Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp1245928rwb; Tue, 27 Sep 2022 10:14:02 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4XkiD7LOgFsqL1W74jbd4KVFV6+fshQ687w7DXXe2/zCTbLdMGaJMBORcn+MDQQYCFMC5T X-Received: by 2002:a17:907:7fa0:b0:782:948b:e212 with SMTP id qk32-20020a1709077fa000b00782948be212mr20103776ejc.231.1664298841872; Tue, 27 Sep 2022 10:14:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1664298841; cv=none; d=google.com; s=arc-20160816; b=twL/cyE3s/IS5jb+NbtaT656nn/Mho4JbVhFJNA+QCkWkv/BbCcA285y4utUtYVF1D QW2DzDGaJGvmK+CJlC+dZ70TSgUNJAHpRLw9HkFmCKW/AR4mJL4THy9JAwCLIOjWYMet +1Uj2u9ga+0o6tMKkDSMPMSB+UEsHnddVKOLBNLdZBpeSi8svfxrdwYElSV2GVyd1TeB yV4q0w+43eQZhAH2QSmTRyBJvXbZZEfptlvFJgeU7898Up1bwBn/FtTe649qzRO9eLUp 5Dg1l1NOyQBsHKGf8KJBFS5tLl66hhFhzeRBspAxDuCpZNdJp0TrJb721NnhWpIQyI4z s60w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=Y5IIjhYcp6pllpBstUKppAn5vOER8d/5NeFiMFC+AZ4=; b=NG9CTEBUMZZ8FQHz89JmeQVG8h7JNJNX+e6XdBdvG0rEtTPVe5uSwb9P9swaBomnaQ 9hgasUwGy+F5symo3PhMN9NbqpQkxGW3ANQouBLkkbJzkQQxWLUdCbc6Y4DEdkwNlnB/ O+TwNNAY/pR0PkyiTqB3kOqzPt1OSsMqnIyS8uLr41yRdZPiwTcge2SMq9aQ5WBMVk1D Qkezlepl85KrWfeANUQfz9THgNnM6bZu4lFutxxE2lEdH5Yx6UmCJbRhCB5M7M+Mf2b4 fEnhX70x++yAnGmRI0NwyrZsm0FuSApW91xR47dFeD+7w46p9kikMMCTrT0QqRXWRl+N DgdA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=KtOFCJo0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id de2-20020a1709069bc200b00741a18d4a5asi1383373ejc.994.2022.09.27.10.13.27; Tue, 27 Sep 2022 10:14:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=KtOFCJo0; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232814AbiI0QvQ (ORCPT + 99 others); Tue, 27 Sep 2022 12:51:16 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46822 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230445AbiI0QuP (ORCPT ); Tue, 27 Sep 2022 12:50:15 -0400 Received: from mail-pl1-x630.google.com (mail-pl1-x630.google.com [IPv6:2607:f8b0:4864:20::630]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AF96661D61 for ; Tue, 27 Sep 2022 09:50:12 -0700 (PDT) Received: by mail-pl1-x630.google.com with SMTP id iw17so9650306plb.0 for ; Tue, 27 Sep 2022 09:50:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date; bh=Y5IIjhYcp6pllpBstUKppAn5vOER8d/5NeFiMFC+AZ4=; b=KtOFCJo06CDDr+BAxpO/ygHq6cEPoZynIvZgbfM1UHBzDuHQUJ5CbEi4ZoiG9svTxR pKrL9ectGlvt8OIUq4guOEuCs5QSQsuOcd71aO/aHyyn3G+JRcxLp4QddwkV6WaeekXJ p/dLQjZ0L0skPBXMyfxZMM9L8/y7cz6FrOn3c= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date; bh=Y5IIjhYcp6pllpBstUKppAn5vOER8d/5NeFiMFC+AZ4=; b=nj+skmAXSbyP5T5RKfL5NSLkduhOLQ09C3Kig+Ghik9PVQSPRwoJyKKYFOLQcw7Vpi 1vV0a/pvzBbYN43kOjtkB/6Z8T/72w+13JyGqyxTLhG/7yNiDWAth+QhrQE8u5H/YZIe bx0VXCDqs1AYWdirfsgyhTfX9NOdFuKl/o+TZlxiBUqARs6uLKjO5o/2t7PzcMV+cgNU oTcGXlEAmnnMKw7gWLMhQHjOsQmpVHo6KtnTUOcla7iWTjfHu+swrd1egNADRTdYP624 y+hLSGfjV2MeJxHh8cbUfpJvSMrYwyEcHKZJkqTqbSCSeNPpvv1sAqyvdxGhd3ks+jSg eIhg== X-Gm-Message-State: ACrzQf06SiQNqsWFOkzbWogcMUWVJT7rGHAqkwt0ZtoSRvkx8eIbda7f tD7TnUHpZqkFxGmDojuzcXmROevBwpi+TMs111k= X-Received: by 2002:a17:90a:1096:b0:202:c5a9:bf1e with SMTP id c22-20020a17090a109600b00202c5a9bf1emr5669884pja.3.1664297411430; Tue, 27 Sep 2022 09:50:11 -0700 (PDT) Received: from evgreen-glaptop.lan ([73.231.74.141]) by smtp.gmail.com with ESMTPSA id p13-20020a63950d000000b00434272fe870sm1753509pgd.88.2022.09.27.09.50.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 27 Sep 2022 09:50:10 -0700 (PDT) From: Evan Green To: linux-kernel@vger.kernel.org Cc: linux-integrity@vger.kernel.org, apronin@chromium.org, dlunev@google.com, jarkko@kernel.org, Pavel Machek , Ben Boeckel , rjw@rjwysocki.net, corbet@lwn.net, linux-pm@vger.kernel.org, zohar@linux.ibm.com, Kees Cook , Eric Biggers , jejb@linux.ibm.com, gwendal@chromium.org, Matthew Garrett , Evan Green , Matthew Garrett , David Howells , Hao Wu , James Morris , Matthew Garrett , Paul Moore , "Serge E. Hallyn" , axelj , keyrings@vger.kernel.org, linux-security-module@vger.kernel.org Subject: [PATCH v3 06/11] security: keys: trusted: Verify creation data Date: Tue, 27 Sep 2022 09:49:17 -0700 Message-Id: <20220927094559.v3.6.I6cdb522cb5ea28fcd1e35b4cd92cbd067f99269a@changeid> X-Mailer: git-send-email 2.31.0 In-Reply-To: <20220927164922.3383711-1-evgreen@chromium.org> References: <20220927164922.3383711-1-evgreen@chromium.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.2 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If a loaded key contains creation data, ask the TPM to verify that creation data. This allows users like encrypted hibernate to know that the loaded and parsed creation data has not been tampered with. Suggested-by: Matthew Garrett Signed-off-by: Evan Green --- Source material for this change is at: https://patchwork.kernel.org/project/linux-pm/patch/20210220013255.1083202-9-matthewgarrett@google.com/ Changes in v3: - Changed funky tag to suggested-by (Kees). Matthew, holler if you want something different. Changes in v2: - Adjust hash len by 2 due to new ASN.1 storage, and add underflow check. include/linux/tpm.h | 1 + security/keys/trusted-keys/trusted_tpm2.c | 77 ++++++++++++++++++++++- 2 files changed, 77 insertions(+), 1 deletion(-) diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 8320cbac6f4009..438f8bc0a50582 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -224,6 +224,7 @@ enum tpm2_command_codes { TPM2_CC_SELF_TEST = 0x0143, TPM2_CC_STARTUP = 0x0144, TPM2_CC_SHUTDOWN = 0x0145, + TPM2_CC_CERTIFYCREATION = 0x014A, TPM2_CC_NV_READ = 0x014E, TPM2_CC_CREATE = 0x0153, TPM2_CC_LOAD = 0x0157, diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c index a7ad83bc0e5396..c76a1b5a2e8471 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -703,6 +703,74 @@ static int tpm2_unseal_cmd(struct tpm_chip *chip, return rc; } +/** + * tpm2_certify_creation() - execute a TPM2_CertifyCreation command + * + * @chip: TPM chip to use + * @payload: the key data in clear and encrypted form + * @blob_handle: the loaded TPM handle of the key + * + * Return: 0 on success + * -EINVAL on tpm error status + * < 0 error from tpm_send or tpm_buf_init + */ +static int tpm2_certify_creation(struct tpm_chip *chip, + struct trusted_key_payload *payload, + u32 blob_handle) +{ + struct tpm_header *head; + struct tpm_buf buf; + int rc; + + rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_CERTIFYCREATION); + if (rc) + return rc; + + /* Use TPM_RH_NULL for signHandle */ + tpm_buf_append_u32(&buf, 0x40000007); + + /* Object handle */ + tpm_buf_append_u32(&buf, blob_handle); + + /* Auth */ + tpm_buf_append_u32(&buf, 9); + tpm_buf_append_u32(&buf, TPM2_RS_PW); + tpm_buf_append_u16(&buf, 0); + tpm_buf_append_u8(&buf, 0); + tpm_buf_append_u16(&buf, 0); + + /* Qualifying data */ + tpm_buf_append_u16(&buf, 0); + + /* Creation data hash */ + if (payload->creation_hash_len < 2) { + rc = -EINVAL; + goto out; + } + + tpm_buf_append_u16(&buf, payload->creation_hash_len - 2); + tpm_buf_append(&buf, payload->creation_hash + 2, + payload->creation_hash_len - 2); + + /* signature scheme */ + tpm_buf_append_u16(&buf, TPM_ALG_NULL); + + /* creation ticket */ + tpm_buf_append(&buf, payload->tk, payload->tk_len); + + rc = tpm_transmit_cmd(chip, &buf, 6, "certifying creation data"); + if (rc) + goto out; + + head = (struct tpm_header *)buf.data; + + if (be32_to_cpu(head->return_code) != TPM2_RC_SUCCESS) + rc = -EINVAL; +out: + tpm_buf_destroy(&buf); + return rc; +} + /** * tpm2_unseal_trusted() - unseal the payload of a trusted key * @@ -728,8 +796,15 @@ int tpm2_unseal_trusted(struct tpm_chip *chip, goto out; rc = tpm2_unseal_cmd(chip, payload, options, blob_handle); - tpm2_flush_context(chip, blob_handle); + if (rc) + goto flush; + + if (payload->creation_len) + rc = tpm2_certify_creation(chip, payload, blob_handle); + +flush: + tpm2_flush_context(chip, blob_handle); out: tpm_put_ops(chip); -- 2.31.0