[PATCH 1/2] tpm: use tpm_buf functions in tpm2_pcr_read()
Jarkko Sakkinen
jarkko.sakkinen at linux.intel.com
Wed Jun 28 22:18:58 UTC 2017
On Fri, Jun 23, 2017 at 03:41:56PM +0200, Roberto Sassu wrote:
> tpm2_pcr_read() now builds the PCR read command buffer with tpm_buf
> functions. This solution is preferred to using a tpm2_cmd structure,
> as tpm_buf functions provide protection against buffer overflow.
>
> Signed-off-by: Roberto Sassu <roberto.sassu at huawei.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen at linux.intel.com>
> ---
> drivers/char/tpm/tpm2-cmd.c | 60 ++++++++++++++++++++++-----------------------
> 1 file changed, 30 insertions(+), 30 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index 3a99643..fdce77d 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -42,17 +42,6 @@ struct tpm2_pcr_read_in {
> u8 pcr_select[TPM2_PCR_SELECT_MIN];
> } __packed;
>
> -struct tpm2_pcr_read_out {
> - __be32 update_cnt;
> - __be32 pcr_selects_cnt;
> - __be16 hash_alg;
> - u8 pcr_select_size;
> - u8 pcr_select[TPM2_PCR_SELECT_MIN];
> - __be32 digests_cnt;
> - __be16 digest_size;
> - u8 digest[TPM_DIGEST_SIZE];
> -} __packed;
> -
> struct tpm2_get_tpm_pt_in {
> __be32 cap_id;
> __be32 property_id;
> @@ -80,7 +69,6 @@ union tpm2_cmd_params {
> struct tpm2_startup_in startup_in;
> struct tpm2_self_test_in selftest_in;
> struct tpm2_pcr_read_in pcrread_in;
> - struct tpm2_pcr_read_out pcrread_out;
> struct tpm2_get_tpm_pt_in get_tpm_pt_in;
> struct tpm2_get_tpm_pt_out get_tpm_pt_out;
> struct tpm2_get_random_in getrandom_in;
> @@ -231,15 +219,23 @@ static const u8 tpm2_ordinal_duration[TPM2_CC_LAST - TPM2_CC_FIRST + 1] = {
> (sizeof(struct tpm_input_header) + \
> sizeof(struct tpm2_pcr_read_in))
>
> -#define TPM2_PCR_READ_RESP_BODY_SIZE \
> - sizeof(struct tpm2_pcr_read_out)
> -
> static const struct tpm_input_header tpm2_pcrread_header = {
> .tag = cpu_to_be16(TPM2_ST_NO_SESSIONS),
> .length = cpu_to_be32(TPM2_PCR_READ_IN_SIZE),
> .ordinal = cpu_to_be32(TPM2_CC_PCR_READ)
> };
>
> +struct tpm2_pcr_read_out {
> + __be32 update_cnt;
> + __be32 pcr_selects_cnt;
> + __be16 hash_alg;
> + u8 pcr_select_size;
> + u8 pcr_select[TPM2_PCR_SELECT_MIN];
> + __be32 digests_cnt;
> + __be16 digest_size;
> + u8 digest[];
> +} __packed;
> +
> /**
> * tpm2_pcr_read() - read a PCR value
> * @chip: TPM chip to use.
> @@ -251,29 +247,33 @@ static const struct tpm_input_header tpm2_pcrread_header = {
> int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf)
> {
> int rc;
> - struct tpm2_cmd cmd;
> - u8 *buf;
> + struct tpm_buf buf;
> + struct tpm2_pcr_read_out *out;
> + u8 pcr_select[TPM2_PCR_SELECT_MIN] = {0};
>
> if (pcr_idx >= TPM2_PLATFORM_PCR)
> return -EINVAL;
>
> - cmd.header.in = tpm2_pcrread_header;
> - cmd.params.pcrread_in.pcr_selects_cnt = cpu_to_be32(1);
> - cmd.params.pcrread_in.hash_alg = cpu_to_be16(TPM2_ALG_SHA1);
> - cmd.params.pcrread_in.pcr_select_size = TPM2_PCR_SELECT_MIN;
> + rc = tpm_buf_init(&buf, TPM2_ST_NO_SESSIONS, TPM2_CC_PCR_READ);
> + if (rc)
> + return rc;
>
> - memset(cmd.params.pcrread_in.pcr_select, 0,
> - sizeof(cmd.params.pcrread_in.pcr_select));
> - cmd.params.pcrread_in.pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
> + pcr_select[pcr_idx >> 3] = 1 << (pcr_idx & 0x7);
>
> - rc = tpm_transmit_cmd(chip, NULL, &cmd, sizeof(cmd),
> - TPM2_PCR_READ_RESP_BODY_SIZE,
> - 0, "attempting to read a pcr value");
> - if (rc == 0) {
> - buf = cmd.params.pcrread_out.digest;
> - memcpy(res_buf, buf, TPM_DIGEST_SIZE);
> + tpm_buf_append_u32(&buf, 1);
> + tpm_buf_append_u16(&buf, TPM2_ALG_SHA1);
> + tpm_buf_append_u8(&buf, TPM2_PCR_SELECT_MIN);
> + tpm_buf_append(&buf, (const unsigned char *)pcr_select,
> + sizeof(pcr_select));
> +
> + rc = tpm_transmit_cmd(chip, NULL, buf.data, PAGE_SIZE, 0, 0,
> + res_buf ? "attempting to read a pcr value" : NULL);
> + if (rc == 0 && res_buf) {
> + out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE];
> + memcpy(res_buf, out->digest, SHA1_DIGEST_SIZE);
> }
>
> + tpm_buf_destroy(&buf);
> return rc;
> }
>
> --
> 2.9.3
>
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list