, the SHA1 digest is padded with trailing 0's as needed.
>>
>> This patch reuses the defined digest sizes from the crypto subsystem,
>> adding a dependency on CRYPTO_HASH_INFO module.
>>
>> [1] TPM 2.0 Specification referred here is "TCG PC Client Specific
>> Platform Firmware Profile for TPM 2.0"
>
> Tested-by: Kenneth Goldman <kgold-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
>
> I obtained an IMA event log from a Power platform, along with the PCR 10
> value from both the SHA-1 and SHA-256 banks of its Nuvoton TPM 2.0. I
> independently validated that the event log matches the TPM PCR values.
Thank You Ken !!
Thanks & Regards,
- Nayna
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> _______________________________________________
> tpmdd-devel mailing list
> tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
^ permalink raw reply [flat|nested] 14+ messages in thread
* Re: [tpmdd-devel] [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to, support multiple banks
@ 2017-01-30 10:01 ` Nayna
0 siblings, 0 replies; 14+ messages in thread
From: Nayna @ 2017-01-30 10:01 UTC (permalink / raw)
To: Ken Goldman; +Cc: linux-kernel, linux-security-module, tpmdd-devel
On 01/26/2017 03:41 AM, Ken Goldman wrote:
>> The current TPM 2.0 device driver extends only the SHA1 PCR bank
>> but the TCG Specification[1] recommends extending all active PCR
>> banks, to prevent malicious users from setting unused PCR banks with
>> fake measurements and quoting them.
>>
>> The existing in-kernel interface(tpm_pcr_extend()) expects only a
>> SHA1 digest. To extend all active PCR banks with differing
>> digest sizes, the SHA1 digest is padded with trailing 0's as needed.
>>
>> This patch reuses the defined digest sizes from the crypto subsystem,
>> adding a dependency on CRYPTO_HASH_INFO module.
>>
>> [1] TPM 2.0 Specification referred here is "TCG PC Client Specific
>> Platform Firmware Profile for TPM 2.0"
>
> Tested-by: Kenneth Goldman <kgold@linux.vnet.ibm.com>
>
> I obtained an IMA event log from a Power platform, along with the PCR 10
> value from both the SHA-1 and SHA-256 banks of its Nuvoton TPM 2.0. I
> independently validated that the event log matches the TPM PCR values.
Thank You Ken !!
Thanks & Regards,
- Nayna
>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, SlashDot.org! http://sdm.link/slashdot
> _______________________________________________
> tpmdd-devel mailing list
> tpmdd-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/tpmdd-devel
>
^ permalink raw reply [flat|nested] 14+ messages in thread
end of thread, other threads:[~2017-01-30 10:02 UTC | newest]
Thread overview: 14+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-01-25 22:11 [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to, support multiple banks Ken Goldman
2017-01-25 22:11 ` [tpmdd-devel] [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to,support " Ken Goldman
[not found] ` <beaf57a6-67a1-dd26-6e45-243dd46eb3f0-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2017-01-30 10:01 ` [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to, support " Nayna
2017-01-30 10:01 ` [tpmdd-devel] " Nayna
-- strict thread matches above, loose matches on Subject: below --
2017-01-20 17:05 [PATCH v6 0/2] enhance TPM 2.0 extend function to support multiple PCR banks Nayna Jain
[not found] ` <1484931913-24909-1-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2017-01-20 17:05 ` [PATCH v6 2/2] tpm: enhance TPM 2.0 PCR extend to support multiple banks Nayna Jain
2017-01-20 17:05 ` Nayna Jain
[not found] ` <1484931913-24909-3-git-send-email-nayna-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2017-01-23 15:19 ` Jarkko Sakkinen
2017-01-23 15:19 ` Jarkko Sakkinen
2017-01-23 16:41 ` Nayna
2017-01-24 11:59 ` Jarkko Sakkinen
[not found] ` <20170124115937.s6folc7x4nxgxuv6-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-01-24 13:04 ` Nayna
2017-01-24 13:04 ` Nayna
[not found] ` <588750F6.8070801-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2017-01-25 19:49 ` Jarkko Sakkinen
2017-01-25 19:49 ` Jarkko Sakkinen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.