ima_tpm_chip is queried and saved only at IMA init, but never later

linux-integrity.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* ima_tpm_chip is queried and saved only at IMA init, but never later
@ 2019-09-24 22:31 Lakshmi Ramasubramanian
  2019-09-24 22:37 ` James Bottomley
  0 siblings, 1 reply; 6+ messages in thread
From: Lakshmi Ramasubramanian @ 2019-09-24 22:31 UTC (permalink / raw)
  To: Mimi Zohar, linux-integrity

When IMA is initialized the default TPM is queried and saved.
If at this point a TPM wasn't available, but is detected and surfaced 
later by the system, IMA doesn't update the TPM information.

security/integrity/ima/ima_init.c
int __init ima_init(void)
{
	int rc;

	ima_tpm_chip = tpm_default_chip();
	if (!ima_tpm_chip)
		pr_info("No TPM chip found, activating TPM-bypass!\n");
	...
}

TPM PCR update function in IMA is essentially a NOP if TPM wasn't 
detected during IMA init.

security/integrity/ima/ima_queue.c
static int ima_pcr_extend(const u8 *hash, int pcr)
{
	int result = 0;

	if (!ima_tpm_chip)
		return result;
	...
}

In one configuration I am testing, I see the TPM appear post IMA Init. 
Likely this is rare, but I was wondering if there was a reason why TPM 
information is only queried during IMA init, but never updated at a 
later point.

Thanks,
  -lakshmi

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: ima_tpm_chip is queried and saved only at IMA init, but never later
  2019-09-24 22:31 ima_tpm_chip is queried and saved only at IMA init, but never later Lakshmi Ramasubramanian
@ 2019-09-24 22:37 ` James Bottomley
  2019-10-03 15:40   ` Lakshmi Ramasubramanian
  0 siblings, 1 reply; 6+ messages in thread
From: James Bottomley @ 2019-09-24 22:37 UTC (permalink / raw)
  To: Lakshmi Ramasubramanian, Mimi Zohar, linux-integrity

On Tue, 2019-09-24 at 15:31 -0700, Lakshmi Ramasubramanian wrote:
[...]
> In one configuration I am testing, I see the TPM appear post IMA
> Init. Likely this is rare, but I was wondering if there was a reason
> why TPM  information is only queried during IMA init, but never
> updated at a later point.

IMA involves a chain of custody attested through the TPM.  If the TPM
isn't present on IMA init then that custody chain is broken and the
measurements can't be relied upon.  For this reason to use the TPM, it
must be present when IMA is initialized ... so the drivers all need
building in to the kernel.

There has been some discussion that we could, for UEFI systems, use the
UEFI runtime drivers for the TPM until the actual driver is inserted
but no-one's looked into doing that.

James

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: ima_tpm_chip is queried and saved only at IMA init, but never later
  2019-09-24 22:37 ` James Bottomley
@ 2019-10-03 15:40   ` Lakshmi Ramasubramanian
  2019-10-03 15:49     ` Mimi Zohar
  2019-10-03 15:58     ` James Bottomley
  0 siblings, 2 replies; 6+ messages in thread
From: Lakshmi Ramasubramanian @ 2019-10-03 15:40 UTC (permalink / raw)
  To: James Bottomley, Mimi Zohar, linux-integrity

On 9/24/19 3:37 PM, James Bottomley wrote:
> On Tue, 2019-09-24 at 15:31 -0700, Lakshmi Ramasubramanian wrote:
> 
> There has been some discussion that we could, for UEFI systems, use the
> UEFI runtime drivers for the TPM until the actual driver is inserted
> but no-one's looked into doing that.
> 
> James

Can IMA take a dependency on TPM and postpone IMA initialization until a 
TPM device shows up?

Has anyone looked into this?

Thanks,
  -lakshmi



^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: ima_tpm_chip is queried and saved only at IMA init, but never later
  2019-10-03 15:40   ` Lakshmi Ramasubramanian
@ 2019-10-03 15:49     ` Mimi Zohar
  2019-10-04  0:39       ` Lakshmi Ramasubramanian
  2019-10-03 15:58     ` James Bottomley
  1 sibling, 1 reply; 6+ messages in thread
From: Mimi Zohar @ 2019-10-03 15:49 UTC (permalink / raw)
  To: Lakshmi Ramasubramanian, James Bottomley, linux-integrity

On Thu, 2019-10-03 at 08:40 -0700, Lakshmi Ramasubramanian wrote:
> On 9/24/19 3:37 PM, James Bottomley wrote:
> > On Tue, 2019-09-24 at 15:31 -0700, Lakshmi Ramasubramanian wrote:
> > 
> > There has been some discussion that we could, for UEFI systems, use the
> > UEFI runtime drivers for the TPM until the actual driver is inserted
> > but no-one's looked into doing that.
> > 
> > James
> 
> Can IMA take a dependency on TPM and postpone IMA initialization until a 
> TPM device shows up?

IMA is already on the late_initcall(), waiting for the TPM
initialization to complete.  How would you define a TPM dependency?

Mimi

> 
> Has anyone looked into this?
> 
> Thanks,
>   -lakshmi
> 
> 


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: ima_tpm_chip is queried and saved only at IMA init, but never later
  2019-10-03 15:49     ` Mimi Zohar
@ 2019-10-04  0:39       ` Lakshmi Ramasubramanian
  0 siblings, 0 replies; 6+ messages in thread
From: Lakshmi Ramasubramanian @ 2019-10-04  0:39 UTC (permalink / raw)
  To: Mimi Zohar, James Bottomley, linux-integrity

On 10/3/19 8:49 AM, Mimi Zohar wrote:
>> Can IMA take a dependency on TPM and postpone IMA initialization until a
>> TPM device shows up?
> 
> IMA is already on the late_initcall(), waiting for the TPM
> initialization to complete.  

> How would you define a TPM dependency?
I meant - can IMA return a status code from it's init routine such that 
it gets called back when a TPM device shows up. And, at that point 
continue the initialization.

Similar to how a driver for Device A would indicate it's dependency on 
the availability of a Device B. I am not sure if such a thing is 
possible with IMA.

Thanks,
  -lakshmi


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: ima_tpm_chip is queried and saved only at IMA init, but never later
  2019-10-03 15:40   ` Lakshmi Ramasubramanian
  2019-10-03 15:49     ` Mimi Zohar
@ 2019-10-03 15:58     ` James Bottomley
  1 sibling, 0 replies; 6+ messages in thread
From: James Bottomley @ 2019-10-03 15:58 UTC (permalink / raw)
  To: Lakshmi Ramasubramanian, Mimi Zohar, linux-integrity

On Thu, 2019-10-03 at 08:40 -0700, Lakshmi Ramasubramanian wrote:
> On 9/24/19 3:37 PM, James Bottomley wrote:
> > On Tue, 2019-09-24 at 15:31 -0700, Lakshmi Ramasubramanian wrote:
> > 
> > There has been some discussion that we could, for UEFI systems, use
> > the
> > UEFI runtime drivers for the TPM until the actual driver is
> > inserted
> > but no-one's looked into doing that.
> > 
> > James
> 
> Can IMA take a dependency on TPM and postpone IMA initialization
> until a TPM device shows up?

I don't believe we can postpone IMA initialization because it has to
start before any user space execution so it logs everything correctly
and the measurement chain is unbroken.

There are potentially two ways of fixing the IMA before TPM is ready
problem: one is to use the TPM BIOS device ... or really the UEFI
device since getting non-UEFI to measure external things is very non-
standard. And the other is to cache all the measurements and then
replay them through the TPM when it shows up.

> Has anyone looked into this?

I don't believe anyone has, no.

James

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2019-10-04  0:39 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-09-24 22:31 ima_tpm_chip is queried and saved only at IMA init, but never later Lakshmi Ramasubramanian
2019-09-24 22:37 ` James Bottomley
2019-10-03 15:40   ` Lakshmi Ramasubramanian
2019-10-03 15:49     ` Mimi Zohar
2019-10-04  0:39       ` Lakshmi Ramasubramanian
2019-10-03 15:58     ` James Bottomley

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).