Re: [PATCH AUTOSEL 5.4 9/9] tpm: End any active auth session before shutdown

[Jonathan McDowell <noodles@earth.li>]

NAK. Not sure on the logic that decided this was applicable for 5.4, but 
it's obviously not even been compile tested:

noodles@sevai:~/checkouts/linux$ git checkout v5.4.291
Updating files: 100% (13517/13517), done.
Previous HEAD position was 219d54332a09 Linux 5.4
HEAD is now at 52bcf31d8e3d Linux 5.4.291
noodles@sevai:~/checkouts/linux$ git grep tpm2_end_auth_session
noodles@sevai:~/checkouts/linux$ 

The auth session bits were introduced in 699e3efd6c645 (tpm: Add HMAC 
session start and end functions), which landed in 6.10.

On Thu, Apr 03, 2025 at 03:20:50PM -0400, Sasha Levin wrote:
>From: Jonathan McDowell <noodles@meta.com>
>
>[ Upstream commit 1dbf74e00a5f882b04b398399b6def65cd51ef21 ]
>
>Lazy flushing of TPM auth sessions can interact badly with IMA + kexec,
>resulting in loaded session handles being leaked across the kexec and
>not cleaned up. Fix by ensuring any active auth session is ended before
>the TPM is told about the shutdown, matching what is done when
>suspending.
>
>Before:
>
>root@debian-qemu-efi:~# tpm2_getcap handles-loaded-session
>root@debian-qemu-efi:~# tpm2_getcap handles-saved-session
>root@debian-qemu-efi:~# kexec --load --kexec-file-syscall …
>root@debian-qemu-efi:~# systemctl kexec
>…
>root@debian-qemu-efi:~# tpm2_getcap handles-loaded-session
>- 0x2000000
>root@debian-qemu-efi:~# tpm2_getcap handles-saved-session
>root@debian-qemu-efi:~#
>(repeat kexec steps)
>root@debian-qemu-efi:~# tpm2_getcap handles-loaded-session
>- 0x2000000
>- 0x2000001
>root@debian-qemu-efi:~# tpm2_getcap handles-saved-session
>root@debian-qemu-efi:~#
>
>After:
>
>root@debian-qemu-efi:~# tpm2_getcap handles-loaded-session
>root@debian-qemu-efi:~# tpm2_getcap handles-saved-session
>root@debian-qemu-efi:~# kexec --load --kexec-file-syscall …
>root@debian-qemu-efi:~# systemctl kexec
>…
>root@debian-qemu-efi:~# tpm2_getcap handles-loaded-session
>root@debian-qemu-efi:~# tpm2_getcap handles-saved-session
>root@debian-qemu-efi:~#
>
>Signed-off-by: Jonathan McDowell <noodles@meta.com>
>Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
>Signed-off-by: Sasha Levin <sashal@kernel.org>
>---
> drivers/char/tpm/tpm-chip.c | 1 +
> 1 file changed, 1 insertion(+)
>
>diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
>index 17fbd7f7a2954..b33e938d80e8a 100644
>--- a/drivers/char/tpm/tpm-chip.c
>+++ b/drivers/char/tpm/tpm-chip.c
>@@ -290,6 +290,7 @@ static int tpm_class_shutdown(struct device *dev)
> 	down_write(&chip->ops_sem);
> 	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
> 		if (!tpm_chip_start(chip)) {
>+			tpm2_end_auth_session(chip);
> 			tpm2_shutdown(chip, TPM2_SU_CLEAR);
> 			tpm_chip_stop(chip);
> 		}
>-- 
>2.39.5
>
>

J.

-- 
... Inside every living person there's a dead person trying to get out.