[PATCH] tpm: fix RC value check in tpm2_seal_trusted

[PATCH] tpm: fix RC value check in tpm2_seal_trusted

[Jarkko Sakkinen]

Fixes: 5ca4c20cfd37 ("keys, trusted: select hash algorithm for TPM2 chips")
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---
 drivers/char/tpm/tpm.h      | 5 +++++
 drivers/char/tpm/tpm2-cmd.c | 2 +-
 2 files changed, 6 insertions(+), 1 deletion(-)

diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 4e5fb22..abc621e 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -523,6 +523,11 @@ static inline void tpm_add_ppi(struct tpm_chip *chip)
 }
 #endif
 
+static inline inline u32 tpm2_rc_value(u32 rc)
+{
+	return (rc & BIT(7)) ? rc & 0xff : rc;
+}
+
 int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
 int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, u32 count,
 		    struct tpm2_digest *digests);
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 6c8174a..40b09ca 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -551,7 +551,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
 	tpm_buf_destroy(&buf);
 
 	if (rc > 0) {
-		if ((rc & TPM2_RC_HASH) == TPM2_RC_HASH)
+		if (tpm2_rc_value(rc) == TPM2_RC_HASH)
 			rc = -EINVAL;
 		else
 			rc = -EPERM;
-- 
2.9.3

Re: [PATCH] tpm: fix RC value check in tpm2_seal_trusted

[Jason Gunthorpe]

On Wed, Jan 25, 2017 at 11:03:48PM +0200, Jarkko Sakkinen wrote:
> Fixes: 5ca4c20cfd37 ("keys, trusted: select hash algorithm for TPM2 chips")
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

I think you need a commit message for this.. Is this following the
spec?

Jason

Re: [PATCH] tpm: fix RC value check in tpm2_seal_trusted

[Jarkko Sakkinen]

On Wed, Jan 25, 2017 at 03:12:45PM -0700, Jason Gunthorpe wrote:
> On Wed, Jan 25, 2017 at 11:03:48PM +0200, Jarkko Sakkinen wrote:
> > Fixes: 5ca4c20cfd37 ("keys, trusted: select hash algorithm for TPM2 chips")
> > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> 
> I think you need a commit message for this.. Is this following the
> spec?

Yes.

Format one commands the upper bits contain either handle, session or
parameter index. Bit 7 tells whether it the error code is format zero or
one. Format zero errors do not require masking. They do not have any
data in addition to value.

The reason why this bug was repeated in TPM space code was that I
originally melded that code form my trusted keys code (copy pasted and
edited message construction).

"The error code handling is bogus as any error code that has the bits
set that TPM_RC_HASH could pass. Implemented tpm2_rc_value() helper to
parse the error value from FMT0 and FMT1 error codes to use to check the
error so that these types of mistakes is prevented in the future."

Is that suitable or do you want me to add something?

Jarkko

Re: [PATCH] tpm: fix RC value check in tpm2_seal_trusted

[Jason Gunthorpe]

On Thu, Jan 26, 2017 at 01:27:14PM +0200, Jarkko Sakkinen wrote:

> "The error code handling is bogus as any error code that has the bits
> set that TPM_RC_HASH could pass. Implemented tpm2_rc_value() helper to
> parse the error value from FMT0 and FMT1 error codes to use to check the
> error so that these types of mistakes is prevented in the future."

Great thanks

Jason

Re: [PATCH] tpm: fix RC value check in tpm2_seal_trusted

[Jarkko Sakkinen]

On Thu, Jan 26, 2017 at 11:32:52AM -0700, Jason Gunthorpe wrote:
> On Thu, Jan 26, 2017 at 01:27:14PM +0200, Jarkko Sakkinen wrote:
> 
> > "The error code handling is bogus as any error code that has the bits
> > set that TPM_RC_HASH could pass. Implemented tpm2_rc_value() helper to
> > parse the error value from FMT0 and FMT1 error codes to use to check the
> > error so that these types of mistakes is prevented in the future."
> 
> Great thanks
> 
> Jason

Can I put your Reviewed-by? I would like to get this into 4.11.

/Jarkko

Re: [PATCH] tpm: fix RC value check in tpm2_seal_trusted

[Jason Gunthorpe]

On Fri, Jan 27, 2017 at 08:43:27AM +0200, Jarkko Sakkinen wrote:
> On Thu, Jan 26, 2017 at 11:32:52AM -0700, Jason Gunthorpe wrote:
> > On Thu, Jan 26, 2017 at 01:27:14PM +0200, Jarkko Sakkinen wrote:
> > 
> > > "The error code handling is bogus as any error code that has the bits
> > > set that TPM_RC_HASH could pass. Implemented tpm2_rc_value() helper to
> > > parse the error value from FMT0 and FMT1 error codes to use to check the
> > > error so that these types of mistakes is prevented in the future."
> > 
> > Great thanks
> > 
> > Jason
> 
> Can I put your Reviewed-by? I would like to get this into 4.11.

I'm not up to speed on the TPM2 parsing, but it looks OK based on your
description.

Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>

Jason

Re: [PATCH] tpm: fix RC value check in tpm2_seal_trusted

[Jarkko Sakkinen]

On Fri, Jan 27, 2017 at 09:24:16AM -0700, Jason Gunthorpe wrote:
> On Fri, Jan 27, 2017 at 08:43:27AM +0200, Jarkko Sakkinen wrote:
> > On Thu, Jan 26, 2017 at 11:32:52AM -0700, Jason Gunthorpe wrote:
> > > On Thu, Jan 26, 2017 at 01:27:14PM +0200, Jarkko Sakkinen wrote:
> > > 
> > > > "The error code handling is bogus as any error code that has the bits
> > > > set that TPM_RC_HASH could pass. Implemented tpm2_rc_value() helper to
> > > > parse the error value from FMT0 and FMT1 error codes to use to check the
> > > > error so that these types of mistakes is prevented in the future."
> > > 
> > > Great thanks
> > > 
> > > Jason
> > 
> > Can I put your Reviewed-by? I would like to get this into 4.11.
> 
> I'm not up to speed on the TPM2 parsing, but it looks OK based on your
> description.
> 
> Reviewed-by: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
> 
> Jason

Thanks I applied this patch to master.

/Jarkko