On Thu Jul 4, 2024 at 4:56 AM EEST, Stefan Berger wrote:
On 7/3/24 14:24, Jarkko Sakkinen wrote:
Unless tpm_chip_bootstrap() was called by the driver, !chip->auth can
Doesn't tpm_chip_register() need to be called by all drivers? This function then calls tpm_chip_bootstrap().
cause a null derefence in tpm_buf_hmac_session*(). Thus, address !chip->auth in tpm_buf_hmac_session*() and remove the fallback implementation for !TCG_TPM2_HMAC.
Cc: stable@vger.kernel.org # v6.9+ Reported-by: Stefan Berger stefanb@linux.ibm.com Closes: https://lore.kernel.org/linux-integrity/20240617193408.1234365-1-stefanb@lin... Fixes: 1085b8276bb4 ("tpm: Add the rest of the session HMAC API") Signed-off-by: Jarkko Sakkinen jarkko@kernel.org
I applied this series now but it doesn't solve the reported problem. The
It fixes the issues of which symptoms was shown by your transcript:
[ 2.987131] tpm tpm0: tpm2_load_context: failed with a TPM error 0x01C4 [ 2.987140] ima: Error Communicating to TPM chip, result: -14
Your original thread identified zero problems, so thus your claim here is plain untrue.
Before the null derefence is fixed all other patches related are blocked, including ibm_tpmvtpm patches, because it would be insane to accept them when there is known memory corruption bug, which this patch set fixes.
What is so difficult to understand in this?
error message is gone but the feature can still be enabled (CONFIG_TCG_TPM2_HMAC=y) but is unlikely actually doing what it is promising to do with this config option. So you either still have to apply my patch, James's patch, or your intended "depends on !TCG_IBMVTPM" patch.
Well this somewhat misleading imho...
None of the previous patches, including your, do nothing to fix the null derefence bug and that is the *only* bug we care about ATM. With these fixes drivers that do not call tpm_chip_bootstrap() will be fully working still but without encryption.
There's five drivers which would require update for that:
drivers/char/tpm/tpm_ftpm_tee.c: pvt_data->chip->flags |= TPM_CHIP_FLAG_TPM2; drivers/char/tpm/tpm_i2c_nuvoton.c: chip->flags |= TPM_CHIP_FLAG_TPM2; drivers/char/tpm/tpm_ibmvtpm.c: chip->flags |= TPM_CHIP_FLAG_TPM2; drivers/char/tpm/tpm_tis_i2c_cr50.c: chip->flags |= TPM_CHIP_FLAG_TPM2; drivers/char/tpm/tpm_vtpm_proxy.c: proxy_dev->chip->flags |= TPM_CHIP_FLAG_TPM2;
BR, Jarkko