tjh.dev
1From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
2From: Nick Cao <nickcao@nichi.co>
3Date: Sun, 15 Jan 2023 20:15:55 +0800
4Subject: [PATCH] tpm2_context_init: fix driver name checking
5
6https://github.com/systemd/systemd/commit/542dbc623e introduced
7additional checks for tpm2 driver names, namely ensuring the driver
8name, when concated with "libtss2-tcti-" and ".so.0", generates a valid
9filename (with no '/' inside).
10
11For example, if the driver is name "device", the line
12 fn = strjoina("libtss2-tcti-", driver, ".so.0")
13would yield "libtss2-tcti-device.so.0", passing the check. And the
14filename is then passed to dlopen for loading the driver.
15
16Our current approach for systemd to correctly locate these dynamically
17loaded libraries is to patch the filenames to include their absolute
18path. Thus the line mentioned above is patched into
19 fn = strjoina("/nix/store/xxxxxxx-tpm2-tss-3.2.0/lib/libtss2-tcti-", driver, ".so.0")
20yielding "/nix/store/xxxxxxx-tpm2-tss-3.2.0/lib/libtss2-tcti-device.so.0",
21tripping the check.
22
23This patch relaxes the check to also accept absolute paths, by replacing
24filename_is_valid with path_is_valid.
25---
26 src/shared/tpm2-util.c | 2 +-
27 1 file changed, 1 insertion(+), 1 deletion(-)
28
29diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
30index 36a0f906da..e0f42abca2 100644
31--- a/src/shared/tpm2-util.c
32+++ b/src/shared/tpm2-util.c
33@@ -721,7 +721,7 @@ int tpm2_context_new(const char *device, Tpm2Context **ret_context) {
34 fn = strjoina("libtss2-tcti-", driver, ".so.0");
35
36 /* Better safe than sorry, let's refuse strings that cannot possibly be valid driver early, before going to disk. */
37- if (!filename_is_valid(fn))
38+ if (!path_is_valid(fn))
39 return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "TPM2 driver name '%s' not valid, refusing.", driver);
40
41 context->tcti_dl = dlopen(fn, RTLD_NOW|RTLD_NODELETE);