* [PATCH] tpm: fix checks for policy digest existence in tpm2_seal_trusted() (resend for stable)
@ 2016-03-29 16:48 ` Jarkko Sakkinen
0 siblings, 0 replies; 2+ messages in thread
From: Jarkko Sakkinen @ 2016-03-29 16:48 UTC (permalink / raw)
To: Peter Huewe
Cc: Jarkko Sakkinen, stable, Marcel Selhorst, Jason Gunthorpe,
David Safford, Mimi Zohar, David Howells, James Morris,
Serge E. Hallyn, moderated list:TPM DEVICE DRIVER, open list,
open list:KEYS-TRUSTED, open list:KEYS-TRUSTED
In my original patch sealing with policy was done with dynamically
allocated buffer that I changed later into an array so the checks in
tpm2-cmd.c became invalid. This patch fixes the issue.
Fixes: 5beb0c435bdd ("keys, trusted: seal with a TPM2 authorization policy")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
CC: stable@vger.kernel.org
---
drivers/char/tpm/tpm2-cmd.c | 12 ++++--------
include/keys/trusted-type.h | 2 +-
security/keys/trusted.c | 11 +++++------
3 files changed, 10 insertions(+), 15 deletions(-)
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 45a6340..66e04b4 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -478,20 +478,16 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
tpm_buf_append_u8(&buf, payload->migratable);
/* public */
- if (options->policydigest)
- tpm_buf_append_u16(&buf, 14 + options->digest_len);
- else
- tpm_buf_append_u16(&buf, 14);
-
+ tpm_buf_append_u16(&buf, 14 + options->policydigest_len);
tpm_buf_append_u16(&buf, TPM2_ALG_KEYEDHASH);
tpm_buf_append_u16(&buf, hash);
/* policy */
- if (options->policydigest) {
+ if (options->policydigest_len) {
tpm_buf_append_u32(&buf, 0);
- tpm_buf_append_u16(&buf, options->digest_len);
+ tpm_buf_append_u16(&buf, options->policydigest_len);
tpm_buf_append(&buf, options->policydigest,
- options->digest_len);
+ options->policydigest_len);
} else {
tpm_buf_append_u32(&buf, TPM2_ATTR_USER_WITH_AUTH);
tpm_buf_append_u16(&buf, 0);
diff --git a/include/keys/trusted-type.h b/include/keys/trusted-type.h
index 42cf2d9..4ea7e55 100644
--- a/include/keys/trusted-type.h
+++ b/include/keys/trusted-type.h
@@ -38,7 +38,7 @@ struct trusted_key_options {
unsigned char pcrinfo[MAX_PCRINFO_SIZE];
int pcrlock;
uint32_t hash;
- uint32_t digest_len;
+ uint32_t policydigest_len;
unsigned char policydigest[MAX_DIGEST_SIZE];
uint32_t policyhandle;
};
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index 0dcab20..90d6175 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -744,6 +744,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
unsigned long handle;
unsigned long lock;
unsigned long token_mask = 0;
+ unsigned int digest_len;
int i;
int tpm2;
@@ -752,7 +753,6 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
return tpm2;
opt->hash = tpm2 ? HASH_ALGO_SHA256 : HASH_ALGO_SHA1;
- opt->digest_len = hash_digest_size[opt->hash];
while ((p = strsep(&c, " \t"))) {
if (*p == '\0' || *p == ' ' || *p == '\t')
@@ -812,8 +812,6 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
for (i = 0; i < HASH_ALGO__LAST; i++) {
if (!strcmp(args[0].from, hash_algo_name[i])) {
opt->hash = i;
- opt->digest_len =
- hash_digest_size[opt->hash];
break;
}
}
@@ -825,13 +823,14 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
}
break;
case Opt_policydigest:
- if (!tpm2 ||
- strlen(args[0].from) != (2 * opt->digest_len))
+ digest_len = hash_digest_size[opt->hash];
+ if (!tpm2 || strlen(args[0].from) != (2 * digest_len))
return -EINVAL;
res = hex2bin(opt->policydigest, args[0].from,
- opt->digest_len);
+ digest_len);
if (res < 0)
return -EINVAL;
+ opt->policydigest_len = digest_len;
break;
case Opt_policyhandle:
if (!tpm2)
--
2.7.3
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [PATCH] tpm: fix checks for policy digest existence in tpm2_seal_trusted() (resend for stable)
@ 2016-03-29 16:48 ` Jarkko Sakkinen
0 siblings, 0 replies; 2+ messages in thread
From: Jarkko Sakkinen @ 2016-03-29 16:48 UTC (permalink / raw)
To: Peter Huewe
Cc: Jarkko Sakkinen, stable, Marcel Selhorst, Jason Gunthorpe,
David Safford, Mimi Zohar, David Howells, James Morris,
Serge E. Hallyn, moderated list:TPM DEVICE DRIVER, open list,
open list:KEYS-TRUSTED, open list:KEYS-TRUSTED
In my original patch sealing with policy was done with dynamically
allocated buffer that I changed later into an array so the checks in
tpm2-cmd.c became invalid. This patch fixes the issue.
Fixes: 5beb0c435bdd ("keys, trusted: seal with a TPM2 authorization policy")
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Acked-by: Peter Huewe <peterhuewe@gmx.de>
CC: stable@vger.kernel.org
---
drivers/char/tpm/tpm2-cmd.c | 12 ++++--------
include/keys/trusted-type.h | 2 +-
security/keys/trusted.c | 11 +++++------
3 files changed, 10 insertions(+), 15 deletions(-)
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 45a6340..66e04b4 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -478,20 +478,16 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
tpm_buf_append_u8(&buf, payload->migratable);
/* public */
- if (options->policydigest)
- tpm_buf_append_u16(&buf, 14 + options->digest_len);
- else
- tpm_buf_append_u16(&buf, 14);
-
+ tpm_buf_append_u16(&buf, 14 + options->policydigest_len);
tpm_buf_append_u16(&buf, TPM2_ALG_KEYEDHASH);
tpm_buf_append_u16(&buf, hash);
/* policy */
- if (options->policydigest) {
+ if (options->policydigest_len) {
tpm_buf_append_u32(&buf, 0);
- tpm_buf_append_u16(&buf, options->digest_len);
+ tpm_buf_append_u16(&buf, options->policydigest_len);
tpm_buf_append(&buf, options->policydigest,
- options->digest_len);
+ options->policydigest_len);
} else {
tpm_buf_append_u32(&buf, TPM2_ATTR_USER_WITH_AUTH);
tpm_buf_append_u16(&buf, 0);
diff --git a/include/keys/trusted-type.h b/include/keys/trusted-type.h
index 42cf2d9..4ea7e55 100644
--- a/include/keys/trusted-type.h
+++ b/include/keys/trusted-type.h
@@ -38,7 +38,7 @@ struct trusted_key_options {
unsigned char pcrinfo[MAX_PCRINFO_SIZE];
int pcrlock;
uint32_t hash;
- uint32_t digest_len;
+ uint32_t policydigest_len;
unsigned char policydigest[MAX_DIGEST_SIZE];
uint32_t policyhandle;
};
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index 0dcab20..90d6175 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -744,6 +744,7 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
unsigned long handle;
unsigned long lock;
unsigned long token_mask = 0;
+ unsigned int digest_len;
int i;
int tpm2;
@@ -752,7 +753,6 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
return tpm2;
opt->hash = tpm2 ? HASH_ALGO_SHA256 : HASH_ALGO_SHA1;
- opt->digest_len = hash_digest_size[opt->hash];
while ((p = strsep(&c, " \t"))) {
if (*p == '\0' || *p == ' ' || *p == '\t')
@@ -812,8 +812,6 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
for (i = 0; i < HASH_ALGO__LAST; i++) {
if (!strcmp(args[0].from, hash_algo_name[i])) {
opt->hash = i;
- opt->digest_len =
- hash_digest_size[opt->hash];
break;
}
}
@@ -825,13 +823,14 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
}
break;
case Opt_policydigest:
- if (!tpm2 ||
- strlen(args[0].from) != (2 * opt->digest_len))
+ digest_len = hash_digest_size[opt->hash];
+ if (!tpm2 || strlen(args[0].from) != (2 * digest_len))
return -EINVAL;
res = hex2bin(opt->policydigest, args[0].from,
- opt->digest_len);
+ digest_len);
if (res < 0)
return -EINVAL;
+ opt->policydigest_len = digest_len;
break;
case Opt_policyhandle:
if (!tpm2)
--
2.7.3
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2016-03-29 16:50 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-03-29 16:48 [PATCH] tpm: fix checks for policy digest existence in tpm2_seal_trusted() (resend for stable) Jarkko Sakkinen
2016-03-29 16:48 ` Jarkko Sakkinen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.