From patchwork Thu Nov 3 18:01:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Evan Green X-Patchwork-Id: 15080 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp685968wru; Thu, 3 Nov 2022 11:06:13 -0700 (PDT) X-Google-Smtp-Source: AMsMyM6WGSzSFY0hWTVuhlXe5pQB/nD8TJsSlQgL12naBhMt3JHei+ZVMUWIBn4oKQ0I5Idktv5V X-Received: by 2002:a17:907:75f4:b0:7ad:b868:ccf2 with SMTP id jz20-20020a17090775f400b007adb868ccf2mr27351410ejc.733.1667498773148; Thu, 03 Nov 2022 11:06:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667498773; cv=none; d=google.com; s=arc-20160816; b=lFgp+9gPaJ/ibDPCgVS/ZZ0P5Bdi5MveGx5LeaXr2XUK4S3zGuTRC8ZKR6N5ba7mJN 4l1YIOqrhjVjSFp7PqsSaTyn8CUwwlA0CBkgCdzFkeT69DfY7Q8tzlGY3oD4F6gB6H7E ic9AI1ii+GqdnsaoQd0kJeezKbKFW6QcCyylBc6IWUJTaprvQ9+O+ppTBQBdno8HghPG 3EaYLVAqW6SNs5tnUzXYFv74l26tqGPz3UvWld0GRPnSne/9SOrpvAJqNcAAOu2rITrN +Uwi5V0Ol4gEra8n0dD/k1FSkhKdC/LJLvKkMUsiVP4QWI2Gn5PUidLYQYmYshcC0hLN Ls5w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=gmRSuvtVdtePdWlhI+qYfa3jkKLy3lL4+DZtMxIoK0I=; b=edgVDb9z1MqzTAhkkQ//Psg9jpfukYPt1CwIS+x1qcRsXsKAG2YniUMwxrbJLtNBzD F27x2EAKtCYxfMFJnD/30TIbZsPlH8C/EAARD7d6cJMLWcpDCtDJ6qN3HnVDsVfsQ6vI q/IOYFOpvqeIaQy6Rsp6zZqonGNOjsOeWFBFy5N53L3ypOSvtQCGns51fL6kmtOStX10 Ph62G21s8oEENQwWUVo3pO2ZKfQsS9fN+HDMykyNq1KLAFOZhjTQd3qMIYaY9Zd2QMcu vkS29lTJ7iciKMAFQR92YOsz/CIAn/mIJZNFwZ680IYcFBi7576pTqtgZIqcNjeauLBW KywQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=oCaws+ky; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y9-20020a056402270900b0046013b7e7efsi2174081edd.631.2022.11.03.11.05.49; Thu, 03 Nov 2022 11:06:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=oCaws+ky; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231649AbiKCSF0 (ORCPT + 99 others); Thu, 3 Nov 2022 14:05:26 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37736 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229595AbiKCSEI (ORCPT ); Thu, 3 Nov 2022 14:04:08 -0400 Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3A4DC23BD6 for ; Thu, 3 Nov 2022 11:01:49 -0700 (PDT) Received: by mail-pj1-x1033.google.com with SMTP id gw22so2395360pjb.3 for ; Thu, 03 Nov 2022 11:01:49 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=gmRSuvtVdtePdWlhI+qYfa3jkKLy3lL4+DZtMxIoK0I=; b=oCaws+kyFllbssoMBrcVaWuoHdvEerAiSWJdhgX2/4syWfjhj1QKDY3vH01nEt1vCn 6+epL9ht0qOEZlWyuffULkcOVrYNaQtUOQrp36inBYo1C6HudOiAwjNrVKMTzQk3Tt92 d2ijSkQ/5cW7KlfiSiDR6E4oiBjCKBzhXuCcE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=gmRSuvtVdtePdWlhI+qYfa3jkKLy3lL4+DZtMxIoK0I=; b=gI6FnamhtRK67sdKfuXB4JUVxJ5505+RBFZZCZhijEbBGkXmqKHt0+YCrOf+b2eryX V1yWNVOeZPlvQuGAAwbr7fUxgmJ1ohJ9R15n5Msx6Eq+WmPhgGOVSgMkoD+0Y6cSbOI0 BMAu1aI1JFsVW4ubs1OhU1vw9NiuajvC7fZxZ5xD+6je/KObXG0pQuQ1t5lHOVQVb0pl ZiTlljdZ5ZBYXuXNrGv8MR7J9bg8s+HD4cHLZoM26a1QkPJ2qqo0H5/gcdPGj/0QWp7Z ixh7XMDTc5MQdRvNqLtY1635Dga2UqcekZmUE/oX4aPERC02p94Bl0CC76da3HNOaYQH MZfg== X-Gm-Message-State: ACrzQf3fkXCb1V/NEING+1r3ANlRz/+Z181MJyp/oZ3qE6YX3qa4C0qE Z2TJkCZr7vGJ3yLZKvWNux64mDzCc+9TOz2y X-Received: by 2002:a17:90b:278b:b0:213:c2f2:6ca1 with SMTP id pw11-20020a17090b278b00b00213c2f26ca1mr27478944pjb.103.1667498509274; Thu, 03 Nov 2022 11:01:49 -0700 (PDT) Received: from evgreen-glaptop.lan ([98.45.28.95]) by smtp.gmail.com with ESMTPSA id t12-20020a1709027fcc00b00177fb862a87sm1000277plb.20.2022.11.03.11.01.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 03 Nov 2022 11:01:48 -0700 (PDT) From: Evan Green To: linux-kernel@vger.kernel.org Cc: corbet@lwn.net, linux-pm@vger.kernel.org, rjw@rjwysocki.net, gwendal@chromium.org, apronin@chromium.org, Pavel Machek , Kees Cook , Matthew Garrett , linux-integrity@vger.kernel.org, jejb@linux.ibm.com, zohar@linux.ibm.com, dlunev@google.com, Eric Biggers , Ben Boeckel , jarkko@kernel.org, Evan Green , Matthew Garrett , David Howells , James Morris , Matthew Garrett , Paul Moore , "Serge E. Hallyn" , axelj , keyrings@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [PATCH v4 06/11] security: keys: trusted: Verify creation data Date: Thu, 3 Nov 2022 11:01:14 -0700 Message-Id: <20221103105558.v4.6.I6cdb522cb5ea28fcd1e35b4cd92cbd067f99269a@changeid> X-Mailer: git-send-email 2.38.1.431.g37b22c650d-goog In-Reply-To: <20221103180120.752659-1-evgreen@chromium.org> References: <20221103180120.752659-1-evgreen@chromium.org> MIME-Version: 1.0 X-Spam-Status: No, score=-3.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1748499193516079502?= X-GMAIL-MSGID: =?utf-8?q?1748499193516079502?= If a loaded key contains creation data, ask the TPM to verify that creation data. This allows users like encrypted hibernate to know that the loaded and parsed creation data has not been tampered with. Suggested-by: Matthew Garrett Signed-off-by: Evan Green Reviewed-by: Kees Cook --- Source material for this change is at: https://patchwork.kernel.org/project/linux-pm/patch/20210220013255.1083202-9-matthewgarrett@google.com/ (no changes since v3) Changes in v3: - Changed funky tag to suggested-by (Kees). Matthew, holler if you want something different. Changes in v2: - Adjust hash len by 2 due to new ASN.1 storage, and add underflow check. include/linux/tpm.h | 1 + security/keys/trusted-keys/trusted_tpm2.c | 77 ++++++++++++++++++++++- 2 files changed, 77 insertions(+), 1 deletion(-) diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 70134e6551745f..9c2ee3e30ffa5d 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -224,6 +224,7 @@ enum tpm2_command_codes { TPM2_CC_SELF_TEST = 0x0143, TPM2_CC_STARTUP = 0x0144, TPM2_CC_SHUTDOWN = 0x0145, + TPM2_CC_CERTIFYCREATION = 0x014A, TPM2_CC_NV_READ = 0x014E, TPM2_CC_CREATE = 0x0153, TPM2_CC_LOAD = 0x0157, diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c index a7ad83bc0e5396..c76a1b5a2e8471 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -703,6 +703,74 @@ static int tpm2_unseal_cmd(struct tpm_chip *chip, return rc; } +/** + * tpm2_certify_creation() - execute a TPM2_CertifyCreation command + * + * @chip: TPM chip to use + * @payload: the key data in clear and encrypted form + * @blob_handle: the loaded TPM handle of the key + * + * Return: 0 on success + * -EINVAL on tpm error status + * < 0 error from tpm_send or tpm_buf_init + */ +static int tpm2_certify_creation(struct tpm_chip *chip, + struct trusted_key_payload *payload, + u32 blob_handle) +{ + struct tpm_header *head; + struct tpm_buf buf; + int rc; + + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CERTIFYCREATION); + if (rc) + return rc; + + /* Use TPM_RH_NULL for signHandle */ + tpm_buf_append_u32(&buf, 0x40000007); + + /* Object handle */ + tpm_buf_append_u32(&buf, blob_handle); + + /* Auth */ + tpm_buf_append_u32(&buf, 9); + tpm_buf_append_u32(&buf, TPM2_RS_PW); + tpm_buf_append_u16(&buf, 0); + tpm_buf_append_u8(&buf, 0); + tpm_buf_append_u16(&buf, 0); + + /* Qualifying data */ + tpm_buf_append_u16(&buf, 0); + + /* Creation data hash */ + if (payload->creation_hash_len < 2) { + rc = -EINVAL; + goto out; + } + + tpm_buf_append_u16(&buf, payload->creation_hash_len - 2); + tpm_buf_append(&buf, payload->creation_hash + 2, + payload->creation_hash_len - 2); + + /* signature scheme */ + tpm_buf_append_u16(&buf, TPM_ALG_NULL); + + /* creation ticket */ + tpm_buf_append(&buf, payload->tk, payload->tk_len); + + rc = tpm_transmit_cmd(chip, &buf, 6, "certifying creation data"); + if (rc) + goto out; + + head = (struct tpm_header *)buf.data; + + if (be32_to_cpu(head->return_code) != TPM2_RC_SUCCESS) + rc = -EINVAL; +out: + tpm_buf_destroy(&buf); + return rc; +} + /** * tpm2_unseal_trusted() - unseal the payload of a trusted key * @@ -728,8 +796,15 @@ int tpm2_unseal_trusted(struct tpm_chip *chip, goto out; rc = tpm2_unseal_cmd(chip, payload, options, blob_handle); - tpm2_flush_context(chip, blob_handle); + if (rc) + goto flush; + + if (payload->creation_len) + rc = tpm2_certify_creation(chip, payload, blob_handle); + +flush: + tpm2_flush_context(chip, blob_handle); out: tpm_put_ops(chip);