On Sun, 2024-08-04 at 09:42 -0400, James Bottomley wrote:
> The design of the intel-tss shim is to hide the difference between
> the
> internal and the external handles by doing the internal to external
> transform on entry. Unfortunately, the NULL handle (TPM_RH_NULL,
> 40000007) has two possible internal representations depending on
> whether it's used to indicate no session or the null hierarcy.
>
> There is a bug in the intel-tss in that it uses the wrong internal
> NULL handle to try to create the NULL seed primary (and thus fails).
> Now that we're going to be using the NULL primary to salt sessions,
> the Intel TSS shim needs fixing to cope with thi correctly.
>
> The fix is to do the correct transform to the internal hierarchy
> representation on NULL hierarchy creation and to do the session
> handle
> conversion everywhere else. Additionally remove the intel_handle()
> code which was supposed to do this: it's unused because 0 is never
> passed in as a handle number.
Going over all the internal to external handle conversions, I found one
more use case that would produce a bug. This one isn't actually used in
the openssl_tpm2_engine code, so it's an unmanifested bug but
nevertheless it should be fixed to avoid problems later on. I'll fold
the below fix into this patch.
Regards,
James
---
diff --git a/src/include/intel-tss.h b/src/include/intel-tss.h
index 3b8c18d..a2050ba 100644
--- a/src/include/intel-tss.h
+++ b/src/include/intel-tss.h
@@ -1271,6 +1271,19 @@ tpm2_handle_ext(TSS_CONTEXT *tssContext,
TPM_HANDLE esysh)
{
TPM2_HANDLE realh = 0;
+ switch (esysh) {
+ case ESYS_TR_RH_OWNER:
+ return EXT_TPM_RH_OWNER;
+ case ESYS_TR_RH_PLATFORM:
+ return EXT_TPM_RH_PLATFORM;
+ case ESYS_TR_RH_ENDORSEMENT:
+ return EXT_TPM_RH_ENDORSEMENT;
+ case ESYS_TR_RH_NULL:
+ return EXT_TPM_RH_NULL;
+ case ESYS_TR_NONE:
+ return EXT_TPM_RH_NULL;
+ }
+
Esys_TR_GetTpmHandle(tssContext, esysh, &realh);
return realh;
