Skip to content

Commit 3517a6a

Browse files
jarkkojsgregkh
authored andcommitted
tpm: Mask TPM RC in tpm2_start_auth_session()
commit 539fbab upstream. tpm2_start_auth_session() does not mask TPM RC correctly from the callers: [ 28.766528] tpm tpm0: A TPM error (2307) occurred start auth session Process TPM RCs inside tpm2_start_auth_session(), and map them to POSIX error codes. Cc: [email protected] # v6.10+ Fixes: 699e3ef ("tpm: Add HMAC session start and end functions") Reported-by: Herbert Xu <[email protected]> Closes: https://lore.kernel.org/linux-integrity/[email protected]/ Reviewed-by: Stefano Garzarella <[email protected]> Signed-off-by: Jarkko Sakkinen <[email protected]> Signed-off-by: Greg Kroah-Hartman <[email protected]>
1 parent c149bdf commit 3517a6a

File tree

2 files changed

+25
-14
lines changed

2 files changed

+25
-14
lines changed

drivers/char/tpm/tpm2-sessions.c

Lines changed: 6 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -40,11 +40,6 @@
4040
*
4141
* These are the usage functions:
4242
*
43-
* tpm2_start_auth_session() which allocates the opaque auth structure
44-
* and gets a session from the TPM. This must be called before
45-
* any of the following functions. The session is protected by a
46-
* session_key which is derived from a random salt value
47-
* encrypted to the NULL seed.
4843
* tpm2_end_auth_session() kills the session and frees the resources.
4944
* Under normal operation this function is done by
5045
* tpm_buf_check_hmac_response(), so this is only to be used on
@@ -963,16 +958,13 @@ static int tpm2_load_null(struct tpm_chip *chip, u32 *null_key)
963958
}
964959

965960
/**
966-
* tpm2_start_auth_session() - create a HMAC authentication session with the TPM
967-
* @chip: the TPM chip structure to create the session with
961+
* tpm2_start_auth_session() - Create an a HMAC authentication session
962+
* @chip: A TPM chip
968963
*
969-
* This function loads the NULL seed from its saved context and starts
970-
* an authentication session on the null seed, fills in the
971-
* @chip->auth structure to contain all the session details necessary
972-
* for performing the HMAC, encrypt and decrypt operations and
973-
* returns. The NULL seed is flushed before this function returns.
964+
* Loads the ephemeral key (null seed), and starts an HMAC authenticated
965+
* session. The null seed is flushed before the return.
974966
*
975-
* Return: zero on success or actual error encountered.
967+
* Returns zero on success, or a POSIX error code.
976968
*/
977969
int tpm2_start_auth_session(struct tpm_chip *chip)
978970
{
@@ -1024,7 +1016,7 @@ int tpm2_start_auth_session(struct tpm_chip *chip)
10241016
/* hash algorithm for session */
10251017
tpm_buf_append_u16(&buf, TPM_ALG_SHA256);
10261018

1027-
rc = tpm_transmit_cmd(chip, &buf, 0, "start auth session");
1019+
rc = tpm_ret_to_err(tpm_transmit_cmd(chip, &buf, 0, "StartAuthSession"));
10281020
tpm2_flush_context(chip, null_key);
10291021

10301022
if (rc == TPM2_RC_SUCCESS)

include/linux/tpm.h

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -257,6 +257,7 @@ enum tpm2_return_codes {
257257
TPM2_RC_TESTING = 0x090A, /* RC_WARN */
258258
TPM2_RC_REFERENCE_H0 = 0x0910,
259259
TPM2_RC_RETRY = 0x0922,
260+
TPM2_RC_SESSION_MEMORY = 0x0903,
260261
};
261262

262263
enum tpm2_command_codes {
@@ -437,6 +438,24 @@ static inline u32 tpm2_rc_value(u32 rc)
437438
return (rc & BIT(7)) ? rc & 0xbf : rc;
438439
}
439440

441+
/*
442+
* Convert a return value from tpm_transmit_cmd() to POSIX error code.
443+
*/
444+
static inline ssize_t tpm_ret_to_err(ssize_t ret)
445+
{
446+
if (ret < 0)
447+
return ret;
448+
449+
switch (tpm2_rc_value(ret)) {
450+
case TPM2_RC_SUCCESS:
451+
return 0;
452+
case TPM2_RC_SESSION_MEMORY:
453+
return -ENOMEM;
454+
default:
455+
return -EFAULT;
456+
}
457+
}
458+
440459
#if defined(CONFIG_TCG_TPM) || defined(CONFIG_TCG_TPM_MODULE)
441460

442461
extern int tpm_is_tpm2(struct tpm_chip *chip);

0 commit comments

Comments
 (0)