From: "Jarkko Sakkinen" <jarkko@kernel.org>
To: "Nícolas F. R. A. Prado" <nfraprado@collabora.com>,
"James Bottomley" <James.Bottomley@hansenpartnership.com>
Cc: "Ard Biesheuvel" <ardb@kernel.org>,
"Linux Crypto Mailing List" <linux-crypto@vger.kernel.org>,
"Herbert Xu" <herbert@gondor.apana.org.au>,
<linux-integrity@vger.kernel.org>, <keyrings@vger.kernel.org>,
<regressions@lists.linux.dev>, <kernel@collabora.com>
Subject: Re: [PATCH v8 18/22] tpm: add session encryption protection to tpm2_get_random()
Date: Fri, 17 May 2024 19:48:48 +0300 [thread overview]
Message-ID: <D1C2NPOBHAHK.20O4IME8OK1FH@kernel.org> (raw)
In-Reply-To: <dfb0d930-7cbe-46c5-be19-d132b4906ecf@notapiano>
On Fri May 17, 2024 at 7:22 PM EEST, Nícolas F. R. A. Prado wrote:
> On Fri, May 17, 2024 at 07:25:40AM -0700, James Bottomley wrote:
> > On Fri, 2024-05-17 at 15:43 +0200, Ard Biesheuvel wrote:
> > > On Fri, 17 May 2024 at 15:35, James Bottomley
> > > <James.Bottomley@hansenpartnership.com> wrote:
> > [...]
> > > > Thanks for the analysis. If I look at how CRYPTO_ECC does it, that
> > > > selects CRYPTO_RNG_DEFAULT which pulls in CRYPTO_DRBG, so the fix
> > > > would be the attached. Does that look right to you Ard?
> > >
> > > No it doesn't - it's CRYPTO_RNG_DEFAULT not CRYTPO_RNG_DEFAULT :-)
> > >
> > > With that fixed,
> > >
> > > Acked-by: Ard Biesheuvel <ardb@kernel.org>
> >
> > Erm, oops, sorry about that; so attached is the update.
> >
> > James
> >
> > ---8>8>8><8<8<8---
> >
> > From 2ac337a33e6416ef806e2c692b9239d193e8468f Mon Sep 17 00:00:00 2001
> > From: James Bottomley <James.Bottomley@HansenPartnership.com>
> > Date: Fri, 17 May 2024 06:29:31 -0700
> > Subject: [PATCH] tpm: Fix sessions cryptography requirement for Random Numbers
> > MIME-Version: 1.0
> > Content-Type: text/plain; charset=UTF-8
> > Content-Transfer-Encoding: 8bit
> >
> > The ECDH code in tpm2-sessions.c requires an initial random number
> > generator to generate the key pair. If the configuration doesn't have
> > CONFIG_RNG_DEFAULT, it will try to pull this in as a module (which is
> > impossible for the early kernel boot where the TPM starts). Fix this
> > by selecting the required RNG.
> >
> > Reported-by: Nícolas F. R. A. Prado <nfraprado@collabora.com>
> > Fixes: 1b6d7f9eb150 ("tpm: add session encryption protection to tpm2_get_random()")
> > Acked-by: Ard Biesheuvel <ardb@kernel.org>
> > Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
> > ---
> > drivers/char/tpm/Kconfig | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
> > index 4f83ee7021d0..ecdd3db4be2b 100644
> > --- a/drivers/char/tpm/Kconfig
> > +++ b/drivers/char/tpm/Kconfig
> > @@ -31,6 +31,7 @@ config TCG_TPM2_HMAC
> > bool "Use HMAC and encrypted transactions on the TPM bus"
> > default y
> > select CRYPTO_ECDH
> > + select CRYPTO_RNG_DEFAULT
> > select CRYPTO_LIB_AESCFB
> > select CRYPTO_LIB_SHA256
> > help
> > --
> > 2.35.3
> >
> >
>
> Hi James,
>
> thanks for the patch. But I actually already had that config enabled builtin. I
> also had ECDH and DRBG which have been suggested previously:
>
> CONFIG_CRYPTO_RNG_DEFAULT=y
>
> CONFIG_CRYPTO_DRBG_MENU=y
> CONFIG_CRYPTO_DRBG_HMAC=y
> # CONFIG_CRYPTO_DRBG_HASH is not set
> # CONFIG_CRYPTO_DRBG_CTR is not set
> CONFIG_CRYPTO_DRBG=y
>
> CONFIG_CRYPTO_ECDH=y
>
> I've pasted my full config here: http://0x0.st/XPN_.txt
>
> Adding a debug print I see that the module that the code tries to load is
> "crypto-hmac(sha512)". I would have expected to see
>
> MODULE_ALIAS_CRYPTO("hmac(sha512)");
>
> in crypto/drbg.c, but I don't see it anywhere in the tree. Maybe it is missing?
1. Bug fixes need to be submitted as described in
https://www.kernel.org/doc/html/latest/process/submitting-patches.html
2. The patch is missing the transcript:
https://lore.kernel.org/linux-integrity/D1BRZ60B9O5S.3NAT20QPQE6KH@kernel.org/
There's nothing to review at this point.
>
> Thanks,
> Nícolas
BR, Jarkko
next prev parent reply other threads:[~2024-05-17 16:48 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-29 20:27 [PATCH v8 00/22] add integrity and security to TPM2 transactions James Bottomley
2024-04-29 20:27 ` [PATCH v8 01/22] tpm: Remove unused tpm_buf_tag() James Bottomley
2024-04-29 20:27 ` [PATCH v8 02/22] tpm: Remove tpm_send() James Bottomley
2024-04-29 20:27 ` [PATCH v8 03/22] tpm: Move buffer handling from static inlines to real functions James Bottomley
2024-04-29 20:27 ` [PATCH v8 04/22] tpm: Update struct tpm_buf documentation comments James Bottomley
2024-04-29 20:27 ` [PATCH v8 05/22] tpm: Store the length of the tpm_buf data separately James Bottomley
2024-04-29 20:27 ` [PATCH v8 06/22] tpm: TPM2B formatted buffers James Bottomley
2024-04-29 20:27 ` [PATCH v8 07/22] tpm: Add tpm_buf_read_{u8,u16,u32} James Bottomley
2024-04-29 20:27 ` [PATCH v8 08/22] KEYS: trusted: tpm2: Use struct tpm_buf for sized buffers James Bottomley
2024-04-29 20:27 ` [PATCH v8 09/22] crypto: lib - implement library version of AES in CFB mode James Bottomley
2024-04-29 20:27 ` [PATCH v8 10/22] tpm: add buffer function to point to returned parameters James Bottomley
2024-04-29 20:28 ` [PATCH v8 11/22] tpm: export the context save and load commands James Bottomley
2024-04-29 20:28 ` [PATCH v8 12/22] tpm: Add NULL primary creation James Bottomley
2024-04-29 22:37 ` Jarkko Sakkinen
2024-04-29 20:28 ` [PATCH v8 13/22] tpm: Add TCG mandated Key Derivation Functions (KDFs) James Bottomley
2024-04-29 22:37 ` Jarkko Sakkinen
2024-04-29 20:28 ` [PATCH v8 14/22] tpm: Add HMAC session start and end functions James Bottomley
2024-04-29 22:38 ` Jarkko Sakkinen
2024-04-30 16:49 ` Jarkko Sakkinen
2024-04-29 20:28 ` [PATCH v8 15/22] tpm: Add HMAC session name/handle append James Bottomley
2024-04-29 22:38 ` Jarkko Sakkinen
2024-04-29 20:28 ` [PATCH v8 16/22] tpm: Add the rest of the session HMAC API James Bottomley
2024-04-29 22:39 ` Jarkko Sakkinen
2024-04-29 20:28 ` [PATCH v8 17/22] tpm: add hmac checks to tpm2_pcr_extend() James Bottomley
2024-04-29 20:28 ` [PATCH v8 18/22] tpm: add session encryption protection to tpm2_get_random() James Bottomley
2024-05-17 0:25 ` Nícolas F. R. A. Prado
2024-05-17 1:59 ` James Bottomley
2024-05-17 7:20 ` Ard Biesheuvel
2024-05-17 8:26 ` Jarkko Sakkinen
2024-05-17 13:35 ` James Bottomley
2024-05-17 13:43 ` Ard Biesheuvel
2024-05-17 14:25 ` James Bottomley
2024-05-17 16:22 ` Nícolas F. R. A. Prado
2024-05-17 16:48 ` Jarkko Sakkinen [this message]
2024-05-18 4:31 ` Eric Biggers
2024-05-18 7:03 ` [PATCH] crypto: api - Do not load modules until algapi is ready Herbert Xu
2024-05-18 11:04 ` Jarkko Sakkinen
2024-05-18 12:32 ` Herbert Xu
2024-05-18 13:03 ` Jarkko Sakkinen
2024-05-18 13:07 ` James Bottomley
2024-05-19 4:19 ` Herbert Xu
2024-05-20 15:49 ` Nícolas F. R. A. Prado
2024-05-21 2:53 ` [v2 PATCH] crypto: api - Do not load modules if called by async probing Herbert Xu
2024-05-21 19:37 ` Nícolas F. R. A. Prado
2024-05-22 5:37 ` [v3 PATCH] hwrng: core - Remove add_early_randomness Herbert Xu
2024-05-22 11:51 ` Jarkko Sakkinen
2024-05-23 4:50 ` Herbert Xu
2024-05-22 19:19 ` Nícolas F. R. A. Prado
2024-05-22 22:53 ` Linus Torvalds
2024-05-23 4:49 ` Herbert Xu
2024-05-23 9:53 ` Jarkko Sakkinen
2024-05-23 9:58 ` Herbert Xu
2024-05-23 10:07 ` Jarkko Sakkinen
2024-05-23 10:02 ` Jarkko Sakkinen
2024-05-23 10:40 ` Torsten Duwe
2024-05-18 10:56 ` [PATCH v8 18/22] tpm: add session encryption protection to tpm2_get_random() Jarkko Sakkinen
2024-05-18 12:31 ` Herbert Xu
2024-04-29 20:28 ` [PATCH v8 19/22] KEYS: trusted: Add session encryption protection to the seal/unseal path James Bottomley
2024-04-29 20:28 ` [PATCH v8 20/22] tpm: add the null key name as a sysfs export James Bottomley
2024-04-29 20:28 ` [PATCH v8 21/22] Documentation: add tpm-security.rst James Bottomley
2024-04-29 20:28 ` [PATCH v8 22/22] tpm: disable the TPM if NULL name changes James Bottomley
2024-04-29 22:59 ` Jarkko Sakkinen
2024-04-29 23:34 ` Jarkko Sakkinen
2024-04-29 22:22 ` [PATCH v8 00/22] add integrity and security to TPM2 transactions Jarkko Sakkinen
2024-04-29 22:26 ` Jarkko Sakkinen
2024-04-29 23:49 ` Jarkko Sakkinen
2024-04-30 11:18 ` Stefan Berger
2024-04-30 18:37 ` Jarkko Sakkinen
2024-04-30 18:57 ` Stefan Berger
2024-04-30 19:23 ` James Bottomley
2024-04-30 21:48 ` Jarkko Sakkinen
2024-04-30 22:31 ` James Bottomley
2024-04-30 22:46 ` Jarkko Sakkinen
2024-04-30 23:10 ` Jarkko Sakkinen
2024-05-03 23:18 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D1C2NPOBHAHK.20O4IME8OK1FH@kernel.org \
--to=jarkko@kernel.org \
--cc=James.Bottomley@hansenpartnership.com \
--cc=ardb@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=kernel@collabora.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=nfraprado@collabora.com \
--cc=regressions@lists.linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox