tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

tpm: add hmac checks to tpm2_pcr_extend()

tpm2_pcr_extend() is used by trusted keys to extend a PCR to prevent a
key from being re-loaded until the next reboot. To use this
functionality securely, that extend must be protected by a session
hmac. This patch adds HMAC protection so tampering with the
tpm2_pcr_extend() command in flight is detected.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>

authored by

James Bottomley and committed by
Jarkko Sakkinen 6519fea6 1085b827

+10 -17
+10 -17
drivers/char/tpm/tpm2-cmd.c
··· 216 216 return rc; 217 217 } 218 218 219 - struct tpm2_null_auth_area { 220 - __be32 handle; 221 - __be16 nonce_size; 222 - u8 attributes; 223 - __be16 auth_size; 224 - } __packed; 225 - 226 219 /** 227 220 * tpm2_pcr_extend() - extend a PCR value 228 221 * ··· 229 236 struct tpm_digest *digests) 230 237 { 231 238 struct tpm_buf buf; 232 - struct tpm2_null_auth_area auth_area; 233 239 int rc; 234 240 int i; 235 241 236 - rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND); 242 + rc = tpm2_start_auth_session(chip); 237 243 if (rc) 238 244 return rc; 239 245 240 - tpm_buf_append_u32(&buf, pcr_idx); 246 + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_PCR_EXTEND); 247 + if (rc) { 248 + tpm2_end_auth_session(chip); 249 + return rc; 250 + } 241 251 242 - auth_area.handle = cpu_to_be32(TPM2_RS_PW); 243 - auth_area.nonce_size = 0; 244 - auth_area.attributes = 0; 245 - auth_area.auth_size = 0; 252 + tpm_buf_append_name(chip, &buf, pcr_idx, NULL); 253 + tpm_buf_append_hmac_session(chip, &buf, 0, NULL, 0); 246 254 247 - tpm_buf_append_u32(&buf, sizeof(struct tpm2_null_auth_area)); 248 - tpm_buf_append(&buf, (const unsigned char *)&auth_area, 249 - sizeof(auth_area)); 250 255 tpm_buf_append_u32(&buf, chip->nr_allocated_banks); 251 256 252 257 for (i = 0; i < chip->nr_allocated_banks; i++) { ··· 253 262 chip->allocated_banks[i].digest_size); 254 263 } 255 264 265 + tpm_buf_fill_hmac_session(chip, &buf); 256 266 rc = tpm_transmit_cmd(chip, &buf, 0, "attempting extend a PCR value"); 267 + rc = tpm_buf_check_hmac_response(chip, &buf, rc); 257 268 258 269 tpm_buf_destroy(&buf); 259 270