Received: by 2002:a5b:505:0:0:0:0:0 with SMTP id o5csp61002ybp;
        Thu, 3 Oct 2019 10:10:41 -0700 (PDT)
X-Google-Smtp-Source: APXvYqx1jbPH9GzfakAgYqlME5MP333Xfu/2YN7WWx47hZHYIThmZAxNrcTSnCuWrh69yMiz2Zl4
X-Received: by 2002:a50:cd1a:: with SMTP id z26mr10446547edi.75.1570122641785;
        Thu, 03 Oct 2019 10:10:41 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1570122641; cv=none;
        d=google.com; s=arc-20160816;
        b=skp8xDM/TH+AUmbpF8tR16liWmsLNpqKgA2K2jVjN10tFggrLHV1vVV0sYw1Fbhtou
         A0cbxxlIyOEVBjclayhml9Hkmas4+QMt8g4i6MMABGtr2vjRQbYMxNwyvgBGfES7Srfd
         NuYLtY2Ht/xbM1NtkgdJZKSu2aPVmrA4wLmlRKvh/hA9vUsZHbxaLmbvoGA+1eDE8q0d
         /kaYRhiSN9Fy8jhXKFoqlLAzAF3fwXFrHpWevQqbqyi2wekdpVkVVfy+D3X1uQ/bUa3q
         kPy56QWDmgYKOpQHsybin9Dj2qFXM5NQH1bNob8nIQixY3OBxf0dg+YCAmSuoSop4O9O
         JPiw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=RS41ADHE9A28R++qesKjrlY3Q6fxOdJGqZFracv/R0k=;
        b=CdHZNU9DZ3/wCuz7bgI/cPYxfXCxr0giBgDgn/IJWd/im16/9ho7GPL04kO5prDtX7
         OomY1XKQUChgz98uYKzCxQ5ZcFjRT3Zk/SI7j7KrxDr7ldoDn6YOsUw9YQXcRRMyVJPb
         IO4PbmtsCSBkRjJbQkCuyKn0Eygj/PmvbLYfKQA1rV1UIA5W8tyJ8cl1isebIkpWvX3w
         yFddYg6Wi8j3rPzAxyYsTS0m58G8SOSONNBu9JgwoYc793BDr+J+yiYoskE7ixuSlbv6
         PixLc3m23LOASEloszpoBI+kEX3et1UxwWIcN15a92ef+5LLz7SGlOzN5isRs2cxxmLs
         GjkA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=enYHxHnE;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id b4si2149477edk.331.2019.10.03.10.10.17;
        Thu, 03 Oct 2019 10:10:41 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=enYHxHnE;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2404387AbfJCQgO (ORCPT <rfc822;mailist1go@gmail.com>
        + 99 others); Thu, 3 Oct 2019 12:36:14 -0400
Received: from mail.kernel.org ([198.145.29.99]:45338 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S2404371AbfJCQgK (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 3 Oct 2019 12:36:10 -0400
Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id B57042086A;
        Thu,  3 Oct 2019 16:36:09 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1570120570;
        bh=5c5TRDo84sJDQ13UTbdqdWaHh1lRiJyZiHqi4clyXMM=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=enYHxHnE5kNtFbGEHcPAloEAsLISa0TNt9jl0BVsRoceEZsQXDP8ee0uEL/OOsmou
         yo7eeUyTr18/B2hrpFVVfwpKZ80o72bW0/5/sTPT/6i5PftHMsuSwnypC9OllurHEa
         2bCnfhaM+gtoFrVONtgWykx4E1+gI2tBGh6kVEXw=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Roberto Sassu <roberto.sassu@huawei.com>,
        Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>,
        Jerry Snitselaar <jsnitsel@redhat.com>
Subject: [PATCH 5.2 271/313] KEYS: trusted: correctly initialize digests and fix locking issue
Date:   Thu,  3 Oct 2019 17:54:09 +0200
Message-Id: <20191003154559.738687404@linuxfoundation.org>
X-Mailer: git-send-email 2.23.0
In-Reply-To: <20191003154533.590915454@linuxfoundation.org>
References: <20191003154533.590915454@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Roberto Sassu <roberto.sassu@huawei.com>

commit 9f75c82246313d4c2a6bc77e947b45655b3b5ad5 upstream.

Commit 0b6cf6b97b7e ("tpm: pass an array of tpm_extend_digest structures to
tpm_pcr_extend()") modifies tpm_pcr_extend() to accept a digest for each
PCR bank. After modification, tpm_pcr_extend() expects that digests are
passed in the same order as the algorithms set in chip->allocated_banks.

This patch fixes two issues introduced in the last iterations of the patch
set: missing initialization of the TPM algorithm ID in the tpm_digest
structures passed to tpm_pcr_extend() by the trusted key module, and
unreleased locks in the TPM driver due to returning from tpm_pcr_extend()
without calling tpm_put_ops().

Cc: stable@vger.kernel.org
Fixes: 0b6cf6b97b7e ("tpm: pass an array of tpm_extend_digest structures to tpm_pcr_extend()")
Signed-off-by: Roberto Sassu <roberto.sassu@huawei.com>
Suggested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 drivers/char/tpm/tpm-interface.c |   14 +++++++++-----
 security/keys/trusted.c          |    5 +++++
 2 files changed, 14 insertions(+), 5 deletions(-)

--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -320,18 +320,22 @@ int tpm_pcr_extend(struct tpm_chip *chip
 	if (!chip)
 		return -ENODEV;
 
-	for (i = 0; i < chip->nr_allocated_banks; i++)
-		if (digests[i].alg_id != chip->allocated_banks[i].alg_id)
-			return -EINVAL;
+	for (i = 0; i < chip->nr_allocated_banks; i++) {
+		if (digests[i].alg_id != chip->allocated_banks[i].alg_id) {
+			rc = EINVAL;
+			goto out;
+		}
+	}
 
 	if (chip->flags & TPM_CHIP_FLAG_TPM2) {
 		rc = tpm2_pcr_extend(chip, pcr_idx, digests);
-		tpm_put_ops(chip);
-		return rc;
+		goto out;
 	}
 
 	rc = tpm1_pcr_extend(chip, pcr_idx, digests[0].digest,
 			     "attempting extend a PCR value");
+
+out:
 	tpm_put_ops(chip);
 	return rc;
 }
--- a/security/keys/trusted.c
+++ b/security/keys/trusted.c
@@ -1228,11 +1228,16 @@ hashalg_fail:
 
 static int __init init_digests(void)
 {
+	int i;
+
 	digests = kcalloc(chip->nr_allocated_banks, sizeof(*digests),
 			  GFP_KERNEL);
 	if (!digests)
 		return -ENOMEM;
 
+	for (i = 0; i < chip->nr_allocated_banks; i++)
+		digests[i].alg_id = chip->allocated_banks[i].alg_id;
+
 	return 0;
 }