[PATCH v6 7/7] tpm: pass an array of tpm_bank_list structures to tpm_pcr_extend()

Roberto Sassu roberto.sassu at huawei.com
Thu Dec 13 07:57:17 UTC 2018


On 12/12/2018 7:27 PM, Jarkko Sakkinen wrote:
> On Thu, Dec 06, 2018 at 07:38:30PM +0100, Roberto Sassu wrote:
>> On 12/5/2018 1:14 AM, Jarkko Sakkinen wrote:
>>> On Tue, Dec 04, 2018 at 09:21:38AM +0100, Roberto Sassu wrote:
>>>> The new tpm_bank_list structure has been preferred to the tpm_digest
>>>> structure, to let the caller specify the size of the digest (which may be
>>>> unknown to the TPM driver).
>>>
>>> Why is that? Didn't previous commit query these?
>>
>> Since the TPM driver pads/truncates the first digest passed by the
>> caller to extend PCRs for which no digest was provided, it must know
>> which amount of data it can use. It is possible that the algorithm of
>> the first digest is unknown for the TPM driver, if the caller of
>> tpm_pcr_extend() didn't check chip->allocated_banks.
>>
>> By requiring that the caller passes also the digest size, this problem
>> does not arise. It seems reasonable to me to pass this information, as
>> the caller calculated the digest and it should know the digest size.
> 
> OK. I noticed something other things that look to alarming:
> 
> 1. The function does not fail if alg_id is not found. This will go
>     silent.

It is intentional. If alg_id is not found, the PCR is extended with the
first digest passed by the caller of tpm_pcr_extend(). If no digest was
provided, the PCR is extended with 0s. This is done to prevent that
PCRs in unused banks are extended later with fake measurements.


> 2. The function does not fail if there is a mismatch with the digest
>     sizes.

The data passed by the caller of tpm_pcr_extend() is copied to
dummy_hash, which has the maximum length. Then, tpm2_pcr_extend() takes
from dummy_hash as many bytes as needed, depending on the current
algorithm.

Roberto


> /Jarkko
> 

-- 
HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063
Managing Director: Bo PENG, Jian LI, Yanli SHI



More information about the Linux-security-module-archive mailing list