From patchwork Fri Nov 11 23:16:31 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Evan Green X-Patchwork-Id: 19050 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:6687:0:0:0:0:0 with SMTP id l7csp1015618wru; Fri, 11 Nov 2022 15:21:04 -0800 (PST) X-Google-Smtp-Source: AA0mqf4swpHLyOmmvJWmVRc6SpptYXuRqCchQ5bZRqhfDWSFNyt7Kzvsbsc9upbnhkYiMkfOcyLL X-Received: by 2002:a17:903:2642:b0:186:8930:20e6 with SMTP id je2-20020a170903264200b00186893020e6mr4683126plb.64.1668208864022; Fri, 11 Nov 2022 15:21:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668208864; cv=none; d=google.com; s=arc-20160816; b=QO7rMux+s+qZ1GRpnhv/W0bvql6yItdi479bO6magI+0ehIKb7BNzkVZLwMa6EnaId Q4l4iQutVky8PwOJD1vM9ZLCAnsHO70Xsc1S+9DfTDA4dYxykFkYX8661M7q8wdBgxIX jKF+OgOCUWmGt8OkGGfyru4GGdeBHU3A83rZYEgfi25nWkduv2vvZ9tNDnmTZHvidhIB 9779Dz15SPP2bcW0VIKqZ7AoDEfhY9yN5fRfWffze+cZcX+UVYz9zs5Yw6Zkw2vmXK7q qVzXP2vyvrkthfmz5MKUdyue4ahSjMnDZCg05zPbTvyhH3zrq/V4xSFstvx85bPLmDKl K8FA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=lT6eX+hZD0ZTySUyAECYTCle2DEgzv1f+QjqPC3Dddk=; b=r+m9WYUpUeZenTIBwrfVojuehyITKLn7hhOH+u3OTC1WfB/QseDJ5eBKtpQlohUDzx f+1zwj4O51qaNrL0FcGQB3lMhgR3bPMGPcA9VWaNE/N/y7lWDHTsvPjFe2tszpOTGiLN BUgAs3ujGRUloGrI1XiBbWEDSE6Yh/TlQLOAjc2ERGtTFD+HPNUd3j+7REwGJX/FRU55 atR5+lm4y0Nxll7U231BPKn57a/Z5lqlHmptubgvKN2/fPjKh/uNEJIXayZRAJqe/RNp b+U25p0RTnSK3yzUGUJDKWDhan1pWYfxQ96NFhJKYmi0QOnD4VDytZV48nfq/yiB1DDR WKbw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=U2W25pAv; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id y4-20020a056a00180400b0055706edd79csi3666582pfa.240.2022.11.11.15.20.50; Fri, 11 Nov 2022 15:21:04 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=U2W25pAv; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234646AbiKKXUW (ORCPT + 99 others); Fri, 11 Nov 2022 18:20:22 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47544 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234561AbiKKXUM (ORCPT ); Fri, 11 Nov 2022 18:20:12 -0500 Received: from mail-pl1-x629.google.com (mail-pl1-x629.google.com [IPv6:2607:f8b0:4864:20::629]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AB16F8338F for ; Fri, 11 Nov 2022 15:19:51 -0800 (PST) Received: by mail-pl1-x629.google.com with SMTP id c2so5356925plz.11 for ; Fri, 11 Nov 2022 15:19:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lT6eX+hZD0ZTySUyAECYTCle2DEgzv1f+QjqPC3Dddk=; b=U2W25pAvqdkdkWLcokZmO7l4t8Bw+tkvFOixYVuwcikCJOh84eIQEtmWeKRV3H67Cl kkxJiMOaisdceUpyytoKvTfzcHeG1zNMnbI8yauLRuL0bHiOYiKgs6QRKMPhmj7br+cC RfbQaXDPPOrgB0ad6d6z+NtpYbMorkvaHf22o= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lT6eX+hZD0ZTySUyAECYTCle2DEgzv1f+QjqPC3Dddk=; b=HST29FRhTBI6Pg1LajlPrr1K9dngGZ3z7P549H76NtAYvzQhQMl7lNkFsGPpFZ4nHG IKZsxrrBiX36a7SWdnbU2Rnekstcq7fnXws7jed5QtoWXP/Jn/Pyl91H+SKajK+UM6zA EcgJBHkOXFrAxqaelqNkyprjOOHrLs/5GoGpA7ZiD1NJlPt/87/+OrGmfQMK2PKR7xQC xz8UKb+B6gWH7XT/QVoJElODQChCz/4BfJ8zx+mXhIAbibmHQSYgKr/UtTVfKqfJZvNv s2eIq5SB/dCf/O0UZnEB8tlmcPAw/JYNpJMToEqDdGcHJQuSNVG3Y1RDGx3cZkq/n8t6 4nWQ== X-Gm-Message-State: ANoB5pmBMiKum0w6rJ8x406Uutgdi/t6+5ah6ARw6rwmjs20d9QjQxsY sF8NhBKF6Oj2OHZXXbUFEVhtrop4+ZIn4V1f X-Received: by 2002:a17:902:9b97:b0:186:5f71:7939 with SMTP id y23-20020a1709029b9700b001865f717939mr4244136plp.162.1668208791108; Fri, 11 Nov 2022 15:19:51 -0800 (PST) Received: from evgreen-glaptop.lan ([98.45.28.95]) by smtp.gmail.com with ESMTPSA id x128-20020a623186000000b0056da2ad6503sm2106900pfx.39.2022.11.11.15.19.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 11 Nov 2022 15:19:50 -0800 (PST) From: Evan Green To: linux-kernel@vger.kernel.org Cc: corbet@lwn.net, linux-integrity@vger.kernel.org, Eric Biggers , gwendal@chromium.org, dianders@chromium.org, apronin@chromium.org, Pavel Machek , Ben Boeckel , rjw@rjwysocki.net, jejb@linux.ibm.com, Kees Cook , dlunev@google.com, zohar@linux.ibm.com, Matthew Garrett , jarkko@kernel.org, linux-pm@vger.kernel.org, Evan Green , Matthew Garrett , David Howells , James Morris , Paul Moore , "Serge E. Hallyn" , axelj , keyrings@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [PATCH v5 06/11] security: keys: trusted: Verify creation data Date: Fri, 11 Nov 2022 15:16:31 -0800 Message-Id: <20221111151451.v5.6.I6cdb522cb5ea28fcd1e35b4cd92cbd067f99269a@changeid> X-Mailer: git-send-email 2.38.1.431.g37b22c650d-goog In-Reply-To: <20221111231636.3748636-1-evgreen@chromium.org> References: <20221111231636.3748636-1-evgreen@chromium.org> MIME-Version: 1.0 X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1749243777971228839?= X-GMAIL-MSGID: =?utf-8?q?1749243777971228839?= If a loaded key contains creation data, ask the TPM to verify that creation data. This allows users like encrypted hibernate to know that the loaded and parsed creation data has not been tampered with. Suggested-by: Matthew Garrett Signed-off-by: Evan Green Reviewed-by: Kees Cook --- Source material for this change is at: https://patchwork.kernel.org/project/linux-pm/patch/20210220013255.1083202-9-matthewgarrett@google.com/ (no changes since v3) Changes in v3: - Changed funky tag to suggested-by (Kees). Matthew, holler if you want something different. Changes in v2: - Adjust hash len by 2 due to new ASN.1 storage, and add underflow check. include/linux/tpm.h | 1 + security/keys/trusted-keys/trusted_tpm2.c | 77 ++++++++++++++++++++++- 2 files changed, 77 insertions(+), 1 deletion(-) diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 70134e6551745f..9c2ee3e30ffa5d 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -224,6 +224,7 @@ enum tpm2_command_codes { TPM2_CC_SELF_TEST = 0x0143, TPM2_CC_STARTUP = 0x0144, TPM2_CC_SHUTDOWN = 0x0145, + TPM2_CC_CERTIFYCREATION = 0x014A, TPM2_CC_NV_READ = 0x014E, TPM2_CC_CREATE = 0x0153, TPM2_CC_LOAD = 0x0157, diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c index 3d84c3d41bdee1..402933f8c99ede 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -730,6 +730,74 @@ static int tpm2_unseal_cmd(struct tpm_chip *chip, return rc; } +/** + * tpm2_certify_creation() - execute a TPM2_CertifyCreation command + * + * @chip: TPM chip to use + * @payload: the key data in clear and encrypted form + * @blob_handle: the loaded TPM handle of the key + * + * Return: 0 on success + * -EINVAL on tpm error status + * < 0 error from tpm_send or tpm_buf_init + */ +static int tpm2_certify_creation(struct tpm_chip *chip, + struct trusted_key_payload *payload, + u32 blob_handle) +{ + struct tpm_header *head; + struct tpm_buf buf; + int rc; + + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CERTIFYCREATION); + if (rc) + return rc; + + /* Use TPM_RH_NULL for signHandle */ + tpm_buf_append_u32(&buf, 0x40000007); + + /* Object handle */ + tpm_buf_append_u32(&buf, blob_handle); + + /* Auth */ + tpm_buf_append_u32(&buf, 9); + tpm_buf_append_u32(&buf, TPM2_RS_PW); + tpm_buf_append_u16(&buf, 0); + tpm_buf_append_u8(&buf, 0); + tpm_buf_append_u16(&buf, 0); + + /* Qualifying data */ + tpm_buf_append_u16(&buf, 0); + + /* Creation data hash */ + if (payload->creation_hash_len < 2) { + rc = -EINVAL; + goto out; + } + + tpm_buf_append_u16(&buf, payload->creation_hash_len - 2); + tpm_buf_append(&buf, payload->creation_hash + 2, + payload->creation_hash_len - 2); + + /* signature scheme */ + tpm_buf_append_u16(&buf, TPM_ALG_NULL); + + /* creation ticket */ + tpm_buf_append(&buf, payload->tk, payload->tk_len); + + rc = tpm_transmit_cmd(chip, &buf, 6, "certifying creation data"); + if (rc) + goto out; + + head = (struct tpm_header *)buf.data; + + if (be32_to_cpu(head->return_code) != TPM2_RC_SUCCESS) + rc = -EINVAL; +out: + tpm_buf_destroy(&buf); + return rc; +} + /** * tpm2_unseal_trusted() - unseal the payload of a trusted key * @@ -755,8 +823,15 @@ int tpm2_unseal_trusted(struct tpm_chip *chip, goto out; rc = tpm2_unseal_cmd(chip, payload, options, blob_handle); - tpm2_flush_context(chip, blob_handle); + if (rc) + goto flush; + + if (payload->creation_len) + rc = tpm2_certify_creation(chip, payload, blob_handle); + +flush: + tpm2_flush_context(chip, blob_handle); out: tpm_put_ops(chip);