[PATCH v9 08/11] tpm2-sessions: Remove the support for more than one authorization

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Jarkko Sakkinen <jarkko@kernel.org>
To: linux-integrity@vger.kernel.org
Cc: Jarkko Sakkinen <jarkko@kernel.org>,
	James Bottomley <James.Bottomley@HansenPartnership.com>,
	Mimi Zohar <zohar@linux.ibm.com>,
	David Howells <dhowells@redhat.com>,
	Paul Moore <paul@paul-moore.com>,
	James Morris <jmorris@namei.org>,
	"Serge E. Hallyn" <serge@hallyn.com>,
	keyrings@vger.kernel.org (open list:KEYS-TRUSTED),
	linux-security-module@vger.kernel.org (open list:SECURITY
	SUBSYSTEM), linux-kernel@vger.kernel.org (open list)
Subject: [PATCH v9 08/11] tpm2-sessions: Remove the support for more than one authorization
Date: Sun, 25 Jan 2026 21:25:18 +0200	[thread overview]
Message-ID: <20260125192526.782202-9-jarkko@kernel.org> (raw)
In-Reply-To: <20260125192526.782202-1-jarkko@kernel.org>

Kernel uses at most a single HMAC authorization at a time.

From that basis, remove the unused machinery for managing multiple
authorizations.

Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
---
v8:
- Rewrote the commit message.
- Added an inline comment explaining why unconditional sha256_update() call
  for the name is safe.
---
 drivers/char/tpm/tpm2-sessions.c | 40 ++++++++++++++------------------
 1 file changed, 18 insertions(+), 22 deletions(-)

diff --git a/drivers/char/tpm/tpm2-sessions.c b/drivers/char/tpm/tpm2-sessions.c
index 3bc3c31cf512..98cea20040cf 100644
--- a/drivers/char/tpm/tpm2-sessions.c
+++ b/drivers/char/tpm/tpm2-sessions.c
@@ -72,9 +72,6 @@
 #include <crypto/sha2.h>
 #include <crypto/utils.h>
 
-/* maximum number of names the TPM must remember for authorization */
-#define AUTH_MAX_NAMES	3
-
 #define AES_KEY_BYTES	AES_KEYSIZE_128
 #define AES_KEY_BITS	(AES_KEY_BYTES*8)
 
@@ -136,8 +133,8 @@ struct tpm2_auth {
 	 * handle, but they are part of the session by name, which
 	 * we must compute and remember
 	 */
-	u8 name[AUTH_MAX_NAMES][TPM2_MAX_NAME_SIZE];
-	u16 name_size_tbl[AUTH_MAX_NAMES];
+	u8 name[TPM2_MAX_NAME_SIZE];
+	u16 name_size;
 };
 
 #ifdef CONFIG_TCG_TPM2_HMAC
@@ -261,11 +258,14 @@ EXPORT_SYMBOL_GPL(tpm2_read_public);
 int tpm_buf_append_name(struct tpm_chip *chip, struct tpm_buf *buf,
 			u32 handle, u8 *name, u16 name_size)
 {
-#ifdef CONFIG_TCG_TPM2_HMAC
 	struct tpm2_auth *auth;
-	int slot;
 	int ret;
-#endif
+
+	if (tpm_buf_length(buf) != TPM_HEADER_SIZE) {
+		dev_err(&chip->dev, "too many handles\n");
+		ret = -EIO;
+		goto err;
+	}
 
 	if (!tpm2_chip_auth(chip)) {
 		tpm_buf_append_handle(chip, buf, handle);
@@ -273,12 +273,6 @@ int tpm_buf_append_name(struct tpm_chip *chip, struct tpm_buf *buf,
 	}
 
 #ifdef CONFIG_TCG_TPM2_HMAC
-	slot = (tpm_buf_length(buf) - TPM_HEADER_SIZE) / 4;
-	if (slot >= AUTH_MAX_NAMES) {
-		dev_err(&chip->dev, "too many handles\n");
-		ret = -EIO;
-		goto err;
-	}
 	auth = chip->auth;
 	if (auth->session != tpm_buf_length(buf)) {
 		dev_err(&chip->dev, "session state malformed");
@@ -287,16 +281,14 @@ int tpm_buf_append_name(struct tpm_chip *chip, struct tpm_buf *buf,
 	}
 	tpm_buf_append_u32(buf, handle);
 	auth->session += 4;
-	memcpy(auth->name[slot], name, name_size);
-	auth->name_size_tbl[slot] = name_size;
+	memcpy(auth->name, name, name_size);
+	auth->name_size = name_size;
 #endif
 	return 0;
 
-#ifdef CONFIG_TCG_TPM2_HMAC
 err:
 	tpm2_end_auth_session(chip);
 	return ret;
-#endif
 }
 EXPORT_SYMBOL_GPL(tpm_buf_append_name);
 
@@ -662,14 +654,18 @@ int tpm_buf_fill_hmac_session(struct tpm_chip *chip, struct tpm_buf *buf)
 	}
 
 	sha256_init(&sctx);
-	/* ordinal is already BE */
 	sha256_update(&sctx, (u8 *)&head->ordinal, sizeof(head->ordinal));
-	/* add the handle names */
-	for (i = 0; i < handles; i++)
-		sha256_update(&sctx, auth->name[i], auth->name_size_tbl[i]);
+
+	/*
+	 * If tpm2_buf_append_name() has not been called, this is a no-op, as
+	 * auth->name_size is zero.
+	 */
+	sha256_update(&sctx, auth->name, auth->name_size);
+
 	if (offset_s != tpm_buf_length(buf))
 		sha256_update(&sctx, &buf->data[offset_s],
 			      tpm_buf_length(buf) - offset_s);
+
 	sha256_final(&sctx, cphash);
 
 	/* now calculate the hmac */
-- 
2.52.0

next prev parent reply	other threads:[~2026-01-25 19:26 UTC|newest]

Thread overview: 26+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-01-25 19:25 [PATCH v9 00/11] Streamline TPM2 HMAC sessions Jarkko Sakkinen
2026-01-25 19:25 ` [PATCH v9 01/11] KEYS: trusted: Use get_random-fallback for TPM Jarkko Sakkinen
2026-01-29 16:18   ` Roberto Sassu
2026-02-01 22:25     ` Jarkko Sakkinen
2026-02-20 18:04   ` Mimi Zohar
2026-02-20 18:30     ` Chris Fenner
2026-03-03 21:32       ` Jarkko Sakkinen
2026-03-05 15:37         ` Mimi Zohar
2026-03-18 17:36           ` Chris Fenner
2026-03-19 14:28             ` Mimi Zohar
2026-03-23  5:26               ` Jarkko Sakkinen
2026-03-23  5:34                 ` Jarkko Sakkinen
2026-03-23  5:46                   ` Jarkko Sakkinen
2026-03-23  5:24           ` Jarkko Sakkinen
2026-03-03 21:30     ` Jarkko Sakkinen
2026-01-25 19:25 ` [PATCH v9 02/11] KEYS: trusted: Use get_random_bytes_wait() instead of tpm_get_random() Jarkko Sakkinen
2026-01-25 19:25 ` [PATCH v9 03/11] tpm: Change tpm_get_random() opportunistic Jarkko Sakkinen
2026-01-25 19:25 ` [PATCH v9 04/11] tpm2-sessions: Define TPM2_NAME_MAX_SIZE Jarkko Sakkinen
2026-01-25 19:25 ` [PATCH v9 05/11] KEYS: trusted: Open code tpm2_buf_append() Jarkko Sakkinen
2026-01-25 19:25 ` [PATCH v9 06/11] KEYS: trusted: Remove dead branch from tpm2_unseal_cmd Jarkko Sakkinen
2026-01-25 19:25 ` [PATCH v9 07/11] KEYS: trusted: Re-orchestrate tpm2_read_public() calls Jarkko Sakkinen
2026-01-25 19:25 ` Jarkko Sakkinen [this message]
2026-01-25 19:25 ` [PATCH v9 09/11] tpm-buf: Remove tpm_buf_append_handle Jarkko Sakkinen
2026-01-25 19:25 ` [PATCH v9 10/11] tpm-buf: Merge TPM_BUF_BOUNDARY_ERROR and TPM_BUF_OVERFLOW Jarkko Sakkinen
2026-01-25 19:25 ` [PATCH v9 11/11] tpm-buf: Implement managed allocations Jarkko Sakkinen
2026-02-08 14:09   ` Jarkko Sakkinen

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:3bc3c31cf51 dfblob:98cea20040c )
 OR (
bs:"[PATCH v9 08/11] tpm2-sessions: Remove the support for more than one authorization" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260125192526.782202-9-jarkko@kernel.org \
    --to=jarkko@kernel.org \
    --cc=James.Bottomley@HansenPartnership.com \
    --cc=dhowells@redhat.com \
    --cc=jmorris@namei.org \
    --cc=keyrings@vger.kernel.org \
    --cc=linux-integrity@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-security-module@vger.kernel.org \
    --cc=paul@paul-moore.com \
    --cc=serge@hallyn.com \
    --cc=zohar@linux.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox