On Mon, 2020-01-27 at 13:49 -0700, Jerry Snitselaar wrote:
> On Mon Jan 27 20, Mimi Zohar wrote:
> >The boot aggregate is a cumulative SHA1 hash over TPM registers 0 - 7.
> >NIST has depreciated the usage of SHA1 in most instances. Instead of
> >continuing to use SHA1 to calculate the boot_aggregate, use the
> >configured IMA default hash algorithm.
> >
> >Although the IMA measurement list boot_aggregate template data contains
> >the hash algorithm followed by the digest, allowing verifiers (e.g.
> >attesttaion servers) to calculate and verify the boot_aggregate, the
> >verifiers might not have the knowledge of what constitutes a good value
> >based on a different hash algorithm.
> >
> >Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
> >---
> > security/integrity/ima/ima_init.c | 8 ++++----
> > 1 file changed, 4 insertions(+), 4 deletions(-)
> >
> >diff --git a/security/integrity/ima/ima_init.c b/security/integrity/ima/ima_init.c
> >index 195cb4079b2b..b1b334fe0db5 100644
> >--- a/security/integrity/ima/ima_init.c
> >+++ b/security/integrity/ima/ima_init.c
> >@@ -27,7 +27,7 @@ struct tpm_chip *ima_tpm_chip;
> > /* Add the boot aggregate to the IMA measurement list and extend
> > * the PCR register.
> > *
> >- * Calculate the boot aggregate, a SHA1 over tpm registers 0-7,
> >+ * Calculate the boot aggregate, a hash over tpm registers 0-7,
> > * assuming a TPM chip exists, and zeroes if the TPM chip does not
> > * exist. Add the boot aggregate measurement to the measurement
> > * list and extend the PCR register.
> >@@ -51,14 +51,14 @@ static int __init ima_add_boot_aggregate(void)
> > int violation = 0;
> > struct {
> > struct ima_digest_data hdr;
> >- char digest[TPM_DIGEST_SIZE];
> >+ char digest[TPM_MAX_DIGEST_SIZE];
> > } hash;
> >
> > memset(iint, 0, sizeof(*iint));
> > memset(&hash, 0, sizeof(hash));
> > iint->ima_hash = &hash.hdr;
> >- iint->ima_hash->algo = HASH_ALGO_SHA1;
> >- iint->ima_hash->length = SHA1_DIGEST_SIZE;
> >+ iint->ima_hash->algo = ima_hash_algo;
> >+ iint->ima_hash->length = hash_digest_size[ima_hash_algo];
> >
> > if (ima_tpm_chip) {
> > result = ima_calc_boot_aggregate(&hash.hdr);
> >--
> >2.7.5
> >
>
> Tested the patches on the Dell and no longer spits out the error messages on boot.
> /sys/kernel/security/ima/ascii_runtime_measurements shows the boot aggregate.
>
> Is there something else I should look at to verify it is functioning properly?
The original LTP ima_boot_aggregate.c test needed to be updated to
support TPM 2.0 before this change. For TPM 2.0, the PCRs are not
exported. With this change, the kernel could be reading PCRs from a
TPM bank other than SHA1 and calculating the boot_aggregate based on a
different hash algorithm as well. I'm not sure how a remote verifier
would know which TPM bank was read, when calculating the boot-
aggregate.
At the moment, the only test would be to make sure that the LTP test
still works for TPM 1.2 properly.
Mimi
