From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: linux-integrity@vger.kernel.org
Cc: "James E.J. Bottomley" <James.Bottomley@HansenPartnership.com>,
Sumit Garg <sumit.garg@linaro.org>,
David Howells <dhowells@redhat.com>,
stable@vger.kernel.org
Subject: Re: [PATCH v3 2/2] KEYS: trusted: Reserve TPM for seal and unseal operations
Date: Wed, 30 Sep 2020 01:58:41 +0300 [thread overview]
Message-ID: <20200929225841.GA805025@linux.intel.com> (raw)
In-Reply-To: <20200929225141.804688-2-jarkko.sakkinen@linux.intel.com>
On Wed, Sep 30, 2020 at 01:51:41AM +0300, Jarkko Sakkinen wrote:
> When TPM 2.0 trusted keys code was moved to the trusted keys subsystem,
> the operations were unwrapped from tpm_try_get_ops() and tpm_put_ops(),
> which are used to take temporarily the ownership of the TPM chip. The
> ownership is only taken inside tpm_send(), but this is not sufficient,
> as in the key load TPM2_CC_LOAD, TPM2_CC_UNSEAL and TPM2_FLUSH_CONTEXT
> need to be done as a one single atom.
>
> Fix this issue by introducting trusted_tpm_load() and trusted_tpm_new(),
> which wrap these operations, and take the TPM chip ownership before
> sending anything. Use tpm_transmit_cmd() to send TPM commands instead
> of tpm_send(), reverting back to the old behaviour.
>
> Fixes: 2e19e10131a0 ("KEYS: trusted: Move TPM2 trusted keys code")
> Reported-by: "James E.J. Bottomley" <James.Bottomley@HansenPartnership.com>
> Cc: Sumit Garg <sumit.garg@linaro.org>
> Cc: David Howells <dhowells@redhat.com>
> Cc: stable@vger.kernel.org
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
I double checked that patches were in my BuildRoot rootfs and kernel.
I also did an update to tpm2-scripts:
https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/tpm2-scripts.git/
See the tip commit. That explains my ASN.1 testing issues. Now that test
script fully works again in all of my machines.
Lessons learned, or more like, how do we disclose this kind of testing
issue in future: I suggest that we migrate keyctl-smoke.sh (can be
possibly renamed) to the kernel selftests, and keep it up to date.
It would also degrade possible stability issues in trusted keys if
everyone has standard point of reference.
Thoughts?
/Jarkko
prev parent reply other threads:[~2020-09-29 22:58 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-29 22:51 [PATCH v3 1/2] KEYS: trusted: Fix incorrect handling of tpm_get_random() Jarkko Sakkinen
2020-09-29 22:51 ` [PATCH v3 2/2] KEYS: trusted: Reserve TPM for seal and unseal operations Jarkko Sakkinen
2020-09-29 22:58 ` Jarkko Sakkinen [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200929225841.GA805025@linux.intel.com \
--to=jarkko.sakkinen@linux.intel.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=dhowells@redhat.com \
--cc=linux-integrity@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=sumit.garg@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).