public inbox for linux-pm@vger.kernel.org
 help / color / mirror / Atom feed
From: Eric Biggers <ebiggers@kernel.org>
To: Evan Green <evgreen@chromium.org>
Cc: linux-kernel@vger.kernel.org, corbet@lwn.net,
	linux-integrity@vger.kernel.org, gwendal@chromium.org,
	dianders@chromium.org, apronin@chromium.org,
	Pavel Machek <pavel@ucw.cz>, Ben Boeckel <me@benboeckel.net>,
	rjw@rjwysocki.net, jejb@linux.ibm.com,
	Kees Cook <keescook@chromium.org>,
	dlunev@google.com, zohar@linux.ibm.com,
	Matthew Garrett <mgarrett@aurora.tech>,
	jarkko@kernel.org, linux-pm@vger.kernel.org,
	Matthew Garrett <mjg59@google.com>,
	Jason Gunthorpe <jgg@ziepe.ca>, Peter Huewe <peterhuewe@gmx.de>
Subject: Re: [PATCH v5 03/11] tpm: Allow PCR 23 to be restricted to kernel-only use
Date: Sun, 13 Nov 2022 12:46:40 -0800	[thread overview]
Message-ID: <Y3FXsPbBeZjAKv1/@sol.localdomain> (raw)
In-Reply-To: <20221111151451.v5.3.I9ded8c8caad27403e9284dfc78ad6cbd845bc98d@changeid>

On Fri, Nov 11, 2022 at 03:16:28PM -0800, Evan Green wrote:
> Introduce a new Kconfig, TCG_TPM_RESTRICT_PCR, which if enabled

TCG_TPM_RESTRICT_PCR => TCG_TPM2_RESTRICT_PCR

> For systems with TPM1 devices, having this Kconfig enabled completely
> restricts usermode's access to the TPM.

This doesn't appear to actually be the case.

> +config TCG_TPM2_RESTRICT_PCR
> +	bool "Restrict userland access to PCR 23 on TPM2 devices"
> +	depends on TCG_TPM

I assume you also considered making this a once-settable sysctl, or similar?
I guess this kconfig is fine for now, but IMO it does violate the concept of
"kernel provides mechanism, not policy".

> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index 303ce2ea02a4b0..3bc5546fddc792 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -778,3 +778,25 @@ int tpm2_find_cc(struct tpm_chip *chip, u32 cc)
>  
>  	return -1;
>  }
> +
> +#ifdef CONFIG_TCG_TPM2_RESTRICT_PCR
> +int tpm2_cmd_restricted(struct tpm_chip *chip, u8 *buffer, size_t size)
> +{
> +	int cc = tpm2_find_and_validate_cc(chip, NULL, buffer, size);
> +	__be32 *handle;
> +
> +	switch (cc) {
> +	case TPM2_CC_PCR_EXTEND:
> +	case TPM2_CC_PCR_RESET:
> +		if (size < (TPM_HEADER_SIZE + sizeof(u32)))
> +			return -EINVAL;
> +
> +		handle = (__be32 *)&buffer[TPM_HEADER_SIZE];
> +		if (be32_to_cpu(*handle) == TPM_RESTRICTED_PCR)
> +			return -EPERM;

get_unaligned_be32((__be32 *)&buffer[TPM_HEADER_SIZE]),
to avoid an unaligned memory access.

> +		break;
> +	}
> +
> +	return 0;

So, if tpm2_find_and_validate_cc() returns an error code, the command is *not*
restricted, even if it uses one of the forbidden command codes.  Are you sure
there are no loopholes here?

- Eric

  reply	other threads:[~2022-11-13 20:46 UTC|newest]

Thread overview: 61+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-11-11 23:16 [PATCH v5 00/11] Encrypted Hibernation Evan Green
2022-11-11 23:16 ` [PATCH v5 01/11] tpm: Add support for in-kernel resetting of PCRs Evan Green
2022-11-13 20:31   ` Eric Biggers
2022-11-27 16:06   ` Jarkko Sakkinen
2022-11-27 16:07     ` Jarkko Sakkinen
2022-11-11 23:16 ` [PATCH v5 02/11] tpm: Export and rename tpm2_find_and_validate_cc() Evan Green
2022-11-11 23:16 ` [PATCH v5 03/11] tpm: Allow PCR 23 to be restricted to kernel-only use Evan Green
2022-11-13 20:46   ` Eric Biggers [this message]
2022-11-14 17:11   ` James Bottomley
2022-11-27 16:33     ` Jarkko Sakkinen
2022-11-27 16:41       ` James Bottomley
2022-11-30 20:22         ` Dr. Greg
2022-11-30 21:34           ` Casey Schaufler
2022-12-02  1:10             ` Dr. Greg
2023-01-03 20:42     ` Matthew Garrett
2023-01-03 21:04       ` William Roberts
2023-01-03 21:10         ` Matthew Garrett
2023-01-14 14:55           ` James Bottomley
2023-01-14 15:11             ` William Roberts
2023-01-15  3:05             ` Matthew Garrett
2023-01-15 14:41               ` William Roberts
2023-01-17 21:26               ` James Bottomley
2023-01-21  3:29             ` Jarkko Sakkinen
2023-01-23 17:48               ` William Roberts
2023-01-24 11:51                 ` Dr. Greg
2023-01-24 12:38                 ` James Bottomley
2023-01-24 15:05                   ` William Roberts
2023-01-26 17:21                   ` Jarkko Sakkinen
2023-01-26 17:32                     ` William Roberts
2023-01-26 21:30                       ` Jarkko Sakkinen
2023-01-26 22:01                         ` William Roberts
2023-02-07 23:20                           ` Jarkko Sakkinen
2023-01-26 17:07                 ` Jarkko Sakkinen
2023-01-26 17:12                   ` Jarkko Sakkinen
2023-01-26 17:20                     ` William Roberts
2023-01-10 16:07       ` William Roberts
2022-11-27 16:29   ` Jarkko Sakkinen
2022-11-11 23:16 ` [PATCH v5 04/11] security: keys: trusted: Include TPM2 creation data Evan Green
2022-11-13 21:20   ` Eric Biggers
2022-11-14  3:32     ` James Bottomley
2022-11-14 16:32       ` Evan Green
2022-11-14 16:56         ` James Bottomley
2022-11-14 17:43           ` Evan Green
2022-11-14 18:00             ` James Bottomley
2022-12-02 21:03               ` James Bottomley
2022-12-05 18:43                 ` Evan Green
2022-11-11 23:16 ` [PATCH v5 05/11] security: keys: trusted: Allow storage of PCR values in " Evan Green
2022-11-13 22:01   ` Eric Biggers
2022-11-11 23:16 ` [PATCH v5 06/11] security: keys: trusted: Verify " Evan Green
2022-11-13 22:13   ` Eric Biggers
2022-11-11 23:16 ` [PATCH v5 07/11] PM: hibernate: Add kernel-based encryption Evan Green
2022-11-13 22:55   ` Eric Biggers
2022-11-11 23:16 ` [PATCH v5 08/11] PM: hibernate: Use TPM-backed keys to encrypt image Evan Green
2022-11-13 23:33   ` Eric Biggers
2022-11-11 23:16 ` [PATCH v5 09/11] PM: hibernate: Mix user key in encrypted hibernate Evan Green
2022-11-13 23:44   ` Eric Biggers
2022-11-11 23:16 ` [PATCH v5 10/11] PM: hibernate: Verify the digest encryption key Evan Green
2022-11-13 23:47   ` Eric Biggers
2022-11-11 23:16 ` [PATCH v5 11/11] PM: hibernate: seal the encryption key with a PCR policy Evan Green
2022-11-13 23:51   ` Eric Biggers
2022-12-07 23:54 ` [PATCH v5 00/11] Encrypted Hibernation Evan Green

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Y3FXsPbBeZjAKv1/@sol.localdomain \
    --to=ebiggers@kernel.org \
    --cc=apronin@chromium.org \
    --cc=corbet@lwn.net \
    --cc=dianders@chromium.org \
    --cc=dlunev@google.com \
    --cc=evgreen@chromium.org \
    --cc=gwendal@chromium.org \
    --cc=jarkko@kernel.org \
    --cc=jejb@linux.ibm.com \
    --cc=jgg@ziepe.ca \
    --cc=keescook@chromium.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-pm@vger.kernel.org \
    --cc=me@benboeckel.net \
    --cc=mgarrett@aurora.tech \
    --cc=mjg59@google.com \
    --cc=pavel@ucw.cz \
    --cc=peterhuewe@gmx.de \
    --cc=rjw@rjwysocki.net \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox