| Message ID | 874177b3b34b10679829dbf011e5bde7f37a4c9c.camel@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | trusted-keys-fix-migratable-logic | expand |
Hello David, On 03.06.22 15:28, david.safford@gmail.com wrote: > When creating (sealing) a new trusted key, migratable > trusted keys have the FIXED_TPM and FIXED_PERM attributes > set, and non-migratable keys don't. This is backwards, and > also causes creation to fail when creating a migratable key > under a migratable parent. (The TPM thinks you are trying to > seal a non-migratable blob under a migratable parent.) > > The following simple patch fixes the logic, and has been > tested for all four combinations of migratable and non-migratable > trusted keys and parent storage keys. With this logic, you will > get a proper failure if you try to create a non-migratable > trusted key under a migratable parent storage key, and all other > combinations work correctly. > > david safford Thanks for your patch. It looks sensible, but needs some work to be aligned to the kernel patch guidelines, documented here: Documentation/process/submitting-patches.rst What I noticed in particular: - Your Signed-off-by is missing - Your patch title needs alignment to others in the revision history, you could change it e.g. "KEYS: trusted: tpm2: Fix migratable logic" - The To:/Cc: list is incomplete. Patches to this file are normally merged via Jarkko's tree. get_maintainers.pl will produce a full list of people and mailing lists to copy. Looking forward to your v2. Cheers, Ahmad > --- > security/keys/trusted-keys/trusted_tpm2.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c > index 0165da386289..2b2c8eb258d5 100644 > --- a/security/keys/trusted-keys/trusted_tpm2.c > +++ b/security/keys/trusted-keys/trusted_tpm2.c > @@ -283,8 +283,8 @@ int tpm2_seal_trusted(struct tpm_chip *chip, > /* key properties */ > flags = 0; > flags |= options->policydigest_len ? 0 : TPM2_OA_USER_WITH_AUTH; > - flags |= payload->migratable ? (TPM2_OA_FIXED_TPM | > - TPM2_OA_FIXED_PARENT) : 0; > + flags |= payload->migratable ? 0 : (TPM2_OA_FIXED_TPM | > + TPM2_OA_FIXED_PARENT); > tpm_buf_append_u32(&buf, flags); > > /* policy */
On Tue, Jun 07, 2022 at 08:15:49AM +0200, Ahmad Fatoum wrote: > Hello David, > > On 03.06.22 15:28, david.safford@gmail.com wrote: > > When creating (sealing) a new trusted key, migratable > > trusted keys have the FIXED_TPM and FIXED_PERM attributes > > set, and non-migratable keys don't. This is backwards, and > > also causes creation to fail when creating a migratable key > > under a migratable parent. (The TPM thinks you are trying to > > seal a non-migratable blob under a migratable parent.) > > > > The following simple patch fixes the logic, and has been > > tested for all four combinations of migratable and non-migratable > > trusted keys and parent storage keys. With this logic, you will > > get a proper failure if you try to create a non-migratable > > trusted key under a migratable parent storage key, and all other > > combinations work correctly. > > > > david safford > > Thanks for your patch. It looks sensible, but needs some work to > be aligned to the kernel patch guidelines, documented here: > Documentation/process/submitting-patches.rst > > What I noticed in particular: > > - Your Signed-off-by is missing > - Your patch title needs alignment to others in the revision history, > you could change it e.g. "KEYS: trusted: tpm2: Fix migratable logic" > - The To:/Cc: list is incomplete. Patches to this file are normally > merged via Jarkko's tree. get_maintainers.pl will produce a full list > of people and mailing lists to copy. > > Looking forward to your v2. The code change looks legit but it also needs to have this: Fixes: e5fb5d2c5a03 ("security: keys: trusted: Make sealed key properly interoperable") > Cheers, > Ahmad BR, Jarkko
diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trusted-keys/trusted_tpm2.c index 0165da386289..2b2c8eb258d5 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -283,8 +283,8 @@ int tpm2_seal_trusted(struct tpm_chip *chip, /* key properties */ flags = 0; flags |= options->policydigest_len ? 0 : TPM2_OA_USER_WITH_AUTH; - flags |= payload->migratable ? (TPM2_OA_FIXED_TPM | - TPM2_OA_FIXED_PARENT) : 0; + flags |= payload->migratable ? 0 : (TPM2_OA_FIXED_TPM | + TPM2_OA_FIXED_PARENT); tpm_buf_append_u32(&buf, flags); /* policy */