[GIT PULL] tpmdd updates for Linux 4.5
Hi Here are tpmdd updates for Linux 4.5. Sorry I didn't send this already last week but I had to hold until I get ack from Peter and Mimi before doing anything. Patches are quite well baked for a while now with the exception of small fix from Stefan to tpm_ibmvtpm, which I considered trivial enough to be included. Thanks, hope I did this right and apologies for the delay. /Jarkko The following changes since commit ebd68df3f24b318d391d15c458d6f43f340ba36a: Sync to Linus v4.4-rc2 for LSM developers. (2015-11-23 22:46:28 +1100) are available in the git repository at: https://github.com/jsakkine/linux-tpmdd.git tags/tpmdd-next-20151221 for you to fetch changes up to 5beb0c435bdde35a09376566b0e28f7df87c9f68: keys, trusted: seal with a TPM2 authorization policy (2015-12-20 15:27:13 +0200) tpmdd updates for Linux 4.5 Jarkko Sakkinen (3): keys, trusted: fix: *do not* allow duplicate key options keys, trusted: select hash algorithm for TPM2 chips keys, trusted: seal with a TPM2 authorization policy Jason Gunthorpe (6): tpm_tis: Use devm_free_irq not free_irq tpm_tis: Ensure interrupts are disabled when the driver starts tpm: rework tpm_get_timeouts() tpm_tis: Get rid of the duplicate IRQ probing code tpm_tis: Refactor the interrupt setup tpm_tis: Tighten IRQ auto-probing Martin Wilck (1): tpm_tis: further simplify calculation of ordinal duration Stefan Berger (1): tpm_ibmvtpm: properly handle interrupted packet receptions Documentation/security/keys-trusted-encrypted.txt | 31 ++- crypto/hash_info.c| 2 + drivers/char/tpm/tpm-interface.c | 23 +- drivers/char/tpm/tpm.h| 11 +- drivers/char/tpm/tpm2-cmd.c | 60 - drivers/char/tpm/tpm_crb.c| 14 +- drivers/char/tpm/tpm_ibmvtpm.c| 22 +- drivers/char/tpm/tpm_ibmvtpm.h| 1 + drivers/char/tpm/tpm_tis.c| 256 +- include/crypto/hash_info.h| 3 + include/keys/trusted-type.h | 5 + include/uapi/linux/hash_info.h| 1 + security/keys/Kconfig | 1 + security/keys/trusted.c | 56 - 14 files changed, 300 insertions(+), 186 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v2 1/3] keys, trusted: fix: *do not* allow duplicate key options
On Mon, Dec 14, 2015 at 08:46:33AM -0500, Mimi Zohar wrote:
> On Sun, 2015-12-13 at 17:42 +0200, Jarkko Sakkinen wrote:
> > The trusted keys option parsing allows specifying the same option
> > multiple times. The last option value specified is used.
> >
> > This can be seen as a regression because:
> >
> > * No gain.
> > * Could be problematic if there is be options dependent on other
> > options.
>
> Thanks, Jarkko. Although it should be obvious that patch limits the
> number of times an option can be specified, you should explicitly
> mention it in the patch description.
OK, I'll update the commit message with this information before I send
the pull request. Thanks for the advice!
> Mimi
/Jarkko
>
> > Reported-by: James Morris James Morris <jmor...@namei.org>
> > Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
> > ---
> > security/keys/trusted.c | 3 +++
> > 1 file changed, 3 insertions(+)
> >
> > diff --git a/security/keys/trusted.c b/security/keys/trusted.c
> > index 903dace..7c183c7 100644
> > --- a/security/keys/trusted.c
> > +++ b/security/keys/trusted.c
> > @@ -736,11 +736,14 @@ static int getoptions(char *c, struct
> > trusted_key_payload *pay,
> > int res;
> > unsigned long handle;
> > unsigned long lock;
> > + unsigned long token_mask = 0;
> >
> > while ((p = strsep(, " \t"))) {
> > if (*p == '\0' || *p == ' ' || *p == '\t')
> > continue;
> > token = match_token(p, key_tokens, args);
> > + if (test_and_set_bit(token, _mask))
> > + return -EINVAL;
> >
> > switch (token) {
> > case Opt_pcrinfo:
>
>
> --
> To unsubscribe from this list: send the line "unsubscribe
> linux-security-module" in
> the body of a message to majord...@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v2 3/3] keys, trusted: seal with a TPM2 authorization policy
On Mon, Dec 14, 2015 at 08:49:00AM -0500, Mimi Zohar wrote: > On Sun, 2015-12-13 at 17:42 +0200, Jarkko Sakkinen wrote: > > TPM2 supports authorization policies, which are essentially > > combinational logic statements repsenting the conditions where the data > > can be unsealed based on the TPM state. This patch enables to use > > authorization policies to seal trusted keys. > > > > Two following new options have been added for trusted keys: > > > > * 'policydigest=': provide an auth policy digest for sealing. > > * 'policyhandle=': provide a policy session handle for unsealing. > > > > If 'hash=' option is supplied after 'policydigest=' option, this > > will result an error because the state of the option would become > > mixed. > > > > Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com> > > Tested-by: Colin Ian King <colin.k...@canonical.com> > > --- > > Documentation/security/keys-trusted-encrypted.txt | 34 > > +-- > > drivers/char/tpm/tpm2-cmd.c | 24 +--- > > include/keys/trusted-type.h | 4 +++ > > security/keys/trusted.c | 26 + > > 4 files changed, 70 insertions(+), 18 deletions(-) > > > > diff --git a/Documentation/security/keys-trusted-encrypted.txt > > b/Documentation/security/keys-trusted-encrypted.txt > > index fd2565b..324ddf5 100644 > > --- a/Documentation/security/keys-trusted-encrypted.txt > > +++ b/Documentation/security/keys-trusted-encrypted.txt > > @@ -27,20 +27,26 @@ Usage: > > keyctl print keyid > > > > options: > > - keyhandle= ascii hex value of sealing key default 0x4000 (SRK) > > - keyauth= ascii hex auth for sealing key default 0x00...i > > - (40 ascii zeros) > > - blobauth= ascii hex auth for sealed data default 0x00... > > - (40 ascii zeros) > > - blobauth= ascii hex auth for sealed data default 0x00... > > - (40 ascii zeros) > > - pcrinfo= ascii hex of PCR_INFO or PCR_INFO_LONG (no default) > > - pcrlock= pcr number to be extended to "lock" blob > > - migratable= 0|1 indicating permission to reseal to new PCR values, > > - default 1 (resealing allowed) > > - hash= hash algorithm name as a string. For TPM 1.x the only > > - allowed value is sha1. For TPM 2.x the allowed values > > - are sha1, sha256, sha384, sha512 and sm3-256. > > + keyhandle=ascii hex value of sealing key default 0x4000 > > (SRK) > > + keyauth= ascii hex auth for sealing key default 0x00...i > > + (40 ascii zeros) > > + blobauth= ascii hex auth for sealed data default 0x00... > > + (40 ascii zeros) > > + blobauth= ascii hex auth for sealed data default 0x00... > > + (40 ascii zeros) > > + pcrinfo= ascii hex of PCR_INFO or PCR_INFO_LONG (no default) > > + pcrlock= pcr number to be extended to "lock" blob > > + migratable= 0|1 indicating permission to reseal to new PCR values, > > + default 1 (resealing allowed) > > + hash= hash algorithm name as a string. For TPM 1.x the only > > + allowed value is sha1. For TPM 2.x the allowed values > > + are sha1, sha256, sha384, sha512 and sm3-256. > > + policydigest= digest for the authorization policy. must be > > calculated > > + with the same hash algorithm as specified by the > > 'hash=' > > + option. > > + policyhandle= handle to an authorization policy session that > > defines the > > + same policy and with the same hash algorithm as was > > used to > > + seal the key. > > > > "keyctl print" returns an ascii hex copy of the sealed key, which is in > > standard > > TPM_STORED_DATA format. The key length for new keys are always in bytes. > > diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c > > index d9d0822..45a6340 100644 > > --- a/drivers/char/tpm/tpm2-cmd.c > > +++ b/drivers/char/tpm/tpm2-cmd.c > > @@ -478,12 +478,26 @@ int tpm2_seal_trusted(struct tpm_chip *chip, > > tpm_buf_append_u8(, payload->migratable); > > > > /* public */ > > - tpm_buf_append_u16(,
[PATCH v2 0/3] TPM 2.0 trusted key features for v4.5
These are the remaining features to enable trusted keys for TPM 2.0 that were not finished by the v4.4 merge window. These patches enable authorization policy based sealing (like using PCRs together with a password for example or something more complicated) with a user selected hash algorithm. Jarkko Sakkinen (3): keys, trusted: fix: *do not* allow duplicate key options keys, trusted: select hash algorithm for TPM2 chips keys, trusted: seal with a TPM2 authorization policy Documentation/security/keys-trusted-encrypted.txt | 31 +++- crypto/hash_info.c| 2 + drivers/char/tpm/tpm.h| 10 ++-- drivers/char/tpm/tpm2-cmd.c | 60 --- include/crypto/hash_info.h| 3 ++ include/keys/trusted-type.h | 5 ++ include/uapi/linux/hash_info.h| 1 + security/keys/Kconfig | 1 + security/keys/trusted.c | 56 - 9 files changed, 147 insertions(+), 22 deletions(-) -- 2.5.0 -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 3/3] keys, trusted: seal with a TPM2 authorization policy
TPM2 supports authorization policies, which are essentially
combinational logic statements repsenting the conditions where the data
can be unsealed based on the TPM state. This patch enables to use
authorization policies to seal trusted keys.
Two following new options have been added for trusted keys:
* 'policydigest=': provide an auth policy digest for sealing.
* 'policyhandle=': provide a policy session handle for unsealing.
If 'hash=' option is supplied after 'policydigest=' option, this
will result an error because the state of the option would become
mixed.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
Tested-by: Colin Ian King <colin.k...@canonical.com>
---
Documentation/security/keys-trusted-encrypted.txt | 34 +--
drivers/char/tpm/tpm2-cmd.c | 24 +---
include/keys/trusted-type.h | 4 +++
security/keys/trusted.c | 26 +
4 files changed, 70 insertions(+), 18 deletions(-)
diff --git a/Documentation/security/keys-trusted-encrypted.txt
b/Documentation/security/keys-trusted-encrypted.txt
index fd2565b..324ddf5 100644
--- a/Documentation/security/keys-trusted-encrypted.txt
+++ b/Documentation/security/keys-trusted-encrypted.txt
@@ -27,20 +27,26 @@ Usage:
keyctl print keyid
options:
- keyhandle= ascii hex value of sealing key default 0x4000 (SRK)
- keyauth= ascii hex auth for sealing key default 0x00...i
- (40 ascii zeros)
- blobauth= ascii hex auth for sealed data default 0x00...
- (40 ascii zeros)
- blobauth= ascii hex auth for sealed data default 0x00...
- (40 ascii zeros)
- pcrinfo= ascii hex of PCR_INFO or PCR_INFO_LONG (no default)
- pcrlock= pcr number to be extended to "lock" blob
- migratable= 0|1 indicating permission to reseal to new PCR values,
- default 1 (resealing allowed)
- hash= hash algorithm name as a string. For TPM 1.x the only
- allowed value is sha1. For TPM 2.x the allowed values
- are sha1, sha256, sha384, sha512 and sm3-256.
+ keyhandle=ascii hex value of sealing key default 0x4000 (SRK)
+ keyauth= ascii hex auth for sealing key default 0x00...i
+ (40 ascii zeros)
+ blobauth= ascii hex auth for sealed data default 0x00...
+ (40 ascii zeros)
+ blobauth= ascii hex auth for sealed data default 0x00...
+ (40 ascii zeros)
+ pcrinfo= ascii hex of PCR_INFO or PCR_INFO_LONG (no default)
+ pcrlock= pcr number to be extended to "lock" blob
+ migratable= 0|1 indicating permission to reseal to new PCR values,
+ default 1 (resealing allowed)
+ hash= hash algorithm name as a string. For TPM 1.x the only
+ allowed value is sha1. For TPM 2.x the allowed values
+ are sha1, sha256, sha384, sha512 and sm3-256.
+ policydigest= digest for the authorization policy. must be calculated
+ with the same hash algorithm as specified by the 'hash='
+ option.
+ policyhandle= handle to an authorization policy session that defines the
+ same policy and with the same hash algorithm as was used
to
+ seal the key.
"keyctl print" returns an ascii hex copy of the sealed key, which is in
standard
TPM_STORED_DATA format. The key length for new keys are always in bytes.
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index d9d0822..45a6340 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -478,12 +478,26 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
tpm_buf_append_u8(, payload->migratable);
/* public */
- tpm_buf_append_u16(, 14);
+ if (options->policydigest)
+ tpm_buf_append_u16(, 14 + options->digest_len);
+ else
+ tpm_buf_append_u16(, 14);
tpm_buf_append_u16(, TPM2_ALG_KEYEDHASH);
tpm_buf_append_u16(, hash);
- tpm_buf_append_u32(, TPM2_ATTR_USER_WITH_AUTH);
- tpm_buf_append_u16(, 0); /* policy digest size */
+
+ /* policy */
+ if (options->policydigest) {
+ tpm_buf_append_u32(, 0);
+ tpm_buf_append_u16(, options->digest_len);
+ tpm_buf_append(, options->policydigest,
+ options->digest_len);
+ } else {
+ tpm_buf_append_u32(, TPM2_ATTR_USER_WITH_AUTH);
+ tpm_buf_append_u16(, 0);
+ }
+
+ /* public parameters */
tpm_buf_append_u16(, TPM2_ALG_NULL);
tpm_buf_append_u16(, 0);
@@ -613,7 +627,9 @@ static i
[PATCH v2 1/3] keys, trusted: fix: *do not* allow duplicate key options
The trusted keys option parsing allows specifying the same option
multiple times. The last option value specified is used.
This can be seen as a regression because:
* No gain.
* Could be problematic if there is be options dependent on other
options.
Reported-by: James Morris James Morris <jmor...@namei.org>
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
security/keys/trusted.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index 903dace..7c183c7 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -736,11 +736,14 @@ static int getoptions(char *c, struct trusted_key_payload
*pay,
int res;
unsigned long handle;
unsigned long lock;
+ unsigned long token_mask = 0;
while ((p = strsep(, " \t"))) {
if (*p == '\0' || *p == ' ' || *p == '\t')
continue;
token = match_token(p, key_tokens, args);
+ if (test_and_set_bit(token, _mask))
+ return -EINVAL;
switch (token) {
case Opt_pcrinfo:
--
2.5.0
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 2/3] keys, trusted: select hash algorithm for TPM2 chips
Added 'hash=' option for selecting the hash algorithm for add_key()
syscall and documentation for it.
Added entry for sm3-256 to the following tables in order to support
TPM_ALG_SM3_256:
* hash_algo_name
* hash_digest_size
Includes support for the following hash algorithms:
* sha1
* sha256
* sha384
* sha512
* sm3-256
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
Tested-by: Colin Ian King <colin.k...@canonical.com>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
---
Documentation/security/keys-trusted-encrypted.txt | 3 ++
crypto/hash_info.c| 2 ++
drivers/char/tpm/tpm.h| 10 +--
drivers/char/tpm/tpm2-cmd.c | 36 +--
include/crypto/hash_info.h| 3 ++
include/keys/trusted-type.h | 1 +
include/uapi/linux/hash_info.h| 1 +
security/keys/Kconfig | 1 +
security/keys/trusted.c | 27 -
9 files changed, 77 insertions(+), 7 deletions(-)
diff --git a/Documentation/security/keys-trusted-encrypted.txt
b/Documentation/security/keys-trusted-encrypted.txt
index e105ae9..fd2565b 100644
--- a/Documentation/security/keys-trusted-encrypted.txt
+++ b/Documentation/security/keys-trusted-encrypted.txt
@@ -38,6 +38,9 @@ Usage:
pcrlock= pcr number to be extended to "lock" blob
migratable= 0|1 indicating permission to reseal to new PCR values,
default 1 (resealing allowed)
+ hash= hash algorithm name as a string. For TPM 1.x the only
+ allowed value is sha1. For TPM 2.x the allowed values
+ are sha1, sha256, sha384, sha512 and sm3-256.
"keyctl print" returns an ascii hex copy of the sealed key, which is in
standard
TPM_STORED_DATA format. The key length for new keys are always in bytes.
diff --git a/crypto/hash_info.c b/crypto/hash_info.c
index 3e7ff46..7b1e0b1 100644
--- a/crypto/hash_info.c
+++ b/crypto/hash_info.c
@@ -31,6 +31,7 @@ const char *const hash_algo_name[HASH_ALGO__LAST] = {
[HASH_ALGO_TGR_128] = "tgr128",
[HASH_ALGO_TGR_160] = "tgr160",
[HASH_ALGO_TGR_192] = "tgr192",
+ [HASH_ALGO_SM3_256] = "sm3-256",
};
EXPORT_SYMBOL_GPL(hash_algo_name);
@@ -52,5 +53,6 @@ const int hash_digest_size[HASH_ALGO__LAST] = {
[HASH_ALGO_TGR_128] = TGR128_DIGEST_SIZE,
[HASH_ALGO_TGR_160] = TGR160_DIGEST_SIZE,
[HASH_ALGO_TGR_192] = TGR192_DIGEST_SIZE,
+ [HASH_ALGO_SM3_256] = SM3256_DIGEST_SIZE,
};
EXPORT_SYMBOL_GPL(hash_digest_size);
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index 347fc61..542a80c 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -83,16 +83,20 @@ enum tpm2_structures {
};
enum tpm2_return_codes {
- TPM2_RC_INITIALIZE = 0x0100,
- TPM2_RC_TESTING = 0x090A,
+ TPM2_RC_HASH= 0x0083, /* RC_FMT1 */
+ TPM2_RC_INITIALIZE = 0x0100, /* RC_VER1 */
TPM2_RC_DISABLED= 0x0120,
+ TPM2_RC_TESTING = 0x090A, /* RC_WARN */
};
enum tpm2_algorithms {
TPM2_ALG_SHA1 = 0x0004,
TPM2_ALG_KEYEDHASH = 0x0008,
TPM2_ALG_SHA256 = 0x000B,
- TPM2_ALG_NULL = 0x0010
+ TPM2_ALG_SHA384 = 0x000C,
+ TPM2_ALG_SHA512 = 0x000D,
+ TPM2_ALG_NULL = 0x0010,
+ TPM2_ALG_SM3_256= 0x0012,
};
enum tpm2_command_codes {
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index c121304..d9d0822 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -16,6 +16,7 @@
*/
#include "tpm.h"
+#include
#include
enum tpm2_object_attributes {
@@ -104,6 +105,19 @@ struct tpm2_cmd {
union tpm2_cmd_params params;
} __packed;
+struct tpm2_hash {
+ unsigned int crypto_id;
+ unsigned int tpm_id;
+};
+
+static struct tpm2_hash tpm2_hash_map[] = {
+ {HASH_ALGO_SHA1, TPM2_ALG_SHA1},
+ {HASH_ALGO_SHA256, TPM2_ALG_SHA256},
+ {HASH_ALGO_SHA384, TPM2_ALG_SHA384},
+ {HASH_ALGO_SHA512, TPM2_ALG_SHA512},
+ {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256},
+};
+
/*
* Array with one entry per ordinal defining the maximum amount
* of time the chip could take to return the result. The values
@@ -429,8 +443,20 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
{
unsigned int blob_len;
struct tpm_buf buf;
+ u32 hash;
+ int i;
int rc;
+ for (i = 0; i < ARRAY_SIZE(tpm2_hash_map); i++) {
+ if (options->hash == tpm2_hash_map[i].crypto_id) {
+ hash = tpm2_hash_map[i].tpm_id;
+ break;
+ }
+
Re: [PATCH 2/2] keys, trusted: seal with a policy
On Fri, Nov 20, 2015 at 01:34:35PM +1100, James Morris wrote: > On Wed, 18 Nov 2015, Jarkko Sakkinen wrote: > > > On Wed, Nov 18, 2015 at 11:21:01AM +1100, James Morris wrote: > > > On Tue, 17 Nov 2015, Jarkko Sakkinen wrote: > > > > > > > } > > > > break; > > > > + case Opt_policydigest: > > > > + if (!tpm2 || > > > > + strlen(args[0].from) != (2 * > > > > opt->digest_len)) > > > > + return -EINVAL; > > > > + kfree(opt->policydigest); > > > > + opt->policydigest = kzalloc(opt->digest_len, > > > > + GFP_KERNEL); > > > > > > Is it correct to kfree opt->policydigest here before allocating it? > > > > I think so. The same option might be encountered multiple times. > > This would surely signify an error? I'm following the semantics of other options. That's why I implemented it that way for example: keyctl add trusted kmk "new 32 keyhandle=0x8000 keyhandle=0x8000" is perfectly OK. I just thought that it'd be more odd if this option behaved in a different way... > -- > James Morris > <jmor...@namei.org> /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 2/2] keys, trusted: seal with a policy
On Tue, Nov 17, 2015 at 06:27:22PM +0200, Jarkko Sakkinen wrote: > Support for sealing with a authorization policy. > > Two new options for trusted keys: > > * 'policydigest=': provide an auth policy digest for sealing. > * 'policyhandle=': provide a policy session handle for unsealing. I think it is good to say a word about how to test this since the user space supports is still lagging a bit (there's no way to do a "sticky" handle in TSS2 yet). I have my own low-level test scripts over here: https://github.com/jsakkine/tpm2-scripts Trivial example: KEYHANDLE=$(sudo ./tpm2-root-key) POLICYDIGEST=$(sudo ./tpm2-pcr-policy --pcr 16 --name-alg=sha256 --bank=sha1 --trial) POLICYHANDLE=$(sudo ./tpm2-pcr-policy --pcr 16 --name-alg=sha256 --bank=sha1) KEYID=$(keyctl add trusted kmk "new 32 keyhandle=$KEYHANDLE hash=sha256 policydigest=$POLICYDIGEST" @u) keyctl pipe $KEYID keyctl clear @u keyctl add trusted kmk "load `cat blob.hex` keyhandle=$KEYHANDLE policyhandle=0x0300" @u keyctl clear @u sudo ./tpm2-flush $KEYHANDLE /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 1/2] keys, trusted: select hash algorithm for TPM2 chips
Added 'hash=' option for selecting the hash algorithm for add_key()
syscall and documentation for it.
Added entry for sm3-256 to the following tables in order to support
TPM_ALG_SM3_256:
* hash_algo_name
* hash_digest_size
Includes support for the following hash algorithms:
* sha1
* sha256
* sha384
* sha512
* sm3-256
v2:
* Added missing select CRYPTO_HASH_INFO to security/keys/Kconfig
v3:
* Squashed patches into a single patch as the commits did not make
alone any sense.
* Added a klog message when TPM 1.x is used for sealing and other than
SHA-1 is used as the hash algorithm.
* Got rid of TPM2_HASH_COUNT and moved into ARRAY_SIZE(tpm2_hash_map).
v4:
* Added missing select CRYPTO_HASH_INFO to drivers/char/tpm/Kconfig
v5:
* Minor clean ups.
* Removed dev_dbg() from tpm2-cmd.c in order to get rid of
CRYPTO_HASH_INFO dep.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
Reviewed-by: James Morris <james.l.mor...@oracle.com>
---
Documentation/security/keys-trusted-encrypted.txt | 3 ++
crypto/hash_info.c| 2 ++
drivers/char/tpm/tpm.h| 10 +--
drivers/char/tpm/tpm2-cmd.c | 36 +--
include/crypto/hash_info.h| 3 ++
include/keys/trusted-type.h | 1 +
include/uapi/linux/hash_info.h| 1 +
security/keys/Kconfig | 1 +
security/keys/trusted.c | 27 -
9 files changed, 77 insertions(+), 7 deletions(-)
diff --git a/Documentation/security/keys-trusted-encrypted.txt
b/Documentation/security/keys-trusted-encrypted.txt
index e105ae9..fd2565b 100644
--- a/Documentation/security/keys-trusted-encrypted.txt
+++ b/Documentation/security/keys-trusted-encrypted.txt
@@ -38,6 +38,9 @@ Usage:
pcrlock= pcr number to be extended to "lock" blob
migratable= 0|1 indicating permission to reseal to new PCR values,
default 1 (resealing allowed)
+ hash= hash algorithm name as a string. For TPM 1.x the only
+ allowed value is sha1. For TPM 2.x the allowed values
+ are sha1, sha256, sha384, sha512 and sm3-256.
"keyctl print" returns an ascii hex copy of the sealed key, which is in
standard
TPM_STORED_DATA format. The key length for new keys are always in bytes.
diff --git a/crypto/hash_info.c b/crypto/hash_info.c
index 3e7ff46..7b1e0b1 100644
--- a/crypto/hash_info.c
+++ b/crypto/hash_info.c
@@ -31,6 +31,7 @@ const char *const hash_algo_name[HASH_ALGO__LAST] = {
[HASH_ALGO_TGR_128] = "tgr128",
[HASH_ALGO_TGR_160] = "tgr160",
[HASH_ALGO_TGR_192] = "tgr192",
+ [HASH_ALGO_SM3_256] = "sm3-256",
};
EXPORT_SYMBOL_GPL(hash_algo_name);
@@ -52,5 +53,6 @@ const int hash_digest_size[HASH_ALGO__LAST] = {
[HASH_ALGO_TGR_128] = TGR128_DIGEST_SIZE,
[HASH_ALGO_TGR_160] = TGR160_DIGEST_SIZE,
[HASH_ALGO_TGR_192] = TGR192_DIGEST_SIZE,
+ [HASH_ALGO_SM3_256] = SM3256_DIGEST_SIZE,
};
EXPORT_SYMBOL_GPL(hash_digest_size);
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index a4257a3..cdd49cd 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -83,16 +83,20 @@ enum tpm2_structures {
};
enum tpm2_return_codes {
- TPM2_RC_INITIALIZE = 0x0100,
- TPM2_RC_TESTING = 0x090A,
+ TPM2_RC_HASH= 0x0083, /* RC_FMT1 */
+ TPM2_RC_INITIALIZE = 0x0100, /* RC_VER1 */
TPM2_RC_DISABLED= 0x0120,
+ TPM2_RC_TESTING = 0x090A, /* RC_WARN */
};
enum tpm2_algorithms {
TPM2_ALG_SHA1 = 0x0004,
TPM2_ALG_KEYEDHASH = 0x0008,
TPM2_ALG_SHA256 = 0x000B,
- TPM2_ALG_NULL = 0x0010
+ TPM2_ALG_SHA384 = 0x000C,
+ TPM2_ALG_SHA512 = 0x000D,
+ TPM2_ALG_NULL = 0x0010,
+ TPM2_ALG_SM3_256= 0x0012,
};
enum tpm2_command_codes {
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index c121304..d9d0822 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -16,6 +16,7 @@
*/
#include "tpm.h"
+#include
#include
enum tpm2_object_attributes {
@@ -104,6 +105,19 @@ struct tpm2_cmd {
union tpm2_cmd_params params;
} __packed;
+struct tpm2_hash {
+ unsigned int crypto_id;
+ unsigned int tpm_id;
+};
+
+static struct tpm2_hash tpm2_hash_map[] = {
+ {HASH_ALGO_SHA1, TPM2_ALG_SHA1},
+ {HASH_ALGO_SHA256, TPM2_ALG_SHA256},
+ {HASH_ALGO_SHA384, TPM2_ALG_SHA384},
+ {HASH_ALGO_SHA512, TPM2_ALG_SHA512},
+ {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256},
+};
+
/*
* Array with one entry per ordinal defining the maximum amount
* of
[GIT PULL] TPM fixes for v4.4
Hi James, Here are all critical fixes for the v4.4 changes. I've tried to be conservative. Hope I don't screw this one :) BR, /Jarkko The following changes since commit ba94c3ff20c9c179f2a80f0e4c71e1571ebbf5c7: Merge tag 'keys-next-20151021' of git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs into next (2015-10-23 12:07:52 +1100) are available in the git repository at: https://github.com/jsakkine/linux-tpmdd.git tags/tpmdd-next-20151110 for you to fetch changes up to d56e4f75346933dd2cb11533a668ce883908c859: tpm: fix compat 'ppi' link handling in tpm_chip_register() (2015-11-09 17:52:56 +0200) TPM fixes for v4.4 Christophe JAILLET (1): TPM: Avoid reference to potentially freed memory Jarkko Sakkinen (3): TPM: revert the list handling logic fixed in 398a1e7 tpm: fix missing migratable flag in sealing functionality for TPM2 tpm: fix compat 'ppi' link handling in tpm_chip_register() Martin Wilck (2): tpm_tis: free irq after probing tpm_tis: restore IRQ vector in IO memory after failed probing drivers/char/tpm/tpm-chip.c | 20 +++- drivers/char/tpm/tpm2-cmd.c | 15 ++- drivers/char/tpm/tpm_of.c | 3 ++- drivers/char/tpm/tpm_tis.c | 8 +++- 4 files changed, 30 insertions(+), 16 deletions(-) -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 3/3] tpm: fix missing migratable flag in sealing functionality for TPM2
Hi
Other fixes are ready for the pull request but for this patch peer
check might be useful.
I'm anyway sending the pull request with the five pull patches over
here even if I don't get 'Tested-by:':
https://github.com/jsakkine/linux-tpmdd/commits/fixes
I've tested this patch with fTPM and dTPM and it does not have any
side-effects to TPM 1.2.
/Jarkko
On Thu, Nov 05, 2015 at 12:20:23PM +0200, Jarkko Sakkinen wrote:
> The 'migratable' flag was not added to the key payload. This patch
> fixes the problem.
>
> Fixes: 0fe5480303a1 ("keys, trusted: seal/unseal with TPM 2.0 chips")
> Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
> ---
> drivers/char/tpm/tpm2-cmd.c | 15 ++-
> 1 file changed, 10 insertions(+), 5 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index bd7039f..c121304 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -443,12 +443,13 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
>TPM_DIGEST_SIZE);
>
> /* sensitive */
> - tpm_buf_append_u16(, 4 + TPM_DIGEST_SIZE + payload->key_len);
> + tpm_buf_append_u16(, 4 + TPM_DIGEST_SIZE + payload->key_len + 1);
>
> tpm_buf_append_u16(, TPM_DIGEST_SIZE);
> tpm_buf_append(, options->blobauth, TPM_DIGEST_SIZE);
> - tpm_buf_append_u16(, payload->key_len);
> + tpm_buf_append_u16(, payload->key_len + 1);
> tpm_buf_append(, payload->key, payload->key_len);
> + tpm_buf_append_u8(, payload->migratable);
>
> /* public */
> tpm_buf_append_u16(, 14);
> @@ -573,6 +574,8 @@ static int tpm2_unseal(struct tpm_chip *chip,
> u32 blob_handle)
> {
> struct tpm_buf buf;
> + u16 data_len;
> + u8 *data;
> int rc;
>
> rc = tpm_buf_init(, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL);
> @@ -591,11 +594,13 @@ static int tpm2_unseal(struct tpm_chip *chip,
> rc = -EPERM;
>
> if (!rc) {
> - payload->key_len = be16_to_cpup(
> + data_len = be16_to_cpup(
> (__be16 *) [TPM_HEADER_SIZE + 4]);
> + data = [TPM_HEADER_SIZE + 6];
>
> - memcpy(payload->key, [TPM_HEADER_SIZE + 6],
> -payload->key_len);
> + memcpy(payload->key, data, data_len - 1);
> + payload->key_len = data_len - 1;
> + payload->migratable = data[data_len - 1];
> }
>
> tpm_buf_destroy();
> --
> 2.5.0
>
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v3] keys, trusted: select hash algorithm for TPM2 chips
Added 'hash=' option for selecting the hash algorithm for add_key()
syscall and documentation for it.
Added entry for sm3-256 to the following tables in order to support
TPM_ALG_SM3_256:
* hash_algo_name
* hash_digest_size
Includes support for the following hash algorithms:
* sha1
* sha256
* sha384
* sha512
* sm3-256
v2:
* Added the missing dependency to CRYPTO_HASH_INFO
v3:
* Squashed patches into a single patch as the commits did not make
alone any sense.
* Added a klog message when TPM 1.x is used for sealing and other than
SHA-1 is used as the hash algorithm.
* Got rid of TPM2_HASH_COUNT and moved into ARRAY_SIZE(tpm2_hash_map).
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
Documentation/security/keys-trusted-encrypted.txt | 3 ++
crypto/hash_info.c| 2 ++
drivers/char/tpm/tpm.h| 10 --
drivers/char/tpm/tpm2-cmd.c | 40 +--
include/crypto/hash_info.h| 3 ++
include/keys/trusted-type.h | 1 +
include/uapi/linux/hash_info.h| 1 +
security/keys/Kconfig | 1 +
security/keys/trusted.c | 23 -
9 files changed, 77 insertions(+), 7 deletions(-)
diff --git a/Documentation/security/keys-trusted-encrypted.txt
b/Documentation/security/keys-trusted-encrypted.txt
index e105ae9..fd2565b 100644
--- a/Documentation/security/keys-trusted-encrypted.txt
+++ b/Documentation/security/keys-trusted-encrypted.txt
@@ -38,6 +38,9 @@ Usage:
pcrlock= pcr number to be extended to "lock" blob
migratable= 0|1 indicating permission to reseal to new PCR values,
default 1 (resealing allowed)
+ hash= hash algorithm name as a string. For TPM 1.x the only
+ allowed value is sha1. For TPM 2.x the allowed values
+ are sha1, sha256, sha384, sha512 and sm3-256.
"keyctl print" returns an ascii hex copy of the sealed key, which is in
standard
TPM_STORED_DATA format. The key length for new keys are always in bytes.
diff --git a/crypto/hash_info.c b/crypto/hash_info.c
index 3e7ff46..7b1e0b1 100644
--- a/crypto/hash_info.c
+++ b/crypto/hash_info.c
@@ -31,6 +31,7 @@ const char *const hash_algo_name[HASH_ALGO__LAST] = {
[HASH_ALGO_TGR_128] = "tgr128",
[HASH_ALGO_TGR_160] = "tgr160",
[HASH_ALGO_TGR_192] = "tgr192",
+ [HASH_ALGO_SM3_256] = "sm3-256",
};
EXPORT_SYMBOL_GPL(hash_algo_name);
@@ -52,5 +53,6 @@ const int hash_digest_size[HASH_ALGO__LAST] = {
[HASH_ALGO_TGR_128] = TGR128_DIGEST_SIZE,
[HASH_ALGO_TGR_160] = TGR160_DIGEST_SIZE,
[HASH_ALGO_TGR_192] = TGR192_DIGEST_SIZE,
+ [HASH_ALGO_SM3_256] = SM3256_DIGEST_SIZE,
};
EXPORT_SYMBOL_GPL(hash_digest_size);
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index a4257a3..cdd49cd 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -83,16 +83,20 @@ enum tpm2_structures {
};
enum tpm2_return_codes {
- TPM2_RC_INITIALIZE = 0x0100,
- TPM2_RC_TESTING = 0x090A,
+ TPM2_RC_HASH= 0x0083, /* RC_FMT1 */
+ TPM2_RC_INITIALIZE = 0x0100, /* RC_VER1 */
TPM2_RC_DISABLED= 0x0120,
+ TPM2_RC_TESTING = 0x090A, /* RC_WARN */
};
enum tpm2_algorithms {
TPM2_ALG_SHA1 = 0x0004,
TPM2_ALG_KEYEDHASH = 0x0008,
TPM2_ALG_SHA256 = 0x000B,
- TPM2_ALG_NULL = 0x0010
+ TPM2_ALG_SHA384 = 0x000C,
+ TPM2_ALG_SHA512 = 0x000D,
+ TPM2_ALG_NULL = 0x0010,
+ TPM2_ALG_SM3_256= 0x0012,
};
enum tpm2_command_codes {
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index bd7039f..3acc7b5 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -16,6 +16,7 @@
*/
#include "tpm.h"
+#include
#include
enum tpm2_object_attributes {
@@ -104,6 +105,19 @@ struct tpm2_cmd {
union tpm2_cmd_params params;
} __packed;
+struct tpm2_hash {
+ unsigned int crypto_id;
+ unsigned int tpm_id;
+};
+
+static struct tpm2_hash tpm2_hash_map[] = {
+ {HASH_ALGO_SHA1, TPM2_ALG_SHA1},
+ {HASH_ALGO_SHA256, TPM2_ALG_SHA256},
+ {HASH_ALGO_SHA384, TPM2_ALG_SHA384},
+ {HASH_ALGO_SHA512, TPM2_ALG_SHA512},
+ {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256},
+};
+
/*
* Array with one entry per ordinal defining the maximum amount
* of time the chip could take to return the result. The values
@@ -429,8 +443,24 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
{
unsigned int blob_len;
struct tpm_buf buf;
+ u32 hash = TPM2_ALG_SHA256;
+ int i;
int rc;
+ if (o
[PATCH v4] keys, trusted: select hash algorithm for TPM2 chips
Added 'hash=' option for selecting the hash algorithm for add_key()
syscall and documentation for it.
Added entry for sm3-256 to the following tables in order to support
TPM_ALG_SM3_256:
* hash_algo_name
* hash_digest_size
Includes support for the following hash algorithms:
* sha1
* sha256
* sha384
* sha512
* sm3-256
v2:
* Added missing select CRYPTO_HASH_INFO in security/keys/Kconfig
v3:
* Squashed patches into a single patch as the commits did not make
alone any sense.
* Added a klog message when TPM 1.x is used for sealing and other than
SHA-1 is used as the hash algorithm.
* Got rid of TPM2_HASH_COUNT and moved into ARRAY_SIZE(tpm2_hash_map).
v4:
* Added missing select CRYPTO_HASH_INFO in drivers/char/tpm/Kconfig
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
Documentation/security/keys-trusted-encrypted.txt | 3 ++
crypto/hash_info.c| 2 ++
drivers/char/tpm/Kconfig | 1 +
drivers/char/tpm/tpm.h| 10 --
drivers/char/tpm/tpm2-cmd.c | 40 +--
include/crypto/hash_info.h| 3 ++
include/keys/trusted-type.h | 1 +
include/uapi/linux/hash_info.h| 1 +
security/keys/Kconfig | 1 +
security/keys/trusted.c | 23 -
10 files changed, 78 insertions(+), 7 deletions(-)
diff --git a/Documentation/security/keys-trusted-encrypted.txt
b/Documentation/security/keys-trusted-encrypted.txt
index e105ae9..fd2565b 100644
--- a/Documentation/security/keys-trusted-encrypted.txt
+++ b/Documentation/security/keys-trusted-encrypted.txt
@@ -38,6 +38,9 @@ Usage:
pcrlock= pcr number to be extended to "lock" blob
migratable= 0|1 indicating permission to reseal to new PCR values,
default 1 (resealing allowed)
+ hash= hash algorithm name as a string. For TPM 1.x the only
+ allowed value is sha1. For TPM 2.x the allowed values
+ are sha1, sha256, sha384, sha512 and sm3-256.
"keyctl print" returns an ascii hex copy of the sealed key, which is in
standard
TPM_STORED_DATA format. The key length for new keys are always in bytes.
diff --git a/crypto/hash_info.c b/crypto/hash_info.c
index 3e7ff46..7b1e0b1 100644
--- a/crypto/hash_info.c
+++ b/crypto/hash_info.c
@@ -31,6 +31,7 @@ const char *const hash_algo_name[HASH_ALGO__LAST] = {
[HASH_ALGO_TGR_128] = "tgr128",
[HASH_ALGO_TGR_160] = "tgr160",
[HASH_ALGO_TGR_192] = "tgr192",
+ [HASH_ALGO_SM3_256] = "sm3-256",
};
EXPORT_SYMBOL_GPL(hash_algo_name);
@@ -52,5 +53,6 @@ const int hash_digest_size[HASH_ALGO__LAST] = {
[HASH_ALGO_TGR_128] = TGR128_DIGEST_SIZE,
[HASH_ALGO_TGR_160] = TGR160_DIGEST_SIZE,
[HASH_ALGO_TGR_192] = TGR192_DIGEST_SIZE,
+ [HASH_ALGO_SM3_256] = SM3256_DIGEST_SIZE,
};
EXPORT_SYMBOL_GPL(hash_digest_size);
diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
index 3b84a8b..bd86261 100644
--- a/drivers/char/tpm/Kconfig
+++ b/drivers/char/tpm/Kconfig
@@ -6,6 +6,7 @@ menuconfig TCG_TPM
tristate "TPM Hardware Support"
depends on HAS_IOMEM
select SECURITYFS
+ select CRYPTO_HASH_INFO
---help---
If you have a TPM security chip in your system, which
implements the Trusted Computing Group's specification,
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index a4257a3..cdd49cd 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -83,16 +83,20 @@ enum tpm2_structures {
};
enum tpm2_return_codes {
- TPM2_RC_INITIALIZE = 0x0100,
- TPM2_RC_TESTING = 0x090A,
+ TPM2_RC_HASH= 0x0083, /* RC_FMT1 */
+ TPM2_RC_INITIALIZE = 0x0100, /* RC_VER1 */
TPM2_RC_DISABLED= 0x0120,
+ TPM2_RC_TESTING = 0x090A, /* RC_WARN */
};
enum tpm2_algorithms {
TPM2_ALG_SHA1 = 0x0004,
TPM2_ALG_KEYEDHASH = 0x0008,
TPM2_ALG_SHA256 = 0x000B,
- TPM2_ALG_NULL = 0x0010
+ TPM2_ALG_SHA384 = 0x000C,
+ TPM2_ALG_SHA512 = 0x000D,
+ TPM2_ALG_NULL = 0x0010,
+ TPM2_ALG_SM3_256= 0x0012,
};
enum tpm2_command_codes {
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index bd7039f..3acc7b5 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -16,6 +16,7 @@
*/
#include "tpm.h"
+#include
#include
enum tpm2_object_attributes {
@@ -104,6 +105,19 @@ struct tpm2_cmd {
union tpm2_cmd_params params;
} __packed;
+struct tpm2_hash {
+ unsigned int crypto_id;
+ unsigned int tpm_id;
+};
Re: [PATCH v2 1/3] keys, trusted: select the hash algorithm
On Mon, Nov 02, 2015 at 07:16:49AM -0500, Mimi Zohar wrote:
> On Fri, 2015-10-30 at 13:35 +0200, Jarkko Sakkinen wrote:
>
> > @@ -787,6 +791,20 @@ static int getoptions(char *c, struct
> > trusted_key_payload *pay,
> > return -EINVAL;
> > opt->pcrlock = lock;
> > break;
> > + case Opt_hash:
> > + for (i = 0; i < HASH_ALGO__LAST; i++) {
> > + if (!strcmp(args[0].from, hash_algo_name[i])) {
> > + opt->hash = i;
> > + break;
> > + }
> > + }
> > + res = tpm_is_tpm2(TPM_ANY_NUM);
>
> While looking at this, I wanted to verify that chips are still added to
> the tail of the tpm_chip_list. Unfortunately, commit "afb5abc tpm:
> two-phase chip management functions" reverted David Howell's commit
> "770ab65 TPM: Add new TPMs to the tail of the list to prevent
> inadvertent change of dev".
Ouch. I'll send a fix that reverts the behavior. Good catch and
apologies. Platforms that I've used BIOS let choose either dTPM 1.2 or
fTPM and platforms that have dTPM 2.0 do not have fTPM option at all.
That's why it went unnoticed.
> > + if (res < 0)
> > + return res;
> > + if (i == HASH_ALGO__LAST ||
> > + (!res && i != HASH_ALGO_SHA1))
> > + return -EINVAL;
> > + break;
>
> If the first TPM registered is a TPM 1.2, then changing the default TPM
> 2.0 hash algorithm will fail.
Yup.
> Mimi
>
> > default:
> > return -EINVAL;
> > }
/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH RFC] tpm: seal with a policy
On Mon, Nov 02, 2015 at 07:48:42AM -0500, Mimi Zohar wrote: > On Sat, 2015-10-31 at 17:53 +0200, Jarkko Sakkinen wrote: > > Support for sealing with a policy. > > > > Two new options for trusted keys: > > > > * 'policydigest=': provide a policydigest for the seal operation. > > * 'policyhandle=': provide handle for a policy session for unsealing. > > Please expand the patch description explaining the motivation for these > new options. In what cases are they needed? Are they system or session > policies? They are session policies. By using TPM2 commands you can specify conditions in which unseal should work like auth value, PCRs, localities and so forth and combine these with logical connectors. I'll think about this and write proper documentation. > Mimi /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v2 1/3] keys, trusted: select the hash algorithm
On Mon, Nov 02, 2015 at 07:16:49AM -0500, Mimi Zohar wrote:
> On Fri, 2015-10-30 at 13:35 +0200, Jarkko Sakkinen wrote:
>
> > @@ -787,6 +791,20 @@ static int getoptions(char *c, struct
> > trusted_key_payload *pay,
> > return -EINVAL;
> > opt->pcrlock = lock;
> > break;
> > + case Opt_hash:
> > + for (i = 0; i < HASH_ALGO__LAST; i++) {
> > + if (!strcmp(args[0].from, hash_algo_name[i])) {
> > + opt->hash = i;
> > + break;
> > + }
> > + }
> > + res = tpm_is_tpm2(TPM_ANY_NUM);
>
> While looking at this, I wanted to verify that chips are still added to
> the tail of the tpm_chip_list. Unfortunately, commit "afb5abc tpm:
> two-phase chip management functions" reverted David Howell's commit
> "770ab65 TPM: Add new TPMs to the tail of the list to prevent
> inadvertent change of dev".
>
> > + if (res < 0)
> > + return res;
> > + if (i == HASH_ALGO__LAST ||
> > + (!res && i != HASH_ALGO_SHA1))
> > + return -EINVAL;
> > + break;
>
> If the first TPM registered is a TPM 1.2, then changing the default TPM
> 2.0 hash algorithm will fail.
Now that we are going fix this issue in 4.3 and 4.4 do you find this
patch otherwise acceptable?
PS. In other options that we don't support in TPM2 I'm planning to
submit a fix that they will return -EINVAL (like pcrinfo).
> Mimi
/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH RFC] tpm: seal with a policy
Support for sealing with a policy.
Two new options for trusted keys:
* 'policydigest=': provide a policydigest for the seal operation.
* 'policyhandle=': provide handle for a policy session for unsealing.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
drivers/char/tpm/Kconfig| 1 +
drivers/char/tpm/tpm2-cmd.c | 20 +---
include/keys/trusted-type.h | 3 +++
security/keys/trusted.c | 26 --
4 files changed, 45 insertions(+), 5 deletions(-)
diff --git a/drivers/char/tpm/Kconfig b/drivers/char/tpm/Kconfig
index 3b84a8b..bd86261 100644
--- a/drivers/char/tpm/Kconfig
+++ b/drivers/char/tpm/Kconfig
@@ -6,6 +6,7 @@ menuconfig TCG_TPM
tristate "TPM Hardware Support"
depends on HAS_IOMEM
select SECURITYFS
+ select CRYPTO_HASH_INFO
---help---
If you have a TPM security chip in your system, which
implements the Trusted Computing Group's specification,
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index b08a0b4..6f567c3 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -463,6 +463,9 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
return -EINVAL;
}
+ if (options->policydigest_len > hash_digest_size[options->hash])
+ return -EINVAL;
+
rc = tpm_buf_init(, TPM2_ST_SESSIONS, TPM2_CC_CREATE);
if (rc)
return rc;
@@ -488,8 +491,17 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
tpm_buf_append_u16(, TPM2_ALG_KEYEDHASH);
tpm_buf_append_u16(, hash);
- tpm_buf_append_u32(, TPM2_ATTR_USER_WITH_AUTH);
- tpm_buf_append_u16(, 0); /* policy digest size */
+
+ if (options->policydigest_len) {
+ tpm_buf_append_u32(, 0);
+ tpm_buf_append_u16(, options->policydigest_len);
+ tpm_buf_append(, options->policydigest,
+ options->policydigest_len);
+ } else {
+ tpm_buf_append_u32(, TPM2_ATTR_USER_WITH_AUTH);
+ tpm_buf_append_u16(, 0);
+ }
+
tpm_buf_append_u16(, TPM2_ALG_NULL);
tpm_buf_append_u16(, 0);
@@ -617,7 +629,9 @@ static int tpm2_unseal(struct tpm_chip *chip,
return rc;
tpm_buf_append_u32(, blob_handle);
- tpm2_buf_append_auth(, TPM2_RS_PW,
+ tpm2_buf_append_auth(,
+options->policyhandle ?
+options->policyhandle : TPM2_RS_PW,
NULL /* nonce */, 0,
0 /* session_attributes */,
options->blobauth /* hmac */,
diff --git a/include/keys/trusted-type.h b/include/keys/trusted-type.h
index a6a1008..e4beeca 100644
--- a/include/keys/trusted-type.h
+++ b/include/keys/trusted-type.h
@@ -37,6 +37,9 @@ struct trusted_key_options {
unsigned char pcrinfo[MAX_PCRINFO_SIZE];
int pcrlock;
uint32_t hash;
+ uint32_t policydigest_len;
+ unsigned char *policydigest;
+ uint32_t policyhandle;
};
extern struct key_type key_type_trusted;
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index 7a87bcd..ea043ff 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -713,6 +713,8 @@ enum {
Opt_keyhandle, Opt_keyauth, Opt_blobauth,
Opt_pcrinfo, Opt_pcrlock, Opt_migratable,
Opt_hash,
+ Opt_policydigest,
+ Opt_policyhandle,
};
static const match_table_t key_tokens = {
@@ -726,6 +728,8 @@ static const match_table_t key_tokens = {
{Opt_pcrlock, "pcrlock=%s"},
{Opt_migratable, "migratable=%s"},
{Opt_hash, "hash=%s"},
+ {Opt_policydigest, "policydigest=%s"},
+ {Opt_policyhandle, "policyhandle=%s"},
{Opt_err, NULL}
};
@@ -804,6 +808,17 @@ static int getoptions(char *c, struct trusted_key_payload
*pay,
if (i == HASH_ALGO__LAST ||
(!res && i != HASH_ALGO_SHA1))
return -EINVAL;
+ case Opt_policydigest:
+ opt->policydigest_len = strlen(args[0].from);
+ opt->policydigest = kstrdup(args[0].from, GFP_KERNEL);
+ if (!opt->policydigest)
+ return -ENOMEM;
+ break;
+ case Opt_policyhandle:
+ res = kstrtoul(args[0].from, 16, );
+ if (res < 0)
+ return -EINVAL;
+ opt->policyhandle = handle;
break;
default:
return -EINVAL;
@@ -897,6 +912,13 @@ static struct trusted_key_options
*trusted_options_alloc(void)
return op
[PATCH v2 3/3] tpm: choose hash algorithm for sealing when using TPM 2.0
Support for the following hash algorithms in TPM 2.0 trusted key
sealing:
* sha1
* sha256
* sha384
* sha512
* sm3-256
The hash algorithm can be selected by using HASH_ALGO_* constants in
include/uapi/linux/hash_info.h.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
drivers/char/tpm/tpm.h | 10 +++---
drivers/char/tpm/tpm2-cmd.c | 42 +++---
2 files changed, 46 insertions(+), 6 deletions(-)
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index a4257a3..cdd49cd 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -83,16 +83,20 @@ enum tpm2_structures {
};
enum tpm2_return_codes {
- TPM2_RC_INITIALIZE = 0x0100,
- TPM2_RC_TESTING = 0x090A,
+ TPM2_RC_HASH= 0x0083, /* RC_FMT1 */
+ TPM2_RC_INITIALIZE = 0x0100, /* RC_VER1 */
TPM2_RC_DISABLED= 0x0120,
+ TPM2_RC_TESTING = 0x090A, /* RC_WARN */
};
enum tpm2_algorithms {
TPM2_ALG_SHA1 = 0x0004,
TPM2_ALG_KEYEDHASH = 0x0008,
TPM2_ALG_SHA256 = 0x000B,
- TPM2_ALG_NULL = 0x0010
+ TPM2_ALG_SHA384 = 0x000C,
+ TPM2_ALG_SHA512 = 0x000D,
+ TPM2_ALG_NULL = 0x0010,
+ TPM2_ALG_SM3_256= 0x0012,
};
enum tpm2_command_codes {
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index bd7039f..bc2564e 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -16,6 +16,7 @@
*/
#include "tpm.h"
+#include
#include
enum tpm2_object_attributes {
@@ -104,6 +105,21 @@ struct tpm2_cmd {
union tpm2_cmd_params params;
} __packed;
+struct tpm2_hash {
+ unsigned int crypto_id;
+ unsigned int tpm_id;
+};
+
+static struct tpm2_hash tpm2_hash_map[] = {
+ {HASH_ALGO_SHA1, TPM2_ALG_SHA1},
+ {HASH_ALGO_SHA256, TPM2_ALG_SHA256},
+ {HASH_ALGO_SHA384, TPM2_ALG_SHA384},
+ {HASH_ALGO_SHA512, TPM2_ALG_SHA512},
+ {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256},
+};
+
+#define TPM2_HASH_COUNT (sizeof(tpm2_hash_map) / sizeof(tpm2_hash_map[1]))
+
/*
* Array with one entry per ordinal defining the maximum amount
* of time the chip could take to return the result. The values
@@ -429,8 +445,24 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
{
unsigned int blob_len;
struct tpm_buf buf;
+ u32 hash = TPM2_ALG_SHA256;
+ int i;
int rc;
+ if (options->hash) {
+ for (i = 0; i < TPM2_HASH_COUNT; i++) {
+ if (options->hash == tpm2_hash_map[i].crypto_id) {
+ hash = tpm2_hash_map[i].tpm_id;
+ dev_dbg(chip->pdev, "%s: hash: %s 0x%08X\n",
+ __func__, hash_algo_name[i], hash);
+ break;
+ }
+ }
+
+ if (i == TPM2_HASH_COUNT)
+ return -EINVAL;
+ }
+
rc = tpm_buf_init(, TPM2_ST_SESSIONS, TPM2_CC_CREATE);
if (rc)
return rc;
@@ -454,7 +486,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
tpm_buf_append_u16(, 14);
tpm_buf_append_u16(, TPM2_ALG_KEYEDHASH);
- tpm_buf_append_u16(, TPM2_ALG_SHA256);
+ tpm_buf_append_u16(, hash);
tpm_buf_append_u32(, TPM2_ATTR_USER_WITH_AUTH);
tpm_buf_append_u16(, 0); /* policy digest size */
tpm_buf_append_u16(, TPM2_ALG_NULL);
@@ -487,8 +519,12 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
out:
tpm_buf_destroy();
- if (rc > 0)
- rc = -EPERM;
+ if (rc > 0) {
+ if ((rc & TPM2_RC_HASH) == TPM2_RC_HASH)
+ rc = -EINVAL;
+ else
+ rc = -EPERM;
+ }
return rc;
}
--
2.5.0
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 2/3] crypto: add entry for sm3-256
Added entry for sm3-256 to the following tables:
* hash_algo_name
* hash_digest_size
Needed for TPM 2.0 trusted key sealing.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
crypto/hash_info.c | 2 ++
include/crypto/hash_info.h | 3 +++
include/uapi/linux/hash_info.h | 1 +
3 files changed, 6 insertions(+)
diff --git a/crypto/hash_info.c b/crypto/hash_info.c
index 3e7ff46..7b1e0b1 100644
--- a/crypto/hash_info.c
+++ b/crypto/hash_info.c
@@ -31,6 +31,7 @@ const char *const hash_algo_name[HASH_ALGO__LAST] = {
[HASH_ALGO_TGR_128] = "tgr128",
[HASH_ALGO_TGR_160] = "tgr160",
[HASH_ALGO_TGR_192] = "tgr192",
+ [HASH_ALGO_SM3_256] = "sm3-256",
};
EXPORT_SYMBOL_GPL(hash_algo_name);
@@ -52,5 +53,6 @@ const int hash_digest_size[HASH_ALGO__LAST] = {
[HASH_ALGO_TGR_128] = TGR128_DIGEST_SIZE,
[HASH_ALGO_TGR_160] = TGR160_DIGEST_SIZE,
[HASH_ALGO_TGR_192] = TGR192_DIGEST_SIZE,
+ [HASH_ALGO_SM3_256] = SM3256_DIGEST_SIZE,
};
EXPORT_SYMBOL_GPL(hash_digest_size);
diff --git a/include/crypto/hash_info.h b/include/crypto/hash_info.h
index e1e5a3e..56f217d 100644
--- a/include/crypto/hash_info.h
+++ b/include/crypto/hash_info.h
@@ -34,6 +34,9 @@
#define TGR160_DIGEST_SIZE 20
#define TGR192_DIGEST_SIZE 24
+/* not defined in include/crypto/ */
+#define SM3256_DIGEST_SIZE 32
+
extern const char *const hash_algo_name[HASH_ALGO__LAST];
extern const int hash_digest_size[HASH_ALGO__LAST];
diff --git a/include/uapi/linux/hash_info.h b/include/uapi/linux/hash_info.h
index ca18c45..ebf8fd8 100644
--- a/include/uapi/linux/hash_info.h
+++ b/include/uapi/linux/hash_info.h
@@ -31,6 +31,7 @@ enum hash_algo {
HASH_ALGO_TGR_128,
HASH_ALGO_TGR_160,
HASH_ALGO_TGR_192,
+ HASH_ALGO_SM3_256,
HASH_ALGO__LAST
};
--
2.5.0
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 0/3] TPM2: select hash algorithm for a trusted key
Jarkko Sakkinen (3): keys, trusted: select the hash algorithm crypto: add entry for sm3-256 tpm: choose hash algorithm for sealing when using TPM 2.0 Documentation/security/keys-trusted-encrypted.txt | 3 ++ crypto/hash_info.c| 2 ++ drivers/char/tpm/tpm.h| 10 -- drivers/char/tpm/tpm2-cmd.c | 42 +-- include/crypto/hash_info.h| 3 ++ include/keys/trusted-type.h | 1 + include/uapi/linux/hash_info.h| 1 + security/keys/Kconfig | 1 + security/keys/trusted.c | 20 ++- 9 files changed, 76 insertions(+), 7 deletions(-) -- 2.5.0 -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v1 4/4] keys, trusted: update documentation for 'hash=' option
On Thu, Oct 29, 2015 at 03:26:02PM -0400, Mimi Zohar wrote: > On Thu, 2015-10-29 at 17:59 +0200, Jarkko Sakkinen wrote: > > Documented 'hash=' option. > > No reason for a separate patch. Please squash this patch with the one > that introduced the new option. Right. I'm going to do this and also swapping the order of patches (from "1. tpm 2. trusted" to "1. trusted 2. tpm") so that they can be tested separately (and thereby also moving change to trusted_key_option to "trusted" patch). > Mimi /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v1 1/4] crypto: add entry for sm3-256
Added entry for sm3-256 to the following tables:
* hash_algo_name
* hash_digest_size
Needed for TPM 2.0 trusted key sealing.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
crypto/hash_info.c | 2 ++
include/crypto/hash_info.h | 3 +++
include/uapi/linux/hash_info.h | 1 +
3 files changed, 6 insertions(+)
diff --git a/crypto/hash_info.c b/crypto/hash_info.c
index 3e7ff46..6f3a113 100644
--- a/crypto/hash_info.c
+++ b/crypto/hash_info.c
@@ -31,6 +31,7 @@ const char *const hash_algo_name[HASH_ALGO__LAST] = {
[HASH_ALGO_TGR_128] = "tgr128",
[HASH_ALGO_TGR_160] = "tgr160",
[HASH_ALGO_TGR_192] = "tgr192",
+ [HASH_ALGO_SM3_256] = "sm3-256",
};
EXPORT_SYMBOL_GPL(hash_algo_name);
@@ -52,5 +53,6 @@ const int hash_digest_size[HASH_ALGO__LAST] = {
[HASH_ALGO_TGR_128] = TGR128_DIGEST_SIZE,
[HASH_ALGO_TGR_160] = TGR160_DIGEST_SIZE,
[HASH_ALGO_TGR_192] = TGR192_DIGEST_SIZE,
+ [HASH_ALGO_SM3_256] = SM3_256_DIGEST_SIZE,
};
EXPORT_SYMBOL_GPL(hash_digest_size);
diff --git a/include/crypto/hash_info.h b/include/crypto/hash_info.h
index e1e5a3e..d86e050 100644
--- a/include/crypto/hash_info.h
+++ b/include/crypto/hash_info.h
@@ -34,6 +34,9 @@
#define TGR160_DIGEST_SIZE 20
#define TGR192_DIGEST_SIZE 24
+/* not defined in include/crypto/ */
+#define SM3_256_DIGEST_SIZE 32
+
extern const char *const hash_algo_name[HASH_ALGO__LAST];
extern const int hash_digest_size[HASH_ALGO__LAST];
diff --git a/include/uapi/linux/hash_info.h b/include/uapi/linux/hash_info.h
index ca18c45..ebf8fd8 100644
--- a/include/uapi/linux/hash_info.h
+++ b/include/uapi/linux/hash_info.h
@@ -31,6 +31,7 @@ enum hash_algo {
HASH_ALGO_TGR_128,
HASH_ALGO_TGR_160,
HASH_ALGO_TGR_192,
+ HASH_ALGO_SM3_256,
HASH_ALGO__LAST
};
--
2.5.0
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v1 4/4] keys, trusted: update documentation for 'hash=' option
Documented 'hash=' option. Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com> --- Documentation/security/keys-trusted-encrypted.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/Documentation/security/keys-trusted-encrypted.txt b/Documentation/security/keys-trusted-encrypted.txt index e105ae9..fd2565b 100644 --- a/Documentation/security/keys-trusted-encrypted.txt +++ b/Documentation/security/keys-trusted-encrypted.txt @@ -38,6 +38,9 @@ Usage: pcrlock= pcr number to be extended to "lock" blob migratable= 0|1 indicating permission to reseal to new PCR values, default 1 (resealing allowed) + hash= hash algorithm name as a string. For TPM 1.x the only + allowed value is sha1. For TPM 2.x the allowed values + are sha1, sha256, sha384, sha512 and sm3-256. "keyctl print" returns an ascii hex copy of the sealed key, which is in standard TPM_STORED_DATA format. The key length for new keys are always in bytes. -- 2.5.0 -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v1 0/4] TPM2: select hash algorithm for a trusted key
Jarkko Sakkinen (4): crypto: add entry for sm3-256 tpm: choose hash algorithm for sealing when using TPM 2.0 keys, trusted: select the hash algorithm keys, trusted: update documentation for 'hash=' option Documentation/security/keys-trusted-encrypted.txt | 3 ++ crypto/hash_info.c| 2 ++ drivers/char/tpm/tpm.h| 10 -- drivers/char/tpm/tpm2-cmd.c | 42 +-- include/crypto/hash_info.h| 3 ++ include/keys/trusted-type.h | 1 + include/uapi/linux/hash_info.h| 1 + security/keys/trusted.c | 20 ++- 8 files changed, 75 insertions(+), 7 deletions(-) -- 2.5.0 -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v1 3/4] keys, trusted: select the hash algorithm
Added 'hash=' option for selecting the hash algorithm for add_key()
syscall.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
security/keys/trusted.c | 20 +++-
1 file changed, 19 insertions(+), 1 deletion(-)
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index d3633cf..7a87bcd 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -11,6 +11,7 @@
* See Documentation/security/keys-trusted-encrypted.txt
*/
+#include
#include
#include
#include
@@ -710,7 +711,8 @@ enum {
Opt_err = -1,
Opt_new, Opt_load, Opt_update,
Opt_keyhandle, Opt_keyauth, Opt_blobauth,
- Opt_pcrinfo, Opt_pcrlock, Opt_migratable
+ Opt_pcrinfo, Opt_pcrlock, Opt_migratable,
+ Opt_hash,
};
static const match_table_t key_tokens = {
@@ -723,6 +725,7 @@ static const match_table_t key_tokens = {
{Opt_pcrinfo, "pcrinfo=%s"},
{Opt_pcrlock, "pcrlock=%s"},
{Opt_migratable, "migratable=%s"},
+ {Opt_hash, "hash=%s"},
{Opt_err, NULL}
};
@@ -736,6 +739,7 @@ static int getoptions(char *c, struct trusted_key_payload
*pay,
int res;
unsigned long handle;
unsigned long lock;
+ int i;
while ((p = strsep(, " \t"))) {
if (*p == '\0' || *p == ' ' || *p == '\t')
@@ -787,6 +791,20 @@ static int getoptions(char *c, struct trusted_key_payload
*pay,
return -EINVAL;
opt->pcrlock = lock;
break;
+ case Opt_hash:
+ for (i = 0; i < HASH_ALGO__LAST; i++) {
+ if (!strcmp(args[0].from, hash_algo_name[i])) {
+ opt->hash = i;
+ break;
+ }
+ }
+ res = tpm_is_tpm2(TPM_ANY_NUM);
+ if (res < 0)
+ return res;
+ if (i == HASH_ALGO__LAST ||
+ (!res && i != HASH_ALGO_SHA1))
+ return -EINVAL;
+ break;
default:
return -EINVAL;
}
--
2.5.0
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v1 2/4] tpm: choose hash algorithm for sealing when using TPM 2.0
Added hash member to the struct trusted_key_options for choosing the
hash algorithm and support for the following hash algorithms to the TPM
2.0 sealing code:
* sha1
* sha256
* sha384
* sha512
* sm3-256
The hash algorithm can be selected by using HASH_ALGO_* constants in
include/uapi/linux/hash_info.h.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
drivers/char/tpm/tpm.h | 10 +++---
drivers/char/tpm/tpm2-cmd.c | 42 +++---
include/keys/trusted-type.h | 1 +
3 files changed, 47 insertions(+), 6 deletions(-)
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index a4257a3..cdd49cd 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -83,16 +83,20 @@ enum tpm2_structures {
};
enum tpm2_return_codes {
- TPM2_RC_INITIALIZE = 0x0100,
- TPM2_RC_TESTING = 0x090A,
+ TPM2_RC_HASH= 0x0083, /* RC_FMT1 */
+ TPM2_RC_INITIALIZE = 0x0100, /* RC_VER1 */
TPM2_RC_DISABLED= 0x0120,
+ TPM2_RC_TESTING = 0x090A, /* RC_WARN */
};
enum tpm2_algorithms {
TPM2_ALG_SHA1 = 0x0004,
TPM2_ALG_KEYEDHASH = 0x0008,
TPM2_ALG_SHA256 = 0x000B,
- TPM2_ALG_NULL = 0x0010
+ TPM2_ALG_SHA384 = 0x000C,
+ TPM2_ALG_SHA512 = 0x000D,
+ TPM2_ALG_NULL = 0x0010,
+ TPM2_ALG_SM3_256= 0x0012,
};
enum tpm2_command_codes {
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index bd7039f..bc2564e 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -16,6 +16,7 @@
*/
#include "tpm.h"
+#include
#include
enum tpm2_object_attributes {
@@ -104,6 +105,21 @@ struct tpm2_cmd {
union tpm2_cmd_params params;
} __packed;
+struct tpm2_hash {
+ unsigned int crypto_id;
+ unsigned int tpm_id;
+};
+
+static struct tpm2_hash tpm2_hash_map[] = {
+ {HASH_ALGO_SHA1, TPM2_ALG_SHA1},
+ {HASH_ALGO_SHA256, TPM2_ALG_SHA256},
+ {HASH_ALGO_SHA384, TPM2_ALG_SHA384},
+ {HASH_ALGO_SHA512, TPM2_ALG_SHA512},
+ {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256},
+};
+
+#define TPM2_HASH_COUNT (sizeof(tpm2_hash_map) / sizeof(tpm2_hash_map[1]))
+
/*
* Array with one entry per ordinal defining the maximum amount
* of time the chip could take to return the result. The values
@@ -429,8 +445,24 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
{
unsigned int blob_len;
struct tpm_buf buf;
+ u32 hash = TPM2_ALG_SHA256;
+ int i;
int rc;
+ if (options->hash) {
+ for (i = 0; i < TPM2_HASH_COUNT; i++) {
+ if (options->hash == tpm2_hash_map[i].crypto_id) {
+ hash = tpm2_hash_map[i].tpm_id;
+ dev_dbg(chip->pdev, "%s: hash: %s 0x%08X\n",
+ __func__, hash_algo_name[i], hash);
+ break;
+ }
+ }
+
+ if (i == TPM2_HASH_COUNT)
+ return -EINVAL;
+ }
+
rc = tpm_buf_init(, TPM2_ST_SESSIONS, TPM2_CC_CREATE);
if (rc)
return rc;
@@ -454,7 +486,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
tpm_buf_append_u16(, 14);
tpm_buf_append_u16(, TPM2_ALG_KEYEDHASH);
- tpm_buf_append_u16(, TPM2_ALG_SHA256);
+ tpm_buf_append_u16(, hash);
tpm_buf_append_u32(, TPM2_ATTR_USER_WITH_AUTH);
tpm_buf_append_u16(, 0); /* policy digest size */
tpm_buf_append_u16(, TPM2_ALG_NULL);
@@ -487,8 +519,12 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
out:
tpm_buf_destroy();
- if (rc > 0)
- rc = -EPERM;
+ if (rc > 0) {
+ if ((rc & TPM2_RC_HASH) == TPM2_RC_HASH)
+ rc = -EINVAL;
+ else
+ rc = -EPERM;
+ }
return rc;
}
diff --git a/include/keys/trusted-type.h b/include/keys/trusted-type.h
index f91ecd9..8fed58d 100644
--- a/include/keys/trusted-type.h
+++ b/include/keys/trusted-type.h
@@ -36,6 +36,7 @@ struct trusted_key_options {
uint32_t pcrinfo_len;
unsigned char pcrinfo[MAX_PCRINFO_SIZE];
int pcrlock;
+ unsigned int hash;
};
extern struct key_type key_type_trusted;
--
2.5.0
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v1 2/4] tpm: choose hash algorithm for sealing when using TPM 2.0
On Thu, Oct 29, 2015 at 05:59:26PM +0200, Jarkko Sakkinen wrote:
> Added hash member to the struct trusted_key_options for choosing the
> hash algorithm and support for the following hash algorithms to the TPM
> 2.0 sealing code:
>
> * sha1
> * sha256
> * sha384
> * sha512
> * sm3-256
>
> The hash algorithm can be selected by using HASH_ALGO_* constants in
> include/uapi/linux/hash_info.h.
>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
> ---
> drivers/char/tpm/tpm.h | 10 +++---
> drivers/char/tpm/tpm2-cmd.c | 42 +++---
> include/keys/trusted-type.h | 1 +
> 3 files changed, 47 insertions(+), 6 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index a4257a3..cdd49cd 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -83,16 +83,20 @@ enum tpm2_structures {
> };
>
> enum tpm2_return_codes {
> - TPM2_RC_INITIALIZE = 0x0100,
> - TPM2_RC_TESTING = 0x090A,
> + TPM2_RC_HASH= 0x0083, /* RC_FMT1 */
> + TPM2_RC_INITIALIZE = 0x0100, /* RC_VER1 */
> TPM2_RC_DISABLED= 0x0120,
> + TPM2_RC_TESTING = 0x090A, /* RC_WARN */
> };
>
> enum tpm2_algorithms {
> TPM2_ALG_SHA1 = 0x0004,
> TPM2_ALG_KEYEDHASH = 0x0008,
> TPM2_ALG_SHA256 = 0x000B,
> - TPM2_ALG_NULL = 0x0010
> + TPM2_ALG_SHA384 = 0x000C,
> + TPM2_ALG_SHA512 = 0x000D,
> + TPM2_ALG_NULL = 0x0010,
> + TPM2_ALG_SM3_256= 0x0012,
> };
>
> enum tpm2_command_codes {
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index bd7039f..bc2564e 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -16,6 +16,7 @@
> */
>
> #include "tpm.h"
> +#include
> #include
>
> enum tpm2_object_attributes {
> @@ -104,6 +105,21 @@ struct tpm2_cmd {
> union tpm2_cmd_params params;
> } __packed;
>
> +struct tpm2_hash {
> + unsigned int crypto_id;
> + unsigned int tpm_id;
> +};
> +
> +static struct tpm2_hash tpm2_hash_map[] = {
> + {HASH_ALGO_SHA1, TPM2_ALG_SHA1},
> + {HASH_ALGO_SHA256, TPM2_ALG_SHA256},
> + {HASH_ALGO_SHA384, TPM2_ALG_SHA384},
> + {HASH_ALGO_SHA512, TPM2_ALG_SHA512},
> + {HASH_ALGO_SM3_256, TPM2_ALG_SM3_256},
> +};
> +
> +#define TPM2_HASH_COUNT (sizeof(tpm2_hash_map) / sizeof(tpm2_hash_map[1]))
> +
> /*
> * Array with one entry per ordinal defining the maximum amount
> * of time the chip could take to return the result. The values
> @@ -429,8 +445,24 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
> {
> unsigned int blob_len;
> struct tpm_buf buf;
> + u32 hash = TPM2_ALG_SHA256;
> + int i;
> int rc;
>
> + if (options->hash) {
> + for (i = 0; i < TPM2_HASH_COUNT; i++) {
> + if (options->hash == tpm2_hash_map[i].crypto_id) {
> + hash = tpm2_hash_map[i].tpm_id;
> + dev_dbg(chip->pdev, "%s: hash: %s 0x%08X\n",
> + __func__, hash_algo_name[i], hash);
> + break;
> + }
> + }
> +
> + if (i == TPM2_HASH_COUNT)
> + return -EINVAL;
> + }
> +
> rc = tpm_buf_init(, TPM2_ST_SESSIONS, TPM2_CC_CREATE);
> if (rc)
> return rc;
> @@ -454,7 +486,7 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
> tpm_buf_append_u16(, 14);
>
> tpm_buf_append_u16(, TPM2_ALG_KEYEDHASH);
> - tpm_buf_append_u16(, TPM2_ALG_SHA256);
> + tpm_buf_append_u16(, hash);
> tpm_buf_append_u32(, TPM2_ATTR_USER_WITH_AUTH);
> tpm_buf_append_u16(, 0); /* policy digest size */
> tpm_buf_append_u16(, TPM2_ALG_NULL);
> @@ -487,8 +519,12 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
> out:
> tpm_buf_destroy();
>
> - if (rc > 0)
> - rc = -EPERM;
> + if (rc > 0) {
> + if ((rc & TPM2_RC_HASH) == TPM2_RC_HASH)
> + rc = -EINVAL;
> + else
> + rc = -EPERM;
> + }
>
> return rc;
> }
> diff --git a/include/keys/trusted-type.h b/include/keys/trusted-type.h
> index f91ecd9..8fed58d 100644
> --- a/include/keys/trusted-type.h
> +++ b/include/keys/trusted-type.h
> @@ -36,6 +36,7 @@ struct trusted_key_options {
> uint32_t pcrinfo_len;
> unsigned char pcrinfo[MAX_PCRINFO_SIZE];
> int pcrlock;
> + unsigned int hash;
uint32_t probably here just for the sake of consistency.
> };
>
> extern struct key_type key_type_trusted;
> --
> 2.5.0
>
/Jarkko
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] keys, trusted: select TPM2 hash algorithm
On Sun, Oct 25, 2015 at 03:21:31PM -0400, Mimi Zohar wrote: > On Sat, 2015-10-24 at 15:42 +0300, Jarkko Sakkinen wrote: > > Added 'hashalg=' option for selecting the hash algorithm. > > > > Currently available options are: > > > > * sha1 > > * sha256 > > * sha384 > > * sha512 > > * sm3_256 > > Please consider using crypto/hash_info.c: hash_algo_name[], which > already define the algorithm string names. Use > include/crypto/hash_info.c to include a reference to this array. It wold work for me. I did ad-hoc because first example that I looked at was EcryptFS. I need to add sm3_256 to that array. I've found three different ways to write it: * sm3256 (various google hits) * sm3-256 (various google hits) * sm3_256 (TPM 2.0 Structures specification) Maybe the second option would be the most appropriate? > Boot command line options should be prefixed with the subsystem name. > So instead of hashalg, please use tpm_hashalg. The boot command line > option needs to be documented in Documentation/kernel-parameters.txt. I see. My commit message is clearly inadequate. It's an option for the keyring syscalls. > Mimi /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] keys, trusted: select TPM2 hash algorithm
On Sat, Oct 24, 2015 at 03:42:42PM +0300, Jarkko Sakkinen wrote:
> Added 'hashalg=' option for selecting the hash algorithm.
>
> Currently available options are:
>
> * sha1
> * sha256
> * sha384
> * sha512
> * sm3_256
>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
Things that came to mind after sending this:
* Documentation update is needed.
* Maybe it would be a good idea to return -EINVAL in the following
conditions:
* TPM1 chip
* Explicit hashalg option where hashalg is something different than
sha1.
Also one question: should I split this into three patches:
* Support for 'hashalg' in drivers/char/tpm.
* Parsing of hashalg in security/keys.
* Documentation update.
Anyway, this patch is good for testing. No functional updates are
needed except maybe that update for TPM1 chips.
/Jarkko
> ---
> drivers/char/tpm/tpm.h | 5 -
> drivers/char/tpm/tpm2-cmd.c | 34 ++
> include/keys/trusted-type.h | 2 ++
> security/keys/trusted.c | 8 +++-
> 4 files changed, 47 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
> index a4257a3..4c18f46 100644
> --- a/drivers/char/tpm/tpm.h
> +++ b/drivers/char/tpm/tpm.h
> @@ -92,7 +92,10 @@ enum tpm2_algorithms {
> TPM2_ALG_SHA1 = 0x0004,
> TPM2_ALG_KEYEDHASH = 0x0008,
> TPM2_ALG_SHA256 = 0x000B,
> - TPM2_ALG_NULL = 0x0010
> + TPM2_ALG_SHA384 = 0x000C,
> + TPM2_ALG_SHA512 = 0x000D,
> + TPM2_ALG_NULL = 0x0010,
> + TPM2_ALG_SM3_256= 0x0012,
> };
>
> enum tpm2_command_codes {
> diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
> index bd7039f..0704bd6 100644
> --- a/drivers/char/tpm/tpm2-cmd.c
> +++ b/drivers/char/tpm/tpm2-cmd.c
> @@ -104,6 +104,22 @@ struct tpm2_cmd {
> union tpm2_cmd_params params;
> } __packed;
>
> +struct tpm2_hashalg {
> + charname[MAX_HASHALG_SIZE];
> + u32 id;
> +};
> +
> +struct tpm2_hashalg tpm2_hashalg_map[] = {
> + {"sha1", TPM2_ALG_SHA1},
> + {"sha256", TPM2_ALG_SHA256},
> + {"sm3_256", TPM2_ALG_SM3_256},
> + {"sha384", TPM2_ALG_SHA384},
> + {"sha512", TPM2_ALG_SHA512},
> +};
> +
> +#define TPM2_HASHALG_COUNT \
> + (sizeof(tpm2_hashalg_map) / sizeof(tpm2_hashalg_map[1]))
> +
> /*
> * Array with one entry per ordinal defining the maximum amount
> * of time the chip could take to return the result. The values
> @@ -429,8 +445,26 @@ int tpm2_seal_trusted(struct tpm_chip *chip,
> {
> unsigned int blob_len;
> struct tpm_buf buf;
> + u32 hashalg = TPM2_ALG_SHA256;
> + int i;
> int rc;
>
> + if (strlen(options->hashalg) > 0) {
> + for (i = 0; i < TPM2_HASHALG_COUNT; i++) {
> + if (!strcmp(options->hashalg,
> + tpm2_hashalg_map[i].name)) {
> + hashalg = tpm2_hashalg_map[i].id;
> + dev_dbg(chip->pdev, "%s: hashalg: %s 0x%08X\n",
> + __func__, tpm2_hashalg_map[i].name,
> + hashalg);
> + break;
> + }
> + }
> +
> + if (i == TPM2_HASHALG_COUNT)
> + return -EINVAL;
> + }
> +
> rc = tpm_buf_init(, TPM2_ST_SESSIONS, TPM2_CC_CREATE);
> if (rc)
> return rc;
> diff --git a/include/keys/trusted-type.h b/include/keys/trusted-type.h
> index f91ecd9..a545733 100644
> --- a/include/keys/trusted-type.h
> +++ b/include/keys/trusted-type.h
> @@ -18,6 +18,7 @@
> #define MAX_KEY_SIZE 128
> #define MAX_BLOB_SIZE512
> #define MAX_PCRINFO_SIZE 64
> +#define MAX_HASHALG_SIZE 16
>
> struct trusted_key_payload {
> struct rcu_head rcu;
> @@ -36,6 +37,7 @@ struct trusted_key_options {
> uint32_t pcrinfo_len;
> unsigned char pcrinfo[MAX_PCRINFO_SIZE];
> int pcrlock;
> + unsigned char hashalg[MAX_HASHALG_SIZE];
> };
>
> extern struct key_type key_type_trusted;
> diff --git a/security/keys/trusted.c b/security/keys/trusted.c
> index d3633cf..9e7564d 100644
> --- a/security/keys/trusted.c
> +++ b/security/keys/trusted.c
> @@ -710,7 +710,8 @@ enum {
> Opt_err = -1,
> Opt_new, Opt_load, Opt_update,
> Opt_keyhandle, Opt_keyauth, Opt_blobauth,
> - Opt_pcrinfo, Opt_pcrlock, Opt_migratabl
Re: [PATCH v2 0/4] Basic trusted keys support for TPM 2.0
Hi On Fri, Oct 16, 2015 at 05:21:02PM +0100, David Howells wrote: > Hi Jarkko, > > For some reason I don't see patch 1. Weird. Well, maybe the best way to proceed is that I'll send the contents of for-peter-v44 branch for review. It's 9 patches in total, PPI, trusted keys and couple of bug fixes. > David /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 00/10] TPM2 updates for 4.4
This patch set enables distributions to start production of for TPM 2.0: * Two critical bug fixes * PPI support * Basic trusted keys with authentication value and SHA256 for keyed hash Next steps after this is to add policy based sealing for trusted keys and algorithmic agility. Jarkko Sakkinen (10): tpm, tpm_crb: fix unaligned read of the command buffer address tpm, tpm_tis: fix tpm_tis ACPI detection issue with TPM 2.0 sysfs: added __compat_only_sysfs_link_entry_to_kobj() tpm: move the PPI attributes to character device directory. tpm: update PPI documentation to address the location change. tpm: introduce tpm_buf keys, trusted: move struct trusted_key_options to trusted-type.h tpm: seal/unseal for TPM 2.0 keys, trusted: seal/unseal with TPM 2.0 chips MAINTAINERS: add new maintainer for TPM DEVICE DRIVER Documentation/ABI/testing/sysfs-driver-ppi | 19 ++- MAINTAINERS| 1 + drivers/char/tpm/tpm-chip.c| 24 ++- drivers/char/tpm/tpm-interface.c | 76 + drivers/char/tpm/tpm.h | 134 ++-- drivers/char/tpm/tpm2-cmd.c| 250 - drivers/char/tpm/tpm_crb.c | 39 ++--- drivers/char/tpm/tpm_ppi.c | 34 ++-- drivers/char/tpm/tpm_tis.c | 192 ++ fs/sysfs/group.c | 44 + include/keys/trusted-type.h| 14 +- include/linux/sysfs.h | 11 ++ include/linux/tpm.h| 26 +++ security/keys/trusted.c| 36 - security/keys/trusted.h| 11 -- 15 files changed, 793 insertions(+), 118 deletions(-) -- 2.5.0 -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 08/10] tpm: seal/unseal for TPM 2.0
Added tpm_trusted_seal() and tpm_trusted_unseal() API for sealing
trusted keys.
This patch implements basic sealing and unsealing functionality for
TPM 2.0:
* Seal with a parent key using a 20 byte auth value.
* Unseal with a parent key using a 20 byte auth value.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
drivers/char/tpm/tpm-interface.c | 76
drivers/char/tpm/tpm.h | 15 ++-
drivers/char/tpm/tpm2-cmd.c | 250 ++-
include/keys/trusted-type.h | 2 +-
include/linux/tpm.h | 26
5 files changed, 366 insertions(+), 3 deletions(-)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index e85d341..c50637d 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -666,6 +666,30 @@ int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx,
u8 *res_buf)
}
/**
+ * tpm_is_tpm2 - is the chip a TPM2 chip?
+ * @chip_num: tpm idx # or ANY
+ *
+ * Returns < 0 on error, and 1 or 0 on success depending whether the chip
+ * is a TPM2 chip.
+ */
+int tpm_is_tpm2(u32 chip_num)
+{
+ struct tpm_chip *chip;
+ int rc;
+
+ chip = tpm_chip_find_get(chip_num);
+ if (chip == NULL)
+ return -ENODEV;
+
+ rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
+
+ tpm_chip_put(chip);
+
+ return rc;
+}
+EXPORT_SYMBOL_GPL(tpm_is_tpm2);
+
+/**
* tpm_pcr_read - read a pcr value
* @chip_num: tpm idx # or ANY
* @pcr_idx: pcr idx to retrieve
@@ -1021,6 +1045,58 @@ int tpm_get_random(u32 chip_num, u8 *out, size_t max)
}
EXPORT_SYMBOL_GPL(tpm_get_random);
+/**
+ * tpm_seal_trusted() - seal a trusted key
+ * @chip_num: A specific chip number for the request or TPM_ANY_NUM
+ * @options: authentication values and other options
+ * @payload: the key data in clear and encrypted form
+ *
+ * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips
+ * are supported.
+ */
+int tpm_seal_trusted(u32 chip_num, struct trusted_key_payload *payload,
+struct trusted_key_options *options)
+{
+ struct tpm_chip *chip;
+ int rc;
+
+ chip = tpm_chip_find_get(chip_num);
+ if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2))
+ return -ENODEV;
+
+ rc = tpm2_seal_trusted(chip, payload, options);
+
+ tpm_chip_put(chip);
+ return rc;
+}
+EXPORT_SYMBOL_GPL(tpm_seal_trusted);
+
+/**
+ * tpm_unseal_trusted() - unseal a trusted key
+ * @chip_num: A specific chip number for the request or TPM_ANY_NUM
+ * @options: authentication values and other options
+ * @payload: the key data in clear and encrypted form
+ *
+ * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips
+ * are supported.
+ */
+int tpm_unseal_trusted(u32 chip_num, struct trusted_key_payload *payload,
+ struct trusted_key_options *options)
+{
+ struct tpm_chip *chip;
+ int rc;
+
+ chip = tpm_chip_find_get(chip_num);
+ if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2))
+ return -ENODEV;
+
+ rc = tpm2_unseal_trusted(chip, payload, options);
+
+ tpm_chip_put(chip);
+ return rc;
+}
+EXPORT_SYMBOL_GPL(tpm_unseal_trusted);
+
static int __init tpm_init(void)
{
int rc;
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index cb46f62..a4257a3 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -90,6 +90,9 @@ enum tpm2_return_codes {
enum tpm2_algorithms {
TPM2_ALG_SHA1 = 0x0004,
+ TPM2_ALG_KEYEDHASH = 0x0008,
+ TPM2_ALG_SHA256 = 0x000B,
+ TPM2_ALG_NULL = 0x0010
};
enum tpm2_command_codes {
@@ -97,6 +100,10 @@ enum tpm2_command_codes {
TPM2_CC_SELF_TEST = 0x0143,
TPM2_CC_STARTUP = 0x0144,
TPM2_CC_SHUTDOWN= 0x0145,
+ TPM2_CC_CREATE = 0x0153,
+ TPM2_CC_LOAD= 0x0157,
+ TPM2_CC_UNSEAL = 0x015E,
+ TPM2_CC_FLUSH_CONTEXT = 0x0165,
TPM2_CC_GET_CAPABILITY = 0x017A,
TPM2_CC_GET_RANDOM = 0x017B,
TPM2_CC_PCR_READ= 0x017E,
@@ -407,7 +414,7 @@ struct tpm_buf {
u8 *data;
};
-static inline void tpm_buf_init(struct tpm_buf *buf, u16 tag, u32 ordinal)
+static inline int tpm_buf_init(struct tpm_buf *buf, u16 tag, u32 ordinal)
{
struct tpm_input_header *head;
@@ -527,6 +534,12 @@ static inline void tpm_add_ppi(struct tpm_chip *chip)
int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
+int tpm2_seal_trusted(struct tpm_chip *chip,
+ struct trusted_key_payload *payload,
+ struct trusted_key_options *options);
+int tpm2_
[PATCH 09/10] keys, trusted: seal/unseal with TPM 2.0 chips
Call tpm_seal_trusted() and tpm_unseal_trusted() for TPM 2.0 chips.
We require explicit 'keyhandle=' option because there's no a fixed
storage root key inside TPM2 chips.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
Reviewed-by: Andreas Fuchs <andreas.fu...@sit.fraunhofer.de>
Tested-by: Mimi Zohar <zo...@linux.vnet.ibm.com> (on TPM 1.2)
Tested-by: Chris J Arges <chris.j.ar...@canonical.com>
Tested-by: Colin Ian King <colin.k...@canonical.com>
---
security/keys/trusted.c | 36 +---
1 file changed, 33 insertions(+), 3 deletions(-)
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index c0594cb..d3633cf 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -862,12 +862,19 @@ static int datablob_parse(char *datablob, struct
trusted_key_payload *p,
static struct trusted_key_options *trusted_options_alloc(void)
{
struct trusted_key_options *options;
+ int tpm2;
+
+ tpm2 = tpm_is_tpm2(TPM_ANY_NUM);
+ if (tpm2 < 0)
+ return NULL;
options = kzalloc(sizeof *options, GFP_KERNEL);
if (options) {
/* set any non-zero defaults */
options->keytype = SRK_keytype;
- options->keyhandle = SRKHANDLE;
+
+ if (!tpm2)
+ options->keyhandle = SRKHANDLE;
}
return options;
}
@@ -905,6 +912,11 @@ static int trusted_instantiate(struct key *key,
int ret = 0;
int key_cmd;
size_t key_len;
+ int tpm2;
+
+ tpm2 = tpm_is_tpm2(TPM_ANY_NUM);
+ if (tpm2 < 0)
+ return tpm2;
if (datalen <= 0 || datalen > 32767 || !prep->data)
return -EINVAL;
@@ -932,12 +944,20 @@ static int trusted_instantiate(struct key *key,
goto out;
}
+ if (!options->keyhandle) {
+ ret = -EINVAL;
+ goto out;
+ }
+
dump_payload(payload);
dump_options(options);
switch (key_cmd) {
case Opt_load:
- ret = key_unseal(payload, options);
+ if (tpm2)
+ ret = tpm_unseal_trusted(TPM_ANY_NUM, payload, options);
+ else
+ ret = key_unseal(payload, options);
dump_payload(payload);
dump_options(options);
if (ret < 0)
@@ -950,7 +970,10 @@ static int trusted_instantiate(struct key *key,
pr_info("trusted_key: key_create failed (%d)\n", ret);
goto out;
}
- ret = key_seal(payload, options);
+ if (tpm2)
+ ret = tpm_seal_trusted(TPM_ANY_NUM, payload, options);
+ else
+ ret = key_seal(payload, options);
if (ret < 0)
pr_info("trusted_key: key_seal failed (%d)\n", ret);
break;
@@ -1018,6 +1041,13 @@ static int trusted_update(struct key *key, struct
key_preparsed_payload *prep)
kfree(new_p);
goto out;
}
+
+ if (!new_o->keyhandle) {
+ ret = -EINVAL;
+ kfree(new_p);
+ goto out;
+ }
+
/* copy old key values, and reseal with new pcrs */
new_p->migratable = p->migratable;
new_p->key_len = p->key_len;
--
2.5.0
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 0/4] Basic trusted keys support for TPM 2.0
Basic trusted keys support: auth value and SHA256. v2: * Removed all the changes that modify the existing functions to use the new struct tpm_buf. These changes should be done separately from this patch set as they require separate QA + review. * 'keyhandle=' is now required for TPM2. Makes sense to always state the sealing key because there's no any fixed keys on the chip (thanks to Andreas Fuchs for this comment). * I updated tpm_buf to a be heap based structure. Now there's one full page of memory for variable sized messages. Also the stack is greatly reduced. Jarkko Sakkinen (4): tpm: introduce tpm_buf keys, trusted: move struct trusted_key_options to trusted-type.h tpm: seal/unseal for TPM 2.0 keys, trusted: seal/unseal with TPM 2.0 chips drivers/char/tpm/tpm-interface.c | 76 drivers/char/tpm/tpm.h | 110 + drivers/char/tpm/tpm2-cmd.c | 250 ++- include/keys/trusted-type.h | 14 ++- include/linux/tpm.h | 26 security/keys/trusted.c | 36 +- security/keys/trusted.h | 11 -- 7 files changed, 507 insertions(+), 16 deletions(-) -- 2.5.0 -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH v2 0/4] Basic trusted keys support for TPM 2.0
On Tue, Oct 13, 2015 at 11:11:21AM +0300, Jarkko Sakkinen wrote: > Basic trusted keys support: auth value and SHA256. > > v2: > > * Removed all the changes that modify the existing functions to use > the new struct tpm_buf. These changes should be done separately from > this patch set as they require separate QA + review. > * 'keyhandle=' is now required for TPM2. Makes sense to always state > the sealing key because there's no any fixed keys on the chip (thanks > to Andreas Fuchs for this comment). > * I updated tpm_buf to a be heap based structure. Now there's one full > page of memory for variable sized messages. Also the stack is greatly > reduced. The basic test that I did was: ID=$(keyctl add trusted kmk "new 32 keyhandle=0x8000" @u) keyctl pipe $ID > blob.hex keyctl clear @u keyctl add trusted kmk "load `cat blob.hex` keyhandle=0x8000" @u keyctl clear @u I also checked that the code fails with -EINVAL when keyhandle is not given. For generating a sealing key I used tpm2-root-key script from https://github.com/jsakkine/linux-tpm2 I think the code is in the shape that it is ready to be pulled but some tested-by's are needed. > Jarkko Sakkinen (4): > tpm: introduce tpm_buf > keys, trusted: move struct trusted_key_options to trusted-type.h > tpm: seal/unseal for TPM 2.0 > keys, trusted: seal/unseal with TPM 2.0 chips > > drivers/char/tpm/tpm-interface.c | 76 > drivers/char/tpm/tpm.h | 110 + > drivers/char/tpm/tpm2-cmd.c | 250 > ++- > include/keys/trusted-type.h | 14 ++- > include/linux/tpm.h | 26 > security/keys/trusted.c | 36 +- > security/keys/trusted.h | 11 -- > 7 files changed, 507 insertions(+), 16 deletions(-) > > -- > 2.5.0 > > -- > To unsubscribe from this list: send the line "unsubscribe > linux-security-module" in > the body of a message to majord...@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH v2 3/4] tpm: seal/unseal for TPM 2.0
Added tpm_trusted_seal() and tpm_trusted_unseal() API for sealing
trusted keys.
This patch implements basic sealing and unsealing functionality for
TPM 2.0:
* Seal with a parent key using a 20 byte auth value.
* Unseal with a parent key using a 20 byte auth value.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
drivers/char/tpm/tpm-interface.c | 76
drivers/char/tpm/tpm.h | 15 ++-
drivers/char/tpm/tpm2-cmd.c | 250 ++-
include/keys/trusted-type.h | 2 +-
include/linux/tpm.h | 26
5 files changed, 366 insertions(+), 3 deletions(-)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index e85d341..c50637d 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -666,6 +666,30 @@ int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx,
u8 *res_buf)
}
/**
+ * tpm_is_tpm2 - is the chip a TPM2 chip?
+ * @chip_num: tpm idx # or ANY
+ *
+ * Returns < 0 on error, and 1 or 0 on success depending whether the chip
+ * is a TPM2 chip.
+ */
+int tpm_is_tpm2(u32 chip_num)
+{
+ struct tpm_chip *chip;
+ int rc;
+
+ chip = tpm_chip_find_get(chip_num);
+ if (chip == NULL)
+ return -ENODEV;
+
+ rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
+
+ tpm_chip_put(chip);
+
+ return rc;
+}
+EXPORT_SYMBOL_GPL(tpm_is_tpm2);
+
+/**
* tpm_pcr_read - read a pcr value
* @chip_num: tpm idx # or ANY
* @pcr_idx: pcr idx to retrieve
@@ -1021,6 +1045,58 @@ int tpm_get_random(u32 chip_num, u8 *out, size_t max)
}
EXPORT_SYMBOL_GPL(tpm_get_random);
+/**
+ * tpm_seal_trusted() - seal a trusted key
+ * @chip_num: A specific chip number for the request or TPM_ANY_NUM
+ * @options: authentication values and other options
+ * @payload: the key data in clear and encrypted form
+ *
+ * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips
+ * are supported.
+ */
+int tpm_seal_trusted(u32 chip_num, struct trusted_key_payload *payload,
+struct trusted_key_options *options)
+{
+ struct tpm_chip *chip;
+ int rc;
+
+ chip = tpm_chip_find_get(chip_num);
+ if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2))
+ return -ENODEV;
+
+ rc = tpm2_seal_trusted(chip, payload, options);
+
+ tpm_chip_put(chip);
+ return rc;
+}
+EXPORT_SYMBOL_GPL(tpm_seal_trusted);
+
+/**
+ * tpm_unseal_trusted() - unseal a trusted key
+ * @chip_num: A specific chip number for the request or TPM_ANY_NUM
+ * @options: authentication values and other options
+ * @payload: the key data in clear and encrypted form
+ *
+ * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips
+ * are supported.
+ */
+int tpm_unseal_trusted(u32 chip_num, struct trusted_key_payload *payload,
+ struct trusted_key_options *options)
+{
+ struct tpm_chip *chip;
+ int rc;
+
+ chip = tpm_chip_find_get(chip_num);
+ if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2))
+ return -ENODEV;
+
+ rc = tpm2_unseal_trusted(chip, payload, options);
+
+ tpm_chip_put(chip);
+ return rc;
+}
+EXPORT_SYMBOL_GPL(tpm_unseal_trusted);
+
static int __init tpm_init(void)
{
int rc;
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index df43979..09aca509 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -90,6 +90,9 @@ enum tpm2_return_codes {
enum tpm2_algorithms {
TPM2_ALG_SHA1 = 0x0004,
+ TPM2_ALG_KEYEDHASH = 0x0008,
+ TPM2_ALG_SHA256 = 0x000B,
+ TPM2_ALG_NULL = 0x0010
};
enum tpm2_command_codes {
@@ -97,6 +100,10 @@ enum tpm2_command_codes {
TPM2_CC_SELF_TEST = 0x0143,
TPM2_CC_STARTUP = 0x0144,
TPM2_CC_SHUTDOWN= 0x0145,
+ TPM2_CC_CREATE = 0x0153,
+ TPM2_CC_LOAD= 0x0157,
+ TPM2_CC_UNSEAL = 0x015E,
+ TPM2_CC_FLUSH_CONTEXT = 0x0165,
TPM2_CC_GET_CAPABILITY = 0x017A,
TPM2_CC_GET_RANDOM = 0x017B,
TPM2_CC_PCR_READ= 0x017E,
@@ -399,7 +406,7 @@ struct tpm_buf {
u8 *data;
};
-static inline void tpm_buf_init(struct tpm_buf *buf, u16 tag, u32 ordinal)
+static inline int tpm_buf_init(struct tpm_buf *buf, u16 tag, u32 ordinal)
{
struct tpm_input_header *head;
@@ -525,6 +532,12 @@ static inline void tpm_remove_ppi(struct tpm_chip *chip)
int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
+int tpm2_seal_trusted(struct tpm_chip *chip,
+ struct trusted_key_payload *payload,
+ struct trusted_key_options *options);
+int
Re: [PATCH v2 0/4] Basic trusted keys support for TPM 2.0
On Tue, Oct 13, 2015 at 11:41:20AM -0600, Jason Gunthorpe wrote: > On Tue, Oct 13, 2015 at 11:11:21AM +0300, Jarkko Sakkinen wrote: > > > * I updated tpm_buf to a be heap based structure. Now there's one full > > page of memory for variable sized messages. Also the stack is greatly > > reduced. > > You may as well just use a skb then. struct sk_buff?? I think the structure that I've implemented is a good fit. It's simple to use and does exactly what we need. Can you elaborate what's the problem with tpm_buf? > Jason /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH 3/4] tpm: seal/unseal for TPM 2.0
On Tue, Oct 13, 2015 at 11:34:42AM -0600, Jason Gunthorpe wrote: > On Fri, Oct 02, 2015 at 11:38:17AM +0300, Jarkko Sakkinen wrote: > > Added tpm_trusted_seal() and tpm_trusted_unseal() API for sealing > > trusted keys. > > > > This patch implements basic sealing and unsealing functionality for > > TPM 2.0: > > We really need to stop using chip id's as a handle - the caller should > be using a pointer, it is just a horrible API, and the TPM_ANY_NUM > business is awful too.. TPM's are stateful devices! Eventually this needs to be refactored out. I don't see it in the scope of these patches or as high priority ATM. > Is it feasible to introduce new APIs with a saner scheme? > > The api layering also seems really weird to me. At a minimum the > tpm_seal_trusted should be called within key_seal, but really, should > key_seal be migrated into the TPM core? I'm not sure it makes alot of > sense to have a tpm_seal_trusted which uses the high level key structs > when other tpm functions are all low level RPC wrappers... I think tpm_seal() inside trusted.c is not a very good API. It takes the ad hoc version of the structs given to key_seal from stack. I don't see a problem here. My viewpoint has been that key_seal/unseal in trusted.c should be refactored out and TPM1 implementations seal/unseal should be moved to the TPM subsystem. There's so little amount of in-kernel low-level TPM code that IMHO it makes sense to keep in one place (as are all the other TPM utility functions). I can work on the TPM1 migration when we have the basic TPM2 stuff in place. > Jason /Jakrkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips
On Wed, 2015-10-07 at 10:32 +, Fuchs, Andreas wrote: > > > > > > > I looked at Patch 3/4 and it seems you default to -EPERM > > > > > > > on TPM2_Create()- > > > > > > > and TPM2_Load()-failures ? > > > > > > > You might want to test against rc == TPM_RC_OBJECT_MEMORY > > > > > > > and return -EBUSY > > > > > > > in those cases. Would you agree ? > > > > > > > (P.S. I can cross-post there if that's prefered ?) > > > > > > > > > > > > Have to check the return values. I posted this patch set > > > > > > already in > > > > > > early July. You are the first reviewer in three months for > > > > > > this patch > > > > > > set. > > > > > > > > > > > > I think the reason was that for TPM 1.x returned -EPERM in > > > > > > all error > > > > > > scenarios and I didn't want to endanger behaviour of > > > > > > command-line tools > > > > > > such as 'keyctl'. I would keep it that way unless you can > > > > > > guarantee that > > > > > > command-line tools will continue work correctly if I change > > > > > > it to > > > > > > -EBUSY. > > > > > > > > > > > > Anyway, I will recheck this part of the patch set but > > > > > > likely are not > > > > > > going to do any changes because I don't want to break the > > > > > > user space. > > > > > > > > > > > > I will consider revising the patch set with keyhandle > > > > > > required as an > > > > > > explicit option. > > > > > > > > > > Hmm... Will the old keyctl work without modification with the > > > > > 2.0 patches > > > > > anyways ? > > > > > > > > Yes it does and it should. I've been using keyctl utility to > > > > test my > > > > patch set. > > > > > > > > > The different keyHandle values and missing default keyHandle > > > > > will yield > > > > > "differences" anyways, I'd say. > > > > > IMHO, we should get it as correct as possible given that TPM > > > > > 2.0 is still > > > > > very young. > > > > > > > > > > Is adding "additional" ReturnCodes considered ABI > > > > > -incompatible breaking > > > > > anyways ? > > > > > > > > Yes they are if they make the user space utiltiy malfunction. > > > > > > AFAICT, keyctl just perror()s. Which is what I would have hoped. > > > So it guess it should work with -EBUSY. > > > Example-Trace of calls for key_adding: > > > http://anonscm.debian.org/cgit/collab-maint/keyutils.git/tree/key > > > utils.c#n43 > > > http://anonscm.debian.org/cgit/collab-maint/keyutils.git/tree/key > > > ctl.c#n379 > > > http://anonscm.debian.org/cgit/collab-maint/keyutils.git/tree/key > > > ctl.c#n131 > > > > > > Wish I could test it myself. > > > I understand, if you don't want to test my thoughts on this. > > > I just cannot perform the tests myself right now... :-( > > > > I would submit this change as a separate patch later anyway and not > > include it into this patch set. If it doesn't do harm it can be > > added > > later on. This patch set has been now in queue for three months so > > I > > only make modifications that are absolutely necessary. > > > > Changing keyhandle as mandatory option seems like such changes. > > This > > doesn't. > > Fine with me. > > P.S. do you have a git repo with all your queued and future patches > at HEAD ? In separate branches: https://github.com/jsakkine/linux-tpm2/branches > Cheers, > Andreas /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips
On Tue, Oct 06, 2015 at 01:16:02PM +, Fuchs, Andreas wrote: > > > I was just trying to point out that the concept is not too difficult, > > > since > > > kernel-space (minimal) resource-manager makes a lot of people go "oh god, > > > never ever, way too big, way too complicated", which IMHO it is not. > > > Until then, I think that the call should just return -EBUSY when you > > > cannot > > > load the sealed data if no slots are available ? > > > > Well this is kind of argument where there is no argument. I already had > > plans how to do access broker back in 2014 that are more or less along > > the lines of the pseudo code you sent. The problem is the lack of active > > maintainers in the subsystem. That's why I get easily frustated > > discussing about access broker in the first place :) > > > > I would have implemented access broker months and months ago if I didn't > > have so much code in the queue for this subsystem. There can be literally > > months delay without any feedback. Right now I have four different > > patches or patch sets in the queue: > > > > - PPI support (yes you cannot enable TPM chips at the moment from Linux) > > - Two bug fixes (CRB command buffer alignment, dTPM2 ACPI hot plugging) > > - Basic trusted keys > > > > I wouldn't blame any particular person about the situation but things > > cannot continue like this. I've been thinking if I could acquire > > co-maintainership of the subsystem for TPM 2 parts (don't really have > > time or expertise for TPM 1.x parts). > > I think I know this situation. You have all my sympathies... ;-) > > > I could post my architecture (never really written it except in my head > > but should not take too long time) to my blog at jsakkine.blogspot.com > > if you are interested discussing more. > > Well, I came in to tpmdd-devel rather recently and only with a small time > budget > to spend, but I'd be highly interested to learn about your thoughts. > > As you can tell, I've been involved on the userspace side of things and > therefore already bent my head around some different architectures for > different scenarios. Also your input might help us in the specification of > userspace side as well. > > So please go ahead and write it up, if you can spare the time. > Or let's get on the phone some time. > > > > I looked at Patch 3/4 and it seems you default to -EPERM on TPM2_Create()- > > > and TPM2_Load()-failures ? > > > You might want to test against rc == TPM_RC_OBJECT_MEMORY and return > > > -EBUSY > > > in those cases. Would you agree ? > > > (P.S. I can cross-post there if that's prefered ?) > > > > Have to check the return values. I posted this patch set already in > > early July. You are the first reviewer in three months for this patch > > set. > > > > I think the reason was that for TPM 1.x returned -EPERM in all error > > scenarios and I didn't want to endanger behaviour of command-line tools > > such as 'keyctl'. I would keep it that way unless you can guarantee that > > command-line tools will continue work correctly if I change it to > > -EBUSY. > > > > Anyway, I will recheck this part of the patch set but likely are not > > going to do any changes because I don't want to break the user space. > > > > I will consider revising the patch set with keyhandle required as an > > explicit option. > > Hmm... Will the old keyctl work without modification with the 2.0 patches > anyways ? Yes it does and it should. I've been using keyctl utility to test my patch set. > The different keyHandle values and missing default keyHandle will yield > "differences" anyways, I'd say. > IMHO, we should get it as correct as possible given that TPM 2.0 is still > very young. > > Is adding "additional" ReturnCodes considered ABI-incompatible breaking > anyways ? Yes they are if they make the user space utiltiy malfunction. > Cheers, > Andreas /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips
On Sun, Oct 04, 2015 at 06:57:42PM +, Fuchs, Andreas wrote: > Hi Jarkko, > > thanks for the clearification... > > However, I'd recommend against doing so. > > Furthermore, if there is a resource-manager running in userspace, > applications only get virtual handles and TPM might be empty > actually... > > If that's what you're aiming for, I'd recommend passing the pointer to > a context-saved-blob and have the kernel load the key this way. That > ensures no problems with resource-manager and handle-mixups. TPM 1.x interface has the same race if you do not use the default value for the 'keyhandle' option. In practice a processs in TCB (or root) would do all the keyctl magic so I do not see huge issue here. It can be orchestrated by the OS/distribution. From my point of view you are over-engineering in wrong place. It would be easy to add a way to provide the sealing key as blob later on if the simple approach chosen would not be sufficient. I'm confident that for 99% of all real-world use cases the interface provided by the patch set is sufficient. > Cheers, > Andreas /Jarkko > From: Jarkko Sakkinen [jarkko.sakki...@linux.intel.com] > Sent: Saturday, October 03, 2015 12:26 > To: Fuchs, Andreas > Cc: tpmdd-de...@lists.sourceforge.net; linux-ker...@vger.kernel.org; David > Howells; gre...@linuxfoundation.org; open list:KEYS-TRUSTED; open > list:KEYS-TRUSTED; James Morris; David Safford; a...@linux-foundation.org; > Serge E. Hallyn > Subject: Re: [tpmdd-devel] [PATCH 4/4] keys,trusted: seal/unseal with TPM > 2.0 chips > > On Sat, Oct 03, 2015 at 10:00:59AM +, Fuchs, Andreas wrote: > > Hi Jarkko, > > > > [snip] > > > > diff --git a/security/keys/trusted.h b/security/keys/trusted.h > > index ff001a5..fc32c47 100644 > > --- a/security/keys/trusted.h > > +++ b/security/keys/trusted.h > > @@ -12,6 +12,13 @@ > > #define TPM_RETURN_OFFSET 6 > > #define TPM_DATA_OFFSET10 > > > > +/* Transient object handles start from 0x8000 in TPM 2.0, which makes > > it > > + * a sane default. > > + */ > > + > > +#define TPM1_SRKHANDLE 0x4000 > > +#define TPM2_SRKHANDLE 0x8000 > > + > > #define LOAD32(buffer, offset) (ntohl(*(uint32_t *)[offset])) > > #define LOAD32N(buffer, offset)(*(uint32_t *)[offset]) > > #define LOAD16(buffer, offset) (ntohs(*(uint16_t *)[offset])) > > > > This TPM2_SRKHANDLE is unfortunately wrong. > > > > Transient handles are assigned and returned by the TPM following the > > commands TPM2_CreatePrimary, TPM2_LoadObject and TPM2_ContextLoad. You > > can only use transient handles as returned by the TPM in order to > > refer to the corresponding object created inside the TPM via these > > commands. They can never assumed to be constant. The fact that TPMs > > return 0x8000 for the first loaded Object and 0x8001 for the > > second is merely a coincidence... ;-) > > > > TPM2 also has no (single) SRK anymore. You have to create your own SRK > > / Storage Primary Keys via TPM2_CreatePrimary and use the transient > > handle returned from there. This however requires SH-authorization, > > usually via Policy IMHO, so not easy to manage. So IMHO, this might be > > something for the future but for the moment relying on a persistent > > key would be better... > > > > For persistent SRKs it should become a convention to have those > > around. Those handles start with 0x8100 and the SRKs (or Storage > > primary Keys) shall live within 0x8100 to 0x8100 (see > > http://www.trustedcomputinggroup.org/resources/registry_of_reserved_tpm_20_handles_and_localities) > > > > I'd recommend to rely on the existence of a handle inside this range > > with an empty auth-value. So maybe install a persistent SRK to > > 0x8100 via TPM2_EvictControl and then use this from within the > > kernel for anything following. > > P.S. You should check for the key's TPMA_OBJECT to have fixedTPM SET. > > I don't know if there is an actual test for owner-generated SRK > > testing. I'll ask around though... > > > > Note: you can query for handles in this range via > > TPM2_GetCapability(TPM_CAP_HANDLES, 0x8100) and then look for > > fitting keys. > > > > > > Feel free to discuss other approaches. > > I'm fully aware of all what you said. My take was to use 0x8 as > a default value if you don't the handle ID explicitly in 'description' > parameter of the add_key() syscall. > > > Cheers, > > Andreas > > /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips
I don't mean to be impolite but could line up your replies properly and avoid top-posting. I'd recommend 72 chars per line. Thanks. On Mon, Oct 05, 2015 at 12:20:47PM +, Fuchs, Andreas wrote: > That's why I propose to give the context-save-blob into the kernel. It > does not require any TPM2_Load of the key-chain or TPM2_CreatePrimary > prior to key usage. > > BTW, in the current TSS2-model context-save-blobs are the preferred > way for "moving/copying" loaded objects between two applications or > threads. The TSS2 crew did not see any value in having a "libdrm-like" > flink() call. Since you have to transfer the handle anyways, > transferring those few bytes of blob are actually just as easy and > management inside the daemon becomes way simple without flink()ing... > ;-) > > Regarding the in-kernel "minimal resource manager": AFAIK there is > already a tpm-mutex inside the kernel. We could use that mutex and > then have the algorithm: > > [SNIP] I don't care about one purpose hacks. Second, I don't care about pseudo code (at least not for "too big things"). It has tendency to mask unexpected details. If you want to propose something, please go through the patch process. > We don't need anything more fancy than this. And it should even > guarantee that the old values are still present after mutex_release, > so (opposed to a full-blown resource-manager) we do not need to keep > track and rewrite virtual handles inside the user-space commands. > > IMHO, this should be lightweight enough even for the most embedded of > applications, since the 2*2k blobs are only allocated on demand... It's still unnecessary functionality and increases the kernel image size and every hack requires maintenance. It would probably end up needing compilation flag as there exists efforts like: https://tiny.wiki.kernel.org/ My simple and stupid solution does not *prevent* adding better synchronization. I would go with that and implement access broker properly and not for just one use case later on. > ChromeOS with 1.2 uses a forked patched TrouSerS, right ? > I don't know about 2.0 though... Yup, patched to use UDP sockets. > Cheers, > Andreas /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips
On Mon, Oct 05, 2015 at 09:00:48AM +, Fuchs, Andreas wrote: > Hi Jarkko, > > /dev/tpm0 is single-open only. So if root wants to do anything there, > you'd have to stop the tss-daemon first. > Or do you see "keyctl magic" only happening in initrd ? > > I have to admit that I have no experience with the 1.2 trusted key > features. Never used them. Is there software available that uses > non-SRKs on 1.2 ? How did they solve the problem of a running > TrouSerS-tcsd ? > The main difference for 2.0 is the non-existence of the SRK. That's > where I see the need for rethinking... I see where you are getting and it is a valid queston. In the long run solution would be to have an access broker in the kernel so that you can open a separated context for transient handles if you need one and have all the eviction/loading magic in the kernel. However, this requires a lot of work, and for example for small single user embedded systems you would anyway want to disable it by using some compilation option (lets say CONFIG_TCG_TPM2_ACCESS_BROKER). Your proposal would only partly fix the issue because you need additional TPM2_Load in trusted.c in order to load the key before executing TPM2_Unseal operation. I'm not saying the solution is perfect but it works for notable coverage of systems (especially in the IoT side) and it doesn't prevent to implement access broker later on. I would be interested to get feedback from ChromeOS developers on this as they are using TPM quite extensively for user data encryption and various other use cases. > Cheers, > Andreas /Jarkko > ____ > From: Jarkko Sakkinen [jarkko.sakki...@linux.intel.com] > Sent: Monday, October 05, 2015 10:37 > To: Fuchs, Andreas > Cc: tpmdd-de...@lists.sourceforge.net; linux-ker...@vger.kernel.org; David > Howells; gre...@linuxfoundation.org; open list:KEYS-TRUSTED; open > list:KEYS-TRUSTED; James Morris; David Safford; a...@linux-foundation.org; > Serge E. Hallyn > Subject: Re: [tpmdd-devel] [PATCH 4/4] keys,trusted: seal/unseal with TPM > 2.0 chips > > On Sun, Oct 04, 2015 at 06:57:42PM +, Fuchs, Andreas wrote: > > Hi Jarkko, > > > > thanks for the clearification... > > > > However, I'd recommend against doing so. > > > > Furthermore, if there is a resource-manager running in userspace, > > applications only get virtual handles and TPM might be empty > > actually... > > > > If that's what you're aiming for, I'd recommend passing the pointer to > > a context-saved-blob and have the kernel load the key this way. That > > ensures no problems with resource-manager and handle-mixups. > > TPM 1.x interface has the same race if you do not use the default value > for the 'keyhandle' option. > > In practice a processs in TCB (or root) would do all the keyctl magic so > I do not see huge issue here. It can be orchestrated by the > OS/distribution. From my point of view you are over-engineering in wrong > place. > > It would be easy to add a way to provide the sealing key as blob later > on if the simple approach chosen would not be sufficient. I'm confident > that for 99% of all real-world use cases the interface provided by the > patch set is sufficient. > > > Cheers, > > Andreas > > /Jarkko > > > From: Jarkko Sakkinen [jarkko.sakki...@linux.intel.com] > > Sent: Saturday, October 03, 2015 12:26 > > To: Fuchs, Andreas > > Cc: tpmdd-de...@lists.sourceforge.net; linux-ker...@vger.kernel.org; David > > Howells; gre...@linuxfoundation.org; open list:KEYS-TRUSTED; open > > list:KEYS-TRUSTED; James Morris; David Safford; a...@linux-foundation.org; > > Serge E. Hallyn > > Subject: Re: [tpmdd-devel] [PATCH 4/4] keys,trusted: seal/unseal with > > TPM 2.0 chips > > > > On Sat, Oct 03, 2015 at 10:00:59AM +, Fuchs, Andreas wrote: > > > Hi Jarkko, > > > > > > [snip] > > > > > > diff --git a/security/keys/trusted.h b/security/keys/trusted.h > > > index ff001a5..fc32c47 100644 > > > --- a/security/keys/trusted.h > > > +++ b/security/keys/trusted.h > > > @@ -12,6 +12,13 @@ > > > #define TPM_RETURN_OFFSET 6 > > > #define TPM_DATA_OFFSET10 > > > > > > +/* Transient object handles start from 0x8000 in TPM 2.0, which > > > makes it > > > + * a sane default. > > > + */ > > > + > > > +#define TPM1_SRKHANDLE 0x4000 > > > +#define TPM2_SRKHANDLE 0x8000 > > > + > > > #define LOAD32(buffer, offset) (ntohl(*(uint32_t *)[offset])) > > > #define LOAD32N(buffer, offset)
Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips
On Mon, Oct 05, 2015 at 01:36:18PM +, Fuchs, Andreas wrote: > > It's still unnecessary functionality and increases the kernel image size > > and every hack requires maintenance. It would probably end up needing > > compilation flag as there exists efforts like: > > > > https://tiny.wiki.kernel.org/ > > > > My simple and stupid solution does not *prevent* adding better > > synchronization. I would go with that and implement access broker > > properly and not for just one use case later on. > > Unfortunately, I'm not able to write up some code for this myself atm. > Other priorities unfortunately. > > I was just pointing out, that the proposed patch will not fit in with > the current approach in TSS2.0, before this user-facing kernel API is > set in stone and _corrected_ new syscalls need to be added later. Why you would want new system calls? Do you know how hard it is to get new system calls accepted? It's usually nearly impossible to get new system calls in. You are going wrong direction there. I do not see why couldn't survive in TSS 2.0 implementation for a while without in-kernel access broker even if the world isn't perfect and improve from that when the support becomes available. I'm not frankly following your rationale here. On the other hand I see use for the kernel images without access broker in small embdedded devices. I CC'd to Will Arthur as he has been working with TSS 2.0 for along time just in case. > Also, the pseudo-code proposal should be a proper minimal access broker > that should solve most accesses to TPM transient objects down the road. > Session-brokering is a different beast of course. I don't mean to be rude but pseudo code doesn't matter much. We know what is required from an access broker in terms of TPM 2.0 commands and locking. Only working code matters at this point. I still don't see why you couldn't add access broker later on. The patch set does not make the API worse than it is right now. > Cheers, > Andreas /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [tpmdd-devel] [PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips
On Sat, Oct 03, 2015 at 01:26:55PM +0300, Jarkko Sakkinen wrote: > On Sat, Oct 03, 2015 at 10:00:59AM +, Fuchs, Andreas wrote: > > Hi Jarkko, > > > > [snip] > > > > diff --git a/security/keys/trusted.h b/security/keys/trusted.h > > index ff001a5..fc32c47 100644 > > --- a/security/keys/trusted.h > > +++ b/security/keys/trusted.h > > @@ -12,6 +12,13 @@ > > #define TPM_RETURN_OFFSET 6 > > #define TPM_DATA_OFFSET10 > > > > +/* Transient object handles start from 0x8000 in TPM 2.0, which makes > > it > > + * a sane default. > > + */ > > + > > +#define TPM1_SRKHANDLE 0x4000 > > +#define TPM2_SRKHANDLE 0x8000 > > + > > #define LOAD32(buffer, offset) (ntohl(*(uint32_t *)[offset])) > > #define LOAD32N(buffer, offset)(*(uint32_t *)[offset]) > > #define LOAD16(buffer, offset) (ntohs(*(uint16_t *)[offset])) > > > > This TPM2_SRKHANDLE is unfortunately wrong. > > > > Transient handles are assigned and returned by the TPM following the > > commands TPM2_CreatePrimary, TPM2_LoadObject and TPM2_ContextLoad. You > > can only use transient handles as returned by the TPM in order to > > refer to the corresponding object created inside the TPM via these > > commands. They can never assumed to be constant. The fact that TPMs > > return 0x8000 for the first loaded Object and 0x8001 for the > > second is merely a coincidence... ;-) > > > > TPM2 also has no (single) SRK anymore. You have to create your own SRK > > / Storage Primary Keys via TPM2_CreatePrimary and use the transient > > handle returned from there. This however requires SH-authorization, > > usually via Policy IMHO, so not easy to manage. So IMHO, this might be > > something for the future but for the moment relying on a persistent > > key would be better... > > > > For persistent SRKs it should become a convention to have those > > around. Those handles start with 0x8100 and the SRKs (or Storage > > primary Keys) shall live within 0x8100 to 0x8100 (see > > http://www.trustedcomputinggroup.org/resources/registry_of_reserved_tpm_20_handles_and_localities) > > > > I'd recommend to rely on the existence of a handle inside this range > > with an empty auth-value. So maybe install a persistent SRK to > > 0x8100 via TPM2_EvictControl and then use this from within the > > kernel for anything following. > > P.S. You should check for the key's TPMA_OBJECT to have fixedTPM SET. > > I don't know if there is an actual test for owner-generated SRK > > testing. I'll ask around though... > > > > Note: you can query for handles in this range via > > TPM2_GetCapability(TPM_CAP_HANDLES, 0x8100) and then look for > > fitting keys. > > > > > > Feel free to discuss other approaches. > > I'm fully aware of all what you said. My take was to use 0x8 as > a default value if you don't the handle ID explicitly in 'description' > parameter of the add_key() syscall. I don't know how much you've done user space code that uses TPM2 chip. I'm not saying I've written a lot of it but here's my experience. In Haswell/PTT you can have 3 transient handles at a time. How you use them is as follows: 1. Load/create your data to TPM filling transient handles starting from 0x8000. 2. Do your sealing/unsealing/whatever. 3. Flush transient handles. For single handle use cases transient handle is in practice always 0x8000 so it's very convenient to have that as the default value. I think you are looking at this too much from specification point of view. I've chosen the approach that is most convenient to use even though the handle does not have exactly the same semantics as with TPM 1.x. > > Cheers, > > Andreas > > /Jarkko /Jarkko -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 0/4] Basic trusted keys support for TPM 2.0
Basic trusted keys support, which means basic sealing with an authentication value by using SHA256. After we get the groundwork in place the functionality will be refined with algorithmic agility and policy based sealing. Jarkko Sakkinen (4): tpm: introduce struct tpm_buf trusted: move struct trusted_key_options to trusted-type.h tpm: seal/unseal for TPM 2.0 keys, trusted: seal/unseal with TPM 2.0 chips drivers/char/tpm/tpm-interface.c | 75 ++ drivers/char/tpm/tpm.h | 78 ++ drivers/char/tpm/tpm2-cmd.c | 495 +++ include/keys/trusted-type.h | 15 +- include/linux/tpm.h | 26 ++ include/linux/tpm_command.h | 1 - security/keys/trusted.c | 18 +- security/keys/trusted.h | 18 +- 8 files changed, 504 insertions(+), 222 deletions(-) -- 2.5.0 -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH 3/4] tpm: seal/unseal for TPM 2.0
Added tpm_trusted_seal() and tpm_trusted_unseal() API for sealing
trusted keys.
This patch implements basic sealing and unsealing functionality for
TPM 2.0:
* Seal with a parent key using a 20 byte auth value.
* Unseal with a parent key using a 20 byte auth value.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
drivers/char/tpm/tpm-interface.c | 75
drivers/char/tpm/tpm.h | 14 +++
drivers/char/tpm/tpm2-cmd.c | 184 +++
include/keys/trusted-type.h | 2 +-
include/linux/tpm.h | 26 ++
5 files changed, 300 insertions(+), 1 deletion(-)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index e85d341..6dd4c74 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -666,6 +666,29 @@ int tpm_pcr_read_dev(struct tpm_chip *chip, int pcr_idx,
u8 *res_buf)
}
/**
+ * tpm_is_tpm2 - is the chip a TPM2 chip?
+ * @chip_num: tpm idx # or ANY
+ *
+ * Returns 1 if the chip is a TPM2 chip.
+ */
+int tpm_is_tpm2(u32 chip_num)
+{
+ struct tpm_chip *chip;
+ int rc;
+
+ chip = tpm_chip_find_get(chip_num);
+ if (chip == NULL)
+ return -ENODEV;
+
+ rc = (chip->flags & TPM_CHIP_FLAG_TPM2) != 0;
+
+ tpm_chip_put(chip);
+
+ return rc;
+}
+EXPORT_SYMBOL_GPL(tpm_is_tpm2);
+
+/**
* tpm_pcr_read - read a pcr value
* @chip_num: tpm idx # or ANY
* @pcr_idx: pcr idx to retrieve
@@ -1021,6 +1044,58 @@ int tpm_get_random(u32 chip_num, u8 *out, size_t max)
}
EXPORT_SYMBOL_GPL(tpm_get_random);
+/**
+ * tpm_seal_trusted() - seal a trusted key
+ * @chip_num: A specific chip number for the request or TPM_ANY_NUM
+ * @options: authentication values and other options
+ * @payload: the key data in clear and encrypted form
+ *
+ * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips
+ * are supported.
+ */
+int tpm_seal_trusted(u32 chip_num, struct trusted_key_payload *payload,
+struct trusted_key_options *options)
+{
+ struct tpm_chip *chip;
+ int rc;
+
+ chip = tpm_chip_find_get(chip_num);
+ if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2))
+ return -ENODEV;
+
+ rc = tpm2_seal_trusted(chip, payload, options);
+
+ tpm_chip_put(chip);
+ return rc;
+}
+EXPORT_SYMBOL_GPL(tpm_seal_trusted);
+
+/**
+ * tpm_unseal_trusted() - unseal a trusted key
+ * @chip_num: A specific chip number for the request or TPM_ANY_NUM
+ * @options: authentication values and other options
+ * @payload: the key data in clear and encrypted form
+ *
+ * Returns < 0 on error and 0 on success. At the moment, only TPM 2.0 chips
+ * are supported.
+ */
+int tpm_unseal_trusted(u32 chip_num, struct trusted_key_payload *payload,
+ struct trusted_key_options *options)
+{
+ struct tpm_chip *chip;
+ int rc;
+
+ chip = tpm_chip_find_get(chip_num);
+ if (chip == NULL || !(chip->flags & TPM_CHIP_FLAG_TPM2))
+ return -ENODEV;
+
+ rc = tpm2_unseal_trusted(chip, payload, options);
+
+ tpm_chip_put(chip);
+ return rc;
+}
+EXPORT_SYMBOL_GPL(tpm_unseal_trusted);
+
static int __init tpm_init(void)
{
int rc;
diff --git a/drivers/char/tpm/tpm.h b/drivers/char/tpm/tpm.h
index f04afb7..2d79939 100644
--- a/drivers/char/tpm/tpm.h
+++ b/drivers/char/tpm/tpm.h
@@ -88,6 +88,9 @@ enum tpm2_return_codes {
enum tpm2_algorithms {
TPM2_ALG_SHA1 = 0x0004,
+ TPM2_ALG_KEYEDHASH = 0x0008,
+ TPM2_ALG_SHA256 = 0x000B,
+ TPM2_ALG_NULL = 0x0010
};
enum tpm2_command_codes {
@@ -95,6 +98,10 @@ enum tpm2_command_codes {
TPM2_CC_SELF_TEST = 0x0143,
TPM2_CC_STARTUP = 0x0144,
TPM2_CC_SHUTDOWN= 0x0145,
+ TPM2_CC_CREATE = 0x0153,
+ TPM2_CC_LOAD= 0x0157,
+ TPM2_CC_UNSEAL = 0x015E,
+ TPM2_CC_FLUSH_CONTEXT = 0x0165,
TPM2_CC_GET_CAPABILITY = 0x017A,
TPM2_CC_GET_RANDOM = 0x017B,
TPM2_CC_PCR_READ= 0x017E,
@@ -492,6 +499,13 @@ static inline void tpm_remove_ppi(struct tpm_chip *chip)
int tpm2_pcr_read(struct tpm_chip *chip, int pcr_idx, u8 *res_buf);
int tpm2_pcr_extend(struct tpm_chip *chip, int pcr_idx, const u8 *hash);
int tpm2_get_random(struct tpm_chip *chip, u8 *out, size_t max);
+int tpm2_seal_trusted(struct tpm_chip *chip,
+ struct trusted_key_payload *payload,
+ struct trusted_key_options *options);
+int tpm2_unseal_trusted(struct tpm_chip *chip,
+ struct trusted_key_payload *payload,
+ struct trusted_key_options *options);
+
ssize_t tpm2_get_tpm_pt(struct tpm_chip *chip, u32 property_id,
u32 *value, const char *desc);
diff --git a/drivers/c
[PATCH 4/4] keys, trusted: seal/unseal with TPM 2.0 chips
Call tpm_seal_trusted() and tpm_unseal_trusted() for TPM 2.0 chips.
Signed-off-by: Jarkko Sakkinen <jarkko.sakki...@linux.intel.com>
---
drivers/char/tpm/tpm2-cmd.c | 2 +-
include/linux/tpm_command.h | 1 -
security/keys/trusted.c | 18 ++
security/keys/trusted.h | 7 +++
4 files changed, 22 insertions(+), 6 deletions(-)
diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c
index 0986c96..0fba698 100644
--- a/drivers/char/tpm/tpm2-cmd.c
+++ b/drivers/char/tpm/tpm2-cmd.c
@@ -422,7 +422,7 @@ static int tpm2_load(struct tpm_chip *chip,
options->keyauth /* hmac */,
TPM_DIGEST_SIZE);
- tpm_buf_append(, payload->blob, payload->blob_len);
+ tpm_buf_append(, payload->blob, blob_len);
rc = tpm_transmit_cmd(chip, buf.data, TPM_BUF_SIZE, "loading blob");
if (!rc)
diff --git a/include/linux/tpm_command.h b/include/linux/tpm_command.h
index 727512e..d7b0f82 100644
--- a/include/linux/tpm_command.h
+++ b/include/linux/tpm_command.h
@@ -22,7 +22,6 @@
#define TPM_ORD_UNSEAL 24
/* Other constants */
-#define SRKHANDLE 0x4000
#define TPM_NONCE_SIZE 20
#endif
diff --git a/security/keys/trusted.c b/security/keys/trusted.c
index c0594cb..f6557b1 100644
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -601,7 +601,7 @@ static int tpm_unseal(struct tpm_buf *tb,
}
ordinal = htonl(TPM_ORD_UNSEAL);
- keyhndl = htonl(SRKHANDLE);
+ keyhndl = htonl(TPM1_SRKHANDLE);
ret = tpm_get_random(TPM_ANY_NUM, nonceodd, TPM_NONCE_SIZE);
if (ret != TPM_NONCE_SIZE) {
pr_info("trusted_key: tpm_get_random failed (%d)\n", ret);
@@ -867,7 +867,11 @@ static struct trusted_key_options
*trusted_options_alloc(void)
if (options) {
/* set any non-zero defaults */
options->keytype = SRK_keytype;
- options->keyhandle = SRKHANDLE;
+
+ if (tpm_is_tpm2(TPM_ANY_NUM))
+ options->keyhandle = TPM2_SRKHANDLE;
+ else
+ options->keyhandle = TPM1_SRKHANDLE;
}
return options;
}
@@ -937,7 +941,10 @@ static int trusted_instantiate(struct key *key,
switch (key_cmd) {
case Opt_load:
- ret = key_unseal(payload, options);
+ if (tpm_is_tpm2(TPM_ANY_NUM))
+ ret = tpm_unseal_trusted(TPM_ANY_NUM, payload, options);
+ else
+ ret = key_unseal(payload, options);
dump_payload(payload);
dump_options(options);
if (ret < 0)
@@ -950,7 +957,10 @@ static int trusted_instantiate(struct key *key,
pr_info("trusted_key: key_create failed (%d)\n", ret);
goto out;
}
- ret = key_seal(payload, options);
+ if (tpm_is_tpm2(TPM_ANY_NUM))
+ ret = tpm_seal_trusted(TPM_ANY_NUM, payload, options);
+ else
+ ret = key_seal(payload, options);
if (ret < 0)
pr_info("trusted_key: key_seal failed (%d)\n", ret);
break;
diff --git a/security/keys/trusted.h b/security/keys/trusted.h
index ff001a5..fc32c47 100644
--- a/security/keys/trusted.h
+++ b/security/keys/trusted.h
@@ -12,6 +12,13 @@
#define TPM_RETURN_OFFSET 6
#define TPM_DATA_OFFSET10
+/* Transient object handles start from 0x8000 in TPM 2.0, which makes it
+ * a sane default.
+ */
+
+#define TPM1_SRKHANDLE 0x4000
+#define TPM2_SRKHANDLE 0x8000
+
#define LOAD32(buffer, offset) (ntohl(*(uint32_t *)[offset]))
#define LOAD32N(buffer, offset)(*(uint32_t *)[offset])
#define LOAD16(buffer, offset) (ntohs(*(uint16_t *)[offset]))
--
2.5.0
--
To unsubscribe from this list: send the line "unsubscribe
linux-security-module" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
