From patchwork Tue Nov 21 21:17:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jarkko Sakkinen X-Patchwork-Id: 167943 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:2b07:b0:403:3b70:6f57 with SMTP id io7csp920734vqb; Tue, 21 Nov 2023 13:18:23 -0800 (PST) X-Google-Smtp-Source: AGHT+IFGSGu787ziJFgi2FEgyk1YpSZrGsNaRrVwpZDjoHes2cK3NjzLDzDPyKGFOIFAda3yoUDw X-Received: by 2002:a17:90b:3803:b0:280:6296:3d96 with SMTP id mq3-20020a17090b380300b0028062963d96mr485648pjb.41.1700601502947; Tue, 21 Nov 2023 13:18:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700601502; cv=none; d=google.com; s=arc-20160816; b=dczQNnbbNxyLQfTWpDJWqNkK7A72lRY0483KRzOZJf7JHrlVg8iaP6xHY/sxtELjfO HJM/feXs6QyIoPdyuI487luORugTVzrnsGit58IQXflE50OoTp8htRjvNYo9/sbWucap c9iIdjF/NoERIhIpyncc/P8TUfM35BOXEJIg7j6TYaENapW8q6n8vJlP7JlOXynF1kMm 3hISzn5VI1WHJdfCfaSHtHCZ5vGQ5f1gEugMrV+tGbwl0WK5OAc1DwW57pqC0WpDNAbY RR+sOAdyU8G3AkCQvJDSiDlohqByyDCbafEfoaJh2ZVJw4XsICh4MfaxXH686Syubjf9 OLWg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=1CThBTyqMjAP+1OkxYC5gQSpqU86n67fnC99Pv8T5Zk=; fh=jG+sFESJQJDE1Wcf9yLzJ2BgzLPnNsnyl0eym9Se5T0=; b=Xd4yuJ26MCnr8XHzMnic/88ZoRoM6uGzfF9X+maxpa/CscM/egN0ZMKCsYu0IykBEy YMIgll5dF1kfy6OD+iiBk413AqEV5Ah0gmDOABH14bG8C5qVkHRtklDsD9n4DMVD5XWJ BpJj5SuImji1IVXvfgOIT5NSsh7WoF/KvAVRNrxeyiu6hV1OwLMpjDfpbltUWhMqG3HF gq2CJZ4eneoZaJ3PYoPi5n/Pb+JtgeZgmx34WsPwNVZ32abw/+e22grYgLK/oczKoXqG K/FT9Jze28GVm2aZjUrr8wMUaFDKAsp7Mod1Wrgsn+zfWACJ2rsMd9VH+VoGTW7qNNst UQWw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=r9EHYBPa; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id sr8-20020a17090b4e8800b002809a033855si11382527pjb.157.2023.11.21.13.18.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Nov 2023 13:18:22 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=r9EHYBPa; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 5CE708127F57; Tue, 21 Nov 2023 13:18:02 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234474AbjKUVRz (ORCPT + 99 others); Tue, 21 Nov 2023 16:17:55 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:50686 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S234498AbjKUVRr (ORCPT ); Tue, 21 Nov 2023 16:17:47 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6469F10C7 for ; Tue, 21 Nov 2023 13:17:40 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8EBEEC433C7; Tue, 21 Nov 2023 21:17:39 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1700601460; bh=ODPwUlYKSAeHlpAB5encwTG6et/HxfECcndbzrtG5jo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=r9EHYBParZKl0IjHD1mr0x0swHj5nhxPdlQxr34hQnaTCFJdaMaHrdt4k6o57j1w7 ALcKk84Y29RfFkZSS/SvIuPQlkqgkTIPJk3PfwzsOjcRNGjsjfWZJ9uvCE9qkI7ai3 +jcO0Lj8h1FmfqhtG1v8lgR29/Daqs6CeJ5drV04jGM8RNuA6MPnVF2vFo/nnztH6V w6kbM19Pa1fnfA+R6+RfxEcie2/0jANpXAjtOm7D/e9kQjqkOYAbMqazncxUfe8CAd R3FSkGuHnbm5e8IOm2Fc3myUJkAhlGHmLWuIzI22/LkoWUjkgWiOzHOOU5xeqFiRb/ IGt+9iRv4lnhA== From: Jarkko Sakkinen To: linux-integrity@vger.kernel.org Cc: linux-kernel@vger.kernel.org, Jarkko Sakkinen , James Bottomley , William Roberts , Stefan Berger , David Howells , Jason Gunthorpe , Mimi Zohar , Mario Limonciello , Jerry Snitselaar , Peter Huewe , James Bottomley , Paul Moore , James Morris , "Serge E. Hallyn" , Julien Gomes Subject: [PATCH v4 5/8] tpm: Store the length of the tpm_buf data separately. Date: Tue, 21 Nov 2023 23:17:14 +0200 Message-ID: <20231121211717.31681-6-jarkko@kernel.org> X-Mailer: git-send-email 2.42.1 In-Reply-To: <20231121211717.31681-1-jarkko@kernel.org> References: <20231121211717.31681-1-jarkko@kernel.org> MIME-Version: 1.0 X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Tue, 21 Nov 2023 13:18:02 -0800 (PST) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1783209921839336203 X-GMAIL-MSGID: 1783209921839336203 TPM2B buffers, or sized buffers, have a two byte header, which contains the length of the payload as a 16-bit big-endian number, without counting in the space taken by the header. This differs from encoding in the TPM header where the length includes also the bytes taken by the header. Unbound the length of a tpm_buf from the value stored to the TPM command header. A separate encoding and decoding step so that different buffer types can be supported, with variant header format and length encoding. Signed-off-by: Jarkko Sakkinen --- v2 [2023-11-21]: Squashed together with the following patch, as the API of tpm_buf_init() is no longer changed. --- drivers/char/tpm/tpm-buf.c | 49 ++++++++++++++++++----- drivers/char/tpm/tpm-interface.c | 1 + include/keys/trusted_tpm.h | 2 - include/linux/tpm.h | 6 +-- security/keys/trusted-keys/trusted_tpm1.c | 9 +++-- 5 files changed, 47 insertions(+), 20 deletions(-) diff --git a/drivers/char/tpm/tpm-buf.c b/drivers/char/tpm/tpm-buf.c index 96cee41d5b9c..545d9c74abf1 100644 --- a/drivers/char/tpm/tpm-buf.c +++ b/drivers/char/tpm/tpm-buf.c @@ -3,25 +3,45 @@ * Handling of TPM command and other buffers. */ +#include #include #include +/** + * tpm_buf_init() - Allocate and initialize a TPM command + * @buf: A &tpm_buf + * @tag: TPM_TAG_RQU_COMMAND, TPM2_ST_NO_SESSIONS or TPM2_ST_SESSIONS + * @ordinal: A command ordinal + * + * Return: 0 or -ENOMEM + */ int tpm_buf_init(struct tpm_buf *buf, u16 tag, u32 ordinal) { buf->data = (u8 *)__get_free_page(GFP_KERNEL); if (!buf->data) return -ENOMEM; - buf->flags = 0; tpm_buf_reset(buf, tag, ordinal); return 0; } EXPORT_SYMBOL_GPL(tpm_buf_init); +/** + * tpm_buf_reset() - Initialize a TPM command + * @buf: A &tpm_buf + * @tag: TPM_TAG_RQU_COMMAND, TPM2_ST_NO_SESSIONS or TPM2_ST_SESSIONS + * @ordinal: A command ordinal + */ void tpm_buf_reset(struct tpm_buf *buf, u16 tag, u32 ordinal) { struct tpm_header *head = (struct tpm_header *)buf->data; + WARN_ON(tag != TPM_TAG_RQU_COMMAND && tag != TPM2_ST_NO_SESSIONS && + tag != TPM2_ST_SESSIONS); + + memset(buf->data, 0, TPM_HEADER_SIZE); + buf->flags = 0; + buf->length = sizeof(*head); head->tag = cpu_to_be16(tag); head->length = cpu_to_be32(sizeof(*head)); head->ordinal = cpu_to_be32(ordinal); @@ -34,33 +54,40 @@ void tpm_buf_destroy(struct tpm_buf *buf) } EXPORT_SYMBOL_GPL(tpm_buf_destroy); +/** + * tpm_buf_length() - Return the number of bytes consumed by the data + * + * Return: The number of bytes consumed by the buffer + */ u32 tpm_buf_length(struct tpm_buf *buf) { - struct tpm_header *head = (struct tpm_header *)buf->data; - - return be32_to_cpu(head->length); + return buf->length; } EXPORT_SYMBOL_GPL(tpm_buf_length); -void tpm_buf_append(struct tpm_buf *buf, - const unsigned char *new_data, - unsigned int new_len) +/** + * tpm_buf_append() - Append data to an initialized buffer + * @buf: A &tpm_buf + * @new_data: A data blob + * @new_length: Size of the appended data + */ +void tpm_buf_append(struct tpm_buf *buf, const u8 *new_data, u16 new_length) { struct tpm_header *head = (struct tpm_header *)buf->data; - u32 len = tpm_buf_length(buf); /* Return silently if overflow has already happened. */ if (buf->flags & TPM_BUF_OVERFLOW) return; - if ((len + new_len) > PAGE_SIZE) { + if ((buf->length + new_length) > PAGE_SIZE) { WARN(1, "tpm_buf: overflow\n"); buf->flags |= TPM_BUF_OVERFLOW; return; } - memcpy(&buf->data[len], new_data, new_len); - head->length = cpu_to_be32(len + new_len); + memcpy(&buf->data[buf->length], new_data, new_length); + buf->length += new_length; + head->length = cpu_to_be32(buf->length); } EXPORT_SYMBOL_GPL(tpm_buf_append); diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 163ae247bff2..ea75f2776c2f 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -232,6 +232,7 @@ ssize_t tpm_transmit_cmd(struct tpm_chip *chip, struct tpm_buf *buf, if (len < min_rsp_body_length + TPM_HEADER_SIZE) return -EFAULT; + buf->length = len; return 0; } EXPORT_SYMBOL_GPL(tpm_transmit_cmd); diff --git a/include/keys/trusted_tpm.h b/include/keys/trusted_tpm.h index 7769b726863a..a088b33fd0e3 100644 --- a/include/keys/trusted_tpm.h +++ b/include/keys/trusted_tpm.h @@ -6,8 +6,6 @@ #include /* implementation specific TPM constants */ -#define MAX_BUF_SIZE 1024 -#define TPM_GETRANDOM_SIZE 14 #define TPM_SIZE_OFFSET 2 #define TPM_RETURN_OFFSET 6 #define TPM_DATA_OFFSET 10 diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 0a8c1351adc2..1d7b39b5c383 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -306,7 +306,8 @@ enum tpm_buf_flags { * A string buffer type for constructing TPM commands. */ struct tpm_buf { - unsigned int flags; + u32 flags; + u32 length; u8 *data; }; @@ -329,8 +330,7 @@ int tpm_buf_init(struct tpm_buf *buf, u16 tag, u32 ordinal); void tpm_buf_reset(struct tpm_buf *buf, u16 tag, u32 ordinal); void tpm_buf_destroy(struct tpm_buf *buf); u32 tpm_buf_length(struct tpm_buf *buf); -void tpm_buf_append(struct tpm_buf *buf, const unsigned char *new_data, - unsigned int new_len); +void tpm_buf_append(struct tpm_buf *buf, const u8 *new_data, u16 new_length); void tpm_buf_append_u8(struct tpm_buf *buf, const u8 value); void tpm_buf_append_u16(struct tpm_buf *buf, const u16 value); void tpm_buf_append_u32(struct tpm_buf *buf, const u32 value); diff --git a/security/keys/trusted-keys/trusted_tpm1.c b/security/keys/trusted-keys/trusted_tpm1.c index 37bce84eef99..89c9798d1800 100644 --- a/security/keys/trusted-keys/trusted_tpm1.c +++ b/security/keys/trusted-keys/trusted_tpm1.c @@ -367,6 +367,7 @@ int trusted_tpm_send(unsigned char *cmd, size_t buflen) return rc; buf.flags = 0; + buf.length = buflen; buf.data = cmd; dump_tpm_buf(cmd); rc = tpm_transmit_cmd(chip, &buf, 4, "sending data"); @@ -417,7 +418,7 @@ static int osap(struct tpm_buf *tb, struct osapsess *s, tpm_buf_append_u32(tb, handle); tpm_buf_append(tb, ononce, TPM_NONCE_SIZE); - ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE); + ret = trusted_tpm_send(tb->data, tb->length); if (ret < 0) return ret; @@ -441,7 +442,7 @@ int oiap(struct tpm_buf *tb, uint32_t *handle, unsigned char *nonce) return -ENODEV; tpm_buf_reset(tb, TPM_TAG_RQU_COMMAND, TPM_ORD_OIAP); - ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE); + ret = trusted_tpm_send(tb->data, tb->length); if (ret < 0) return ret; @@ -553,7 +554,7 @@ static int tpm_seal(struct tpm_buf *tb, uint16_t keytype, tpm_buf_append_u8(tb, cont); tpm_buf_append(tb, td->pubauth, SHA1_DIGEST_SIZE); - ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE); + ret = trusted_tpm_send(tb->data, tb->length); if (ret < 0) goto out; @@ -644,7 +645,7 @@ static int tpm_unseal(struct tpm_buf *tb, tpm_buf_append_u8(tb, cont); tpm_buf_append(tb, authdata2, SHA1_DIGEST_SIZE); - ret = trusted_tpm_send(tb->data, MAX_BUF_SIZE); + ret = trusted_tpm_send(tb->data, tb->length); if (ret < 0) { pr_info("authhmac failed (%d)\n", ret); return ret;