From: James Prestwood <prestwoj@gmail.com>
To: keyrings@vger.kernel.org
Cc: James.Bottomley@HansenPartnership.com
Subject: [PATCH 08/17] tpm2: add session encryption protection to tpm2_get_random()
Date: Mon, 18 May 2020 17:26:55 +0000 [thread overview]
Message-ID: <20200518172704.29608-9-prestwoj@gmail.com> (raw)
In-Reply-To: <20200518172704.29608-1-prestwoj@gmail.com>
From: James Bottomley <James.Bottomley@HansenPartnership.com>
If some entity is snooping the TPM bus, they can see the random
numbers we're extracting from the TPM and do prediction attacks
against their consumers. Foil this attack by using response
encryption to prevent the attacker from seeing the random sequence.
Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
---
drivers/char/tpm/tpm2-cmd.c | 21 +++++++++++++++++----
1 file changed, 17 insertions(+), 4 deletions(-)
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index b29824ae237c..92e381bfd7c8 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -291,29 +291,40 @@ int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
int total = 0;
int retries = 5;
u8 *dest_ptr = dest;
+ struct tpm2_auth *auth;
if (!num_bytes || max > TPM_MAX_RNG_DATA)
return -EINVAL;
- err = tpm_buf_init(&buf, 0, 0);
+ err = tpm2_start_auth_session(chip, &auth);
if (err)
return err;
+ err = tpm_buf_init(&buf, 0, 0);
+ if (err) {
+ tpm2_end_auth_session(auth);
+ return err;
+ }
+
do {
- tpm_buf_reset(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_GET_RANDOM);
+ tpm_buf_reset(&buf, TPM2_ST_SESSIONS, TPM2_CC_GET_RANDOM);
+ tpm_buf_append_hmac_session_opt(&buf, auth, TPM2_SA_ENCRYPT
+ | TPM2_SA_CONTINUE_SESSION,
+ NULL, 0);
tpm_buf_append_u16(&buf, num_bytes);
+ tpm_buf_fill_hmac_session(&buf, auth);
err = tpm_transmit_cmd(chip, &buf,
offsetof(struct tpm2_get_random_out,
buffer),
"attempting get random");
+ err = tpm_buf_check_hmac_response(&buf, auth, err);
if (err) {
if (err > 0)
err = -EIO;
goto out;
}
- out = (struct tpm2_get_random_out *)
- &buf.data[TPM_HEADER_SIZE];
+ out = (struct tpm2_get_random_out *)tpm_buf_parameters(&buf);
recd = min_t(u32, be16_to_cpu(out->size), num_bytes);
if (tpm_buf_length(&buf) <
TPM_HEADER_SIZE +
@@ -330,6 +341,8 @@ int tpm2_get_random(struct tpm_chip *chip, u8 *dest, size_t max)
} while (retries-- && total < max);
tpm_buf_destroy(&buf);
+ tpm2_end_auth_session(auth);
+
return total ? total : -EIO;
out:
tpm_buf_destroy(&buf);
--
2.21.1
next prev parent reply other threads:[~2020-05-18 17:26 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-18 17:26 [PATCH 00/17] Asymmetric key operations on TPM2 James Prestwood
2020-05-18 17:26 ` [PATCH 01/17] tpm-buf: move from static inlines to real functions James Prestwood
2020-05-18 17:26 ` [PATCH 02/17] tpm-buf: add handling for TPM2B types James Prestwood
2020-05-18 17:26 ` [PATCH 03/17] tpm-buf: add cursor based functions for response parsing James Prestwood
2020-05-18 17:26 ` [PATCH 04/17] tpm2-space: export the context save and load commands James Prestwood
2020-05-18 17:26 ` [PATCH 05/17] tpm2-sessions: Add full HMAC and encrypt/decrypt session handling James Prestwood
2020-05-18 17:26 ` [PATCH 06/17] tpm-buf: add tpm_buf_parameters() James Prestwood
2020-05-18 17:26 ` [PATCH 07/17] tpm2: add hmac checks to tpm2_pcr_extend() James Prestwood
2020-05-18 17:26 ` James Prestwood [this message]
2020-05-18 17:26 ` [PATCH 09/17] trusted keys: Add session encryption protection to the seal/unseal path James Prestwood
2020-05-18 17:26 ` [PATCH 10/17] tpm: add the null key name as a tpm2 sysfs variable James Prestwood
2020-05-18 17:26 ` [PATCH 11/17] Documentation: add tpm-security.rst James Prestwood
2020-05-18 17:26 ` [PATCH 12/17] oid_registry: Add TCG defined OIDS for TPM keys James Prestwood
2020-05-18 17:27 ` [PATCH 13/17] tpm: tpm2-cmd: add driver API for RSA decryption James Prestwood
2020-05-18 17:27 ` [PATCH 14/17] include: linux: tpm: expose tpm2_rsa_decrypt James Prestwood
2020-05-18 17:27 ` [PATCH 15/17] include: crypto: add asym_tpm2_subtype definition James Prestwood
2020-05-18 17:27 ` [PATCH 16/17] asymmetric_keys: add TPM2 ASN1 definition James Prestwood
2020-05-18 17:27 ` [PATCH 17/17] asymmetric_keys: add tpm2 key parser/type James Prestwood
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200518172704.29608-9-prestwoj@gmail.com \
--to=prestwoj@gmail.com \
--cc=James.Bottomley@HansenPartnership.com \
--cc=keyrings@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.