[PATCH v2 2/8] ima: Switch to ima_hash_algo for boot aggregate
Roberto Sassu
roberto.sassu at huawei.com
Thu Feb 6 09:33:40 UTC 2020
> -----Original Message-----
> From: Mimi Zohar [mailto:zohar at linux.ibm.com]
> Sent: Wednesday, February 5, 2020 9:41 PM
> To: Roberto Sassu <roberto.sassu at huawei.com>;
> James.Bottomley at HansenPartnership.com;
> jarkko.sakkinen at linux.intel.com
> Cc: linux-integrity at vger.kernel.org; linux-security-module at vger.kernel.org;
> linux-kernel at vger.kernel.org; Silviu Vlasceanu
> <Silviu.Vlasceanu at huawei.com>; stable at vger.kernel.org
> Subject: Re: [PATCH v2 2/8] ima: Switch to ima_hash_algo for boot
> aggregate
>
> On Wed, 2020-02-05 at 11:33 +0100, Roberto Sassu wrote:
> > boot_aggregate is the first entry of IMA measurement list. Its purpose is
> > to link pre-boot measurements to IMA measurements. As IMA was
> designed to
> > work with a TPM 1.2, the SHA1 PCR bank was always selected.
> >
> > Currently, even if a TPM 2.0 is used, the SHA1 PCR bank is selected.
> > However, the assumption that the SHA1 PCR bank is always available is not
> > correct, as PCR banks can be selected with the PCR_Allocate() TPM
> command.
> >
> > This patch tries to use ima_hash_algo as hash algorithm for
> boot_aggregate.
> > If no PCR bank uses that algorithm, the patch tries to find the SHA256 PCR
> > bank (which is mandatory in the TCG PC Client specification). If also this
> > bank is not found, the patch selects the first one. If the TPM algorithm
> > of that bank is not mapped to a crypto ID, boot_aggregate is set to zero.
> >
> > Changelog
> >
> > v1:
> > - add Mimi's comments
> > - if there is no PCR bank for the IMA default algorithm use SHA256 or the
> > first bank (suggested by James Bottomley)
>
> If the IMA default hash algorithm is not enabled, James' comment was
> to use SHA256 for TPM 2.0 and SHA1 for TPM 1.2. I don't remember him
> saying anything about using the first bank, that was in v1 of my
> patch. Please refer to v2 of my patch, based on James' comments.
Right. Will fix in the next version.
Thanks
Roberto
> Reported-by: Jerry Snitselaar <jsnitsel at redhat.com>
> > Suggested-by: James Bottomley
> <James.Bottomley at HansenPartnership.com>
> > Signed-off-by: Roberto Sassu <roberto.sassu at huawei.com>
> > Cc: stable at vger.kernel.org
> > ---
> > security/integrity/ima/ima_crypto.c | 45
> +++++++++++++++++++++++++----
> > security/integrity/ima/ima_init.c | 22 ++++++++++----
> > 2 files changed, 56 insertions(+), 11 deletions(-)
> >
> > diff --git a/security/integrity/ima/ima_crypto.c
> b/security/integrity/ima/ima_crypto.c
> > index 73044fc6a952..f2f41a2bc3d4 100644
> > --- a/security/integrity/ima/ima_crypto.c
> > +++ b/security/integrity/ima/ima_crypto.c
> > @@ -655,18 +655,29 @@ static void __init ima_pcrread(u32 idx, struct
> tpm_digest *d)
> > }
> >
> > /*
> > - * Calculate the boot aggregate hash
> > + * The boot_aggregate is a cumulative hash over TPM registers 0 - 7.
> With
> > + * TPM 1.2 the boot_aggregate was based on reading the SHA1 PCRs, but
> with
> > + * TPM 2.0 hash agility, TPM chips could support multiple TPM PCR banks,
> > + * allowing firmware to configure and enable different banks.
> > + *
> > + * Knowing which TPM bank is read to calculate the boot_aggregate
> digest
> > + * needs to be conveyed to a verifier. For this reason, use the same
> > + * hash algorithm for reading the TPM PCRs as for calculating the boot
> > + * aggregate digest as stored in the measurement list.
> > */
> > -static int __init ima_calc_boot_aggregate_tfm(char *digest,
> > +static int __init ima_calc_boot_aggregate_tfm(char *digest, u16 alg_id,
> > struct crypto_shash *tfm)
> > {
> > - struct tpm_digest d = { .alg_id = TPM_ALG_SHA1, .digest = {0} };
> > + struct tpm_digest d = { .alg_id = alg_id, .digest = {0} };
> > int rc;
> > u32 i;
> > SHASH_DESC_ON_STACK(shash, tfm);
> >
> > shash->tfm = tfm;
> >
> > + pr_devel("calculating the boot-aggregate based on TPM
> bank: %04x\n",
> > + d.alg_id);
> > +
>
> Good
>
> > rc = crypto_shash_init(shash);
> > if (rc != 0)
> > return rc;
> > @@ -675,7 +686,8 @@ static int __init ima_calc_boot_aggregate_tfm(char
> *digest,
> > for (i = TPM_PCR0; i < TPM_PCR8; i++) {
> > ima_pcrread(i, &d);
> > /* now accumulate with current aggregate */
> > - rc = crypto_shash_update(shash, d.digest,
> TPM_DIGEST_SIZE);
> > + rc = crypto_shash_update(shash, d.digest,
> > + crypto_shash_digestsize(tfm));
> > }
> > if (!rc)
> > crypto_shash_final(shash, digest);
> > @@ -685,14 +697,35 @@ static int __init
> ima_calc_boot_aggregate_tfm(char *digest,
> > int __init ima_calc_boot_aggregate(struct ima_digest_data *hash)
> > {
> >
> < snip >
> >
> > hash->length = crypto_shash_digestsize(tfm);
> > - rc = ima_calc_boot_aggregate_tfm(hash->digest, tfm);
> > + alg_id = ima_tpm_chip->allocated_banks[bank_idx].alg_id;
> > + rc = ima_calc_boot_aggregate_tfm(hash->digest, alg_id, tfm);
>
> Sure, backporting this change to ima_calc_boot_aggregate_tfm() should
> be fine.
>
> Mimi
>
> > ima_free_tfm(tfm);
> >
More information about the Linux-security-module-archive
mailing list