Re: [PATCH v4 2/2] selftests: tpm2: Reset the dictionary attack lock

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 12/1/21 05:16, Jarkko Sakkinen wrote:

On Mon, Nov 29, 2021 at 07:26:12PM -0500, Stefan Berger wrote:
On 11/29/21 18:43, Jarkko Sakkinen wrote:
On Sat, Nov 27, 2021 at 11:10:52PM -0500, Stefan Berger wrote:
From: Stefan Berger <stefanb@xxxxxxxxxxxxx>

Reset the dictionary attack lock to avoid the following types of test
failures after running the test 2 times:

======================================================================
ERROR: test_unseal_with_wrong_policy (tpm2_tests.SmokeTest)
----------------------------------------------------------------------
Traceback (most recent call last):
    File "/root/linux-ima-namespaces/tools/testing/selftests/tpm2/tpm2_tests.py", line 105, in test_unseal_with_wrong_policy
      blob = self.client.seal(self.root_key, data, auth, policy_dig)
    File "/root/linux-ima-namespaces/tools/testing/selftests/tpm2/tpm2.py", line 620, in seal
      rsp = self.send_cmd(cmd)
    File "/root/linux-ima-namespaces/tools/testing/selftests/tpm2/tpm2.py", line 397, in send_cmd
      raise ProtocolError(cc, rc)
tpm2.ProtocolError: TPM_RC_LOCKOUT: cc=0x00000153, rc=0x00000921

Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
---
   tools/testing/selftests/tpm2/tpm2_tests.py | 2 ++
   1 file changed, 2 insertions(+)

diff --git a/tools/testing/selftests/tpm2/tpm2_tests.py b/tools/testing/selftests/tpm2/tpm2_tests.py
index e63a37819978..ad6f54c01adf 100644
--- a/tools/testing/selftests/tpm2/tpm2_tests.py
+++ b/tools/testing/selftests/tpm2/tpm2_tests.py
@@ -139,6 +139,8 @@ class SmokeTest(unittest.TestCase):
           except:
               self.client.flush_context(handle)
               raise
+        finally:
+            self.client.reset_da_lock()
           self.assertEqual(rc, tpm2.TPM2_RC_POLICY_FAIL)
--
2.31.1

I don't agree with this as a DA lock has legit use. This would be adequate
for systems dedicated for kernel testing only.
The problem is this particular test case I am patching here causes the above
test failures upon rerun. We are testing the driver here presumably and not
the TPM2, so I think we should leave the TPM2 as cleaned up as possible,
thus my suggestion is to reset the DA lock and we won't hear any complaints
after that.

The tss packages also have command line tools to reset the DA lock, but it
shouldn't be necessary to use them after running a **driver** test case.
If you speak about TSS, please alway say which one :-)

packages : both

tpm2_dictionarylockout -c [ -p password ]

tssdictionaryattacklockreset [-pwd password]



Adding non-volatile state changes explicitly is to a test case is both
intrusive and wrong. These type of choices are not to be done in the
test case implementation for sure.

I drop this patch because if someone changed the password the lock reset will not work as expected.

One can also argue with having a test case that triggers a failure condition in the TPM2 is both intrusive and wrong. That said, the offending test cases should probably not even exist, especially since they test a user's knowledge about the device afterwards...



An improvement that does not add extra side-effect, would be to read the
TPM_PT_LOCKOUT_COUNTER and roll back with a proper error message for the
lockout condition.

You can also configure the maximum number of tries up to (2 << 31) - 1
= 4294967295 with TPM2_DictionaryAttackParameters...

... which I think the user of a device driver test should not have to do.


  Stefan


/Jarkko



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux