Re: [PATCH v10, RESEND 5/6] KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 3/21/2019 2:15 PM, Jarkko Sakkinen wrote:
On Mon, Mar 18, 2019 at 03:35:08PM -0700, Dan Williams wrote:
On Wed, Feb 6, 2019 at 10:30 AM Roberto Sassu <roberto.sassu@xxxxxxxxxx> wrote:

When crypto agility support will be added to the TPM driver, users of the
driver have to retrieve the allocated banks from chip->allocated_banks and
use this information to prepare the array of tpm_digest structures to be
passed to tpm_pcr_extend().

This patch retrieves a tpm_chip pointer from tpm_default_chip() so that the
pointer can be used to prepare the array of tpm_digest structures.

Signed-off-by: Roberto Sassu <roberto.sassu@xxxxxxxxxx>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>
---
  security/keys/trusted.c | 38 ++++++++++++++++++++++++--------------
  1 file changed, 24 insertions(+), 14 deletions(-)

diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index 4d98f4f87236..5b852263eae1 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -34,6 +34,7 @@

  static const char hmac_alg[] = "hmac(sha1)";
  static const char hash_alg[] = "sha1";
+static struct tpm_chip *chip;

  struct sdesc {
         struct shash_desc shash;
@@ -362,7 +363,7 @@ int trusted_tpm_send(unsigned char *cmd, size_t buflen)
         int rc;

         dump_tpm_buf(cmd);
-       rc = tpm_send(NULL, cmd, buflen);
+       rc = tpm_send(chip, cmd, buflen);
         dump_tpm_buf(cmd);
         if (rc > 0)
                 /* Can't return positive return codes values to keyctl */
@@ -384,10 +385,10 @@ static int pcrlock(const int pcrnum)

         if (!capable(CAP_SYS_ADMIN))
                 return -EPERM;
-       ret = tpm_get_random(NULL, hash, SHA1_DIGEST_SIZE);
+       ret = tpm_get_random(chip, hash, SHA1_DIGEST_SIZE);
         if (ret != SHA1_DIGEST_SIZE)
                 return ret;
-       return tpm_pcr_extend(NULL, pcrnum, hash) ? -EINVAL : 0;
+       return tpm_pcr_extend(chip, pcrnum, hash) ? -EINVAL : 0;
  }

  /*
@@ -400,7 +401,7 @@ static int osap(struct tpm_buf *tb, struct osapsess *s,
         unsigned char ononce[TPM_NONCE_SIZE];
         int ret;

-       ret = tpm_get_random(NULL, ononce, TPM_NONCE_SIZE);
+       ret = tpm_get_random(chip, ononce, TPM_NONCE_SIZE);
         if (ret != TPM_NONCE_SIZE)
                 return ret;

@@ -496,7 +497,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype,
         if (ret < 0)
                 goto out;

-       ret = tpm_get_random(NULL, td->nonceodd, TPM_NONCE_SIZE);
+       ret = tpm_get_random(chip, td->nonceodd, TPM_NONCE_SIZE);
         if (ret != TPM_NONCE_SIZE)
                 goto out;
         ordinal = htonl(TPM_ORD_SEAL);
@@ -606,7 +607,7 @@ static int tpm_unseal(struct tpm_buf *tb,

         ordinal = htonl(TPM_ORD_UNSEAL);
         keyhndl = htonl(SRKHANDLE);
-       ret = tpm_get_random(NULL, nonceodd, TPM_NONCE_SIZE);
+       ret = tpm_get_random(chip, nonceodd, TPM_NONCE_SIZE);
         if (ret != TPM_NONCE_SIZE) {
                 pr_info("trusted_key: tpm_get_random failed (%d)\n", ret);
                 return ret;
@@ -751,7 +752,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
         int i;
         int tpm2;

-       tpm2 = tpm_is_tpm2(NULL);
+       tpm2 = tpm_is_tpm2(chip);
         if (tpm2 < 0)
                 return tpm2;

@@ -920,7 +921,7 @@ static struct trusted_key_options *trusted_options_alloc(void)
         struct trusted_key_options *options;
         int tpm2;

-       tpm2 = tpm_is_tpm2(NULL);
+       tpm2 = tpm_is_tpm2(chip);
         if (tpm2 < 0)
                 return NULL;

@@ -970,7 +971,7 @@ static int trusted_instantiate(struct key *key,
         size_t key_len;
         int tpm2;

-       tpm2 = tpm_is_tpm2(NULL);
+       tpm2 = tpm_is_tpm2(chip);
         if (tpm2 < 0)
                 return tpm2;

@@ -1011,7 +1012,7 @@ static int trusted_instantiate(struct key *key,
         switch (key_cmd) {
         case Opt_load:
                 if (tpm2)
-                       ret = tpm_unseal_trusted(NULL, payload, options);
+                       ret = tpm_unseal_trusted(chip, payload, options);
                 else
                         ret = key_unseal(payload, options);
                 dump_payload(payload);
@@ -1021,13 +1022,13 @@ static int trusted_instantiate(struct key *key,
                 break;
         case Opt_new:
                 key_len = payload->key_len;
-               ret = tpm_get_random(NULL, payload->key, key_len);
+               ret = tpm_get_random(chip, payload->key, key_len);
                 if (ret != key_len) {
                         pr_info("trusted_key: key_create failed (%d)\n", ret);
                         goto out;
                 }
                 if (tpm2)
-                       ret = tpm_seal_trusted(NULL, payload, options);
+                       ret = tpm_seal_trusted(chip, payload, options);
                 else
                         ret = key_seal(payload, options);
                 if (ret < 0)
@@ -1225,17 +1226,26 @@ static int __init init_trusted(void)
  {
         int ret;

+       chip = tpm_default_chip();
+       if (!chip)
+               return -ENOENT;

This change causes a regression loading the encrypted_keys module on
systems that don't have a tpm.

Module init functions should not have hardware dependencies.

The effect is that the libnvdimm module, which is an encrypted_keys
user, fails to load, but up until this change encrypted_keys did not
have a hard dependency on TPM presence.

Sorry for the latency. I was in flu for couple of days.

I missed that addition in the review process albeit this patch set
went numerous rounds. Apologies about ths. Also the return value is
wrong. Should be -ENODEV but it doesn't matter because this needs to
be removed anyway.

Roberto, can you submit a fix ASAP that:

Ok, I will do it now.

Roberto


1. Allows the module to initialize even if the chip is not found.
2. In the beginning of each function (before tpm_is_tpm2()) you
    should check if chip is NULL and return -ENODEV if it is.

Add also these tags before your signed-off-by:

Cc: stable@xxxxxxxxxxxxxxx
Fixes: 240730437deb ("KEYS: trusted: explicitly use tpm_chip structure from tpm_default_chip()")
Reported-by: Dan Williams <dan.j.williams@xxxxxxxxx>
Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@xxxxxxxxxxxxxxx>

/Jarkko


--
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Bo PENG, Jian LI, Yanli SHI



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux