[tpmdd-devel] tpm: Fix expected number of response bytes of TPM1.2 PCR Extend

Submitted by Stefan Berger on Feb. 15, 2017, 4:56 p.m.

Details

Message ID 1487177783-15687-1-git-send-email-stefanb@linux.vnet.ibm.com
State New
Headers show

Commit Message

Stefan Berger Feb. 15, 2017, 4:56 p.m.
The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
which is the size of the PCR state.

This fixes a problem where IMA gets errors with every PCR Extend.

Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
---
 drivers/char/tpm/tpm-interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Jarkko Sakkinen Feb. 15, 2017, 6:09 p.m.
On Wed, Feb 15, 2017 at 11:56:23AM -0500, Stefan Berger wrote:
> The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
> which is the size of the PCR state.
> 
> This fixes a problem where IMA gets errors with every PCR Extend.
> 
> Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
> Acked-by: Mimi Zohar <zohar@us.ibm.com>

Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

/Jarkko

> ---
>  drivers/char/tpm/tpm-interface.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index 6e368ee..bd2128e 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -767,7 +767,7 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
>  
>  #define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
>  #define EXTEND_PCR_RESULT_SIZE 34
> -#define EXTEND_PCR_RESULT_BODY_SIZE 24
> +#define EXTEND_PCR_RESULT_BODY_SIZE 20
>  static const struct tpm_input_header pcrextend_header = {
>  	.tag = TPM_TAG_RQU_COMMAND,
>  	.length = cpu_to_be32(34),
> -- 
> 2.4.3
> 

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
Stefan Berger Feb. 15, 2017, 6:17 p.m.
On 02/15/2017 01:09 PM, Jarkko Sakkinen wrote:
> On Wed, Feb 15, 2017 at 11:56:23AM -0500, Stefan Berger wrote:
>> The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
>> which is the size of the PCR state.
>>
>> This fixes a problem where IMA gets errors with every PCR Extend.
>>
>> Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
>> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
>> Acked-by: Mimi Zohar <zohar@us.ibm.com>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>
> /Jarkko
>
>> ---
>>   drivers/char/tpm/tpm-interface.c | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
>> index 6e368ee..bd2128e 100644
>> --- a/drivers/char/tpm/tpm-interface.c
>> +++ b/drivers/char/tpm/tpm-interface.c
>> @@ -767,7 +767,7 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
>>   
>>   #define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
>>   #define EXTEND_PCR_RESULT_SIZE 34


We should probably rename the above to EXTEND_PCR_BUFFER_SIZE. It's the 
input buffer that's size 34, the output is 30 bytes.

    Stefan


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
Mimi Zohar Feb. 17, 2017, 12:46 p.m.
Hi James,

On Wed, 2017-02-15 at 20:09 +0200, Jarkko Sakkinen wrote:
> On Wed, Feb 15, 2017 at 11:56:23AM -0500, Stefan Berger wrote:
> > The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
> > which is the size of the PCR state.
> > 
> > This fixes a problem where IMA gets errors with every PCR Extend.
> > 
> > Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
> > Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
> > Acked-by: Mimi Zohar <zohar@us.ibm.com>
> 
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

This patch needs to be included with the rest of the patches being
upstreamed in the next open window.   Should Jarkko or I send you a pull
request for it?

thanks,

Mimi


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
Jarkko Sakkinen Feb. 17, 2017, 6:45 p.m.
On Fri, Feb 17, 2017 at 07:46:38AM -0500, Mimi Zohar wrote:
> Hi James,
> 
> On Wed, 2017-02-15 at 20:09 +0200, Jarkko Sakkinen wrote:
> > On Wed, Feb 15, 2017 at 11:56:23AM -0500, Stefan Berger wrote:
> > > The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
> > > which is the size of the PCR state.
> > > 
> > > This fixes a problem where IMA gets errors with every PCR Extend.
> > > 
> > > Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
> > > Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
> > > Acked-by: Mimi Zohar <zohar@us.ibm.com>
> > 
> > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> 
> This patch needs to be included with the rest of the patches being
> upstreamed in the next open window.   Should Jarkko or I send you a pull
> request for it?
> 
> thanks,
> 
> Mimi

I'm sending a pull request after the weekend. It will contain
only a few small scoped fixes so wouldn't it be easiest if I
just include this to the pack?

/Jarkko

------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
Mimi Zohar Feb. 17, 2017, 6:48 p.m.
On Fri, 2017-02-17 at 20:45 +0200, Jarkko Sakkinen wrote:
> On Fri, Feb 17, 2017 at 07:46:38AM -0500, Mimi Zohar wrote:
> > Hi James,
> > 
> > On Wed, 2017-02-15 at 20:09 +0200, Jarkko Sakkinen wrote:
> > > On Wed, Feb 15, 2017 at 11:56:23AM -0500, Stefan Berger wrote:
> > > > The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
> > > > which is the size of the PCR state.
> > > > 
> > > > This fixes a problem where IMA gets errors with every PCR Extend.
> > > > 
> > > > Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
> > > > Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
> > > > Acked-by: Mimi Zohar <zohar@us.ibm.com>
> > > 
> > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> > 
> > This patch needs to be included with the rest of the patches being
> > upstreamed in the next open window.   Should Jarkko or I send you a pull
> > request for it?

> I'm sending a pull request after the weekend. It will contain
> only a few small scoped fixes so wouldn't it be easiest if I
> just include this to the pack?

As long as it makes it into the James' pull request to Linus, that's
fine.

Mimi


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot

Patch hide | download patch | download mbox

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 6e368ee..bd2128e 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -767,7 +767,7 @@  EXPORT_SYMBOL_GPL(tpm_pcr_read);
 
 #define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
 #define EXTEND_PCR_RESULT_SIZE 34
-#define EXTEND_PCR_RESULT_BODY_SIZE 24
+#define EXTEND_PCR_RESULT_BODY_SIZE 20
 static const struct tpm_input_header pcrextend_header = {
 	.tag = TPM_TAG_RQU_COMMAND,
 	.length = cpu_to_be32(34),