From nobody Thu Oct 2 05:03:35 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9E0DA3054E6; Mon, 22 Sep 2025 16:43:33 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1758559413; cv=none; b=i647fPV/sy4ZKS1LMS5vU9ifwGkXhncsH3tGbLFQ73XoqBRaehyBFBk8K5h4JeKnfaINW9dOjICVrkge/1Y9nLvZEH4XeVR0K3m1jySURtaJto4Al/B3q0mqvmnpV4Zs07Zb5FLYH3FBu/jekkCzhv6y7ZUtfx7zsMNJrs8Njw4= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1758559413; c=relaxed/simple; bh=Je6cj0fei63iymWrQv/qB2Jg+xsIJTJYbMZ3IJkxnR0=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=P/RQj6lij7Dw4+HtOERlv5g8FwqEFxDBwdK+CP4ZgFyN9dMXRcoYDEn7pWcFdm0BdaRmGS0/rqXxxHcqDwwkSOANiBYPaf+NbFUS17iccTnaArLDFD70aCL/tJcUyru2uzxSmL+OnDyLTXsEZZQe4s8tRqgCJB1GqCBULLNQqww= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Hb1iWQFa; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Hb1iWQFa" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8F7B6C4CEF0; Mon, 22 Sep 2025 16:43:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1758559413; bh=Je6cj0fei63iymWrQv/qB2Jg+xsIJTJYbMZ3IJkxnR0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Hb1iWQFa8vgzyoaoR3NTb+ZQFTRbS0KDhtJhVlHCJxfSFETHu3v1pr2291GGaMd1M n5S0V+EhOTjYv/yLA7ZA9wJGRPC3VnPRkGhEegVzONvxxyMo5w3uzm2jMRHRtcOPFL txwRkMvUF3gxL7PR/1T6YH5QvUbKvFkCKrKy3JjyVEhSIIWjzeEmlY1xkiyoMiRvun OLH9EBc28+hG0qJjooAiKexMVE0hsThLBwt2PuOdahxNV4nTMJLJ4dEOgHtQ53vOer gy5rOs5iudxwc+OuEeD1qkMviTklSMLC5aNePksMZAEMNU4oWhMHNpHvEdEsd+2egj p4D/YdWutjXMQ== From: Jarkko Sakkinen To: linux-integrity@vger.kernel.org Cc: Jarkko Sakkinen , Peter Huewe , Jarkko Sakkinen , Jason Gunthorpe , David Howells , Paul Moore , James Morris , "Serge E. Hallyn" , James Bottomley , Mimi Zohar , Stefano Garzarella , linux-kernel@vger.kernel.org (open list), keyrings@vger.kernel.org (open list:KEYS/KEYRINGS), linux-security-module@vger.kernel.org (open list:SECURITY SUBSYSTEM) Subject: [PATCH 1/4] tpm: Use -EPERM as fallback error code in tpm_ret_to_err Date: Mon, 22 Sep 2025 19:43:14 +0300 Message-Id: <20250922164318.3540792-2-jarkko@kernel.org> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250922164318.3540792-1-jarkko@kernel.org> References: <20250922164318.3540792-1-jarkko@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jarkko Sakkinen Using -EFAULT here was not the best idea for tpm_ret_to_err as the fallback error code as it is no concise with trusted keys. Change the fallback as -EPERM, process TPM_RC_HASH also in tpm_ret_to_err, and by these changes make the helper applicable for trusted keys. Fixes: 539fbab37881 ("tpm: Mask TPM RC in tpm2_start_auth_session()") Signed-off-by: Jarkko Sakkinen --- include/linux/tpm.h | 9 +++++--- security/keys/trusted-keys/trusted_tpm2.c | 26 ++++++----------------- 2 files changed, 13 insertions(+), 22 deletions(-) diff --git a/include/linux/tpm.h b/include/linux/tpm.h index dc0338a783f3..667d290789ca 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -449,13 +449,16 @@ static inline ssize_t tpm_ret_to_err(ssize_t ret) if (ret < 0) return ret; =20 - switch (tpm2_rc_value(ret)) { - case TPM2_RC_SUCCESS: + if (!ret) return 0; + + switch (tpm2_rc_value(ret)) { case TPM2_RC_SESSION_MEMORY: return -ENOMEM; + case TPM2_RC_HASH: + return -EINVAL; default: - return -EFAULT; + return -EPERM; } } =20 diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trus= ted-keys/trusted_tpm2.c index 024be262702f..e165b117bbca 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -348,25 +348,19 @@ int tpm2_seal_trusted(struct tpm_chip *chip, } =20 blob_len =3D tpm2_key_encode(payload, options, &buf.data[offset], blob_le= n); + if (blob_len < 0) + rc =3D blob_len; =20 out: tpm_buf_destroy(&sized); tpm_buf_destroy(&buf); =20 - if (rc > 0) { - if (tpm2_rc_value(rc) =3D=3D TPM2_RC_HASH) - rc =3D -EINVAL; - else - rc =3D -EPERM; - } - if (blob_len < 0) - rc =3D blob_len; - else + if (!rc) payload->blob_len =3D blob_len; =20 out_put: tpm_put_ops(chip); - return rc; + return tpm_ret_to_err(rc); } =20 /** @@ -468,10 +462,7 @@ static int tpm2_load_cmd(struct tpm_chip *chip, kfree(blob); tpm_buf_destroy(&buf); =20 - if (rc > 0) - rc =3D -EPERM; - - return rc; + return tpm_ret_to_err(rc); } =20 /** @@ -534,8 +525,6 @@ static int tpm2_unseal_cmd(struct tpm_chip *chip, tpm_buf_fill_hmac_session(chip, &buf); rc =3D tpm_transmit_cmd(chip, &buf, 6, "unsealing"); rc =3D tpm_buf_check_hmac_response(chip, &buf, rc); - if (rc > 0) - rc =3D -EPERM; =20 if (!rc) { data_len =3D be16_to_cpup( @@ -568,7 +557,7 @@ static int tpm2_unseal_cmd(struct tpm_chip *chip, =20 out: tpm_buf_destroy(&buf); - return rc; + return tpm_ret_to_err(rc); } =20 /** @@ -600,6 +589,5 @@ int tpm2_unseal_trusted(struct tpm_chip *chip, =20 out: tpm_put_ops(chip); - - return rc; + return tpm_ret_to_err(rc); } --=20 2.39.5 From nobody Thu Oct 2 05:03:35 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EA8C53054E6; Mon, 22 Sep 2025 16:43:37 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1758559418; cv=none; b=p/wEu5gKG4PFIYtmEjUZCntrDzkXGnkH6YzwCQ0I60A71zkKW47AwGuz7kPnySWsTHe0f8NCDn0eoHqOd3iGxUBW+xlAdN4pleC14m2iYitWqT3QnXYppJB1WBAI+WyZnTrIAsW4ZRbGW3BTV/PK6eS5k4SEkEJFDPkhEEqATt8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1758559418; c=relaxed/simple; bh=Y+1c7b5mQ+4e2GWN5FoK5I9PttJtkmd4OsSaL/5zHpM=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=tCrfIBW0Cb4Q8V2DmwXbDGwI+C7ewTymcuOag/S6OLecltXY9TzBVqaU7hHQdTasDXIkW38J2gQKKVWSjOpZu1CVQOIc34iX/Mm1Z0vC6sHKoHgPu9I2aE5YoFYtxLM52qOX/XW2Rk3bFrNBa0B0o5FKDCNmrWcKXMaKWA3UHpU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=D3yEKpeu; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="D3yEKpeu" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1F245C4CEF0; Mon, 22 Sep 2025 16:43:36 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1758559417; bh=Y+1c7b5mQ+4e2GWN5FoK5I9PttJtkmd4OsSaL/5zHpM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=D3yEKpeuycJuljiuOVrPSpMaxboE2k2Bx07dKuMffdp4nfJWxOA2rUJQ7wTAIcvpj cva+rwnRJFIwyFeZAHRnf2ONvq68zOLlxRPKZOvXu04mekJNUg789FQxqK7SP0muoE iNDwdPhXyNL2hOTmIAp2+Ft6ZXqq3VUjAoUuPMyR5Gsd4IDEPvmEZHMgcVk4yj4vi+ jBzjmCiYtWQC453fMzT7ERGQR64W0KU1/IK0raHgIA3orpaxQALlsizAH/QvgY/lmn EoUe15Cb5HSpEDwpc+/ntLezbVet7A1jBfy/Kp5avZ3tTJurr6Hgo3IX7MLccKp9uj rSIHrTrjwFjvQ== From: Jarkko Sakkinen To: linux-integrity@vger.kernel.org Cc: Jarkko Sakkinen , Peter Huewe , Jarkko Sakkinen , Jason Gunthorpe , David Howells , Paul Moore , James Morris , "Serge E. Hallyn" , Mimi Zohar , Roberto Sassu , linux-kernel@vger.kernel.org (open list), keyrings@vger.kernel.org (open list:KEYS/KEYRINGS), linux-security-module@vger.kernel.org (open list:SECURITY SUBSYSTEM) Subject: [PATCH 2/4] tpm2-sessions: Remove unused parameter from tpm_buf_append_auth Date: Mon, 22 Sep 2025 19:43:15 +0300 Message-Id: <20250922164318.3540792-3-jarkko@kernel.org> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250922164318.3540792-1-jarkko@kernel.org> References: <20250922164318.3540792-1-jarkko@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jarkko Sakkinen In earlier bug fix, an extra parameter was by mistake to the function. Fixes: 27184f8905ba ("tpm: Opt-in in disable PCR integrity protection") Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm2-cmd.c | 2 +- drivers/char/tpm/tpm2-sessions.c | 5 ++--- include/linux/tpm.h | 25 +------------------------ 3 files changed, 4 insertions(+), 28 deletions(-) diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index 7d77f6fbc152..61a4daaef292 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -191,7 +191,7 @@ int tpm2_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, tpm_buf_append_hmac_session(chip, &buf, 0, NULL, 0); } else { tpm_buf_append_handle(chip, &buf, pcr_idx); - tpm_buf_append_auth(chip, &buf, 0, NULL, 0); + tpm_buf_append_auth(chip, &buf, NULL, 0); } =20 tpm_buf_append_u32(&buf, chip->nr_allocated_banks); diff --git a/drivers/char/tpm/tpm2-sessions.c b/drivers/char/tpm/tpm2-sessi= ons.c index 6d03c224e6b2..13f019d1312a 100644 --- a/drivers/char/tpm/tpm2-sessions.c +++ b/drivers/char/tpm/tpm2-sessions.c @@ -266,7 +266,7 @@ void tpm_buf_append_name(struct tpm_chip *chip, struct = tpm_buf *buf, EXPORT_SYMBOL_GPL(tpm_buf_append_name); =20 void tpm_buf_append_auth(struct tpm_chip *chip, struct tpm_buf *buf, - u8 attributes, u8 *passphrase, int passphrase_len) + u8 *passphrase, int passphrase_len) { /* offset tells us where the sessions area begins */ int offset =3D buf->handles * 4 + TPM_HEADER_SIZE; @@ -327,8 +327,7 @@ void tpm_buf_append_hmac_session(struct tpm_chip *chip,= struct tpm_buf *buf, #endif =20 if (!tpm2_chip_auth(chip)) { - tpm_buf_append_auth(chip, buf, attributes, passphrase, - passphrase_len); + tpm_buf_append_auth(chip, buf, passphrase, passphrase_len); return; } =20 diff --git a/include/linux/tpm.h b/include/linux/tpm.h index 667d290789ca..a8984d273c28 100644 --- a/include/linux/tpm.h +++ b/include/linux/tpm.h @@ -533,30 +533,7 @@ void tpm_buf_append_hmac_session(struct tpm_chip *chip= , struct tpm_buf *buf, u8 attributes, u8 *passphrase, int passphraselen); void tpm_buf_append_auth(struct tpm_chip *chip, struct tpm_buf *buf, - u8 attributes, u8 *passphrase, int passphraselen); -static inline void tpm_buf_append_hmac_session_opt(struct tpm_chip *chip, - struct tpm_buf *buf, - u8 attributes, - u8 *passphrase, - int passphraselen) -{ - struct tpm_header *head; - int offset; - - if (tpm2_chip_auth(chip)) { - tpm_buf_append_hmac_session(chip, buf, attributes, passphrase, passphras= elen); - } else { - offset =3D buf->handles * 4 + TPM_HEADER_SIZE; - head =3D (struct tpm_header *)buf->data; - - /* - * If the only sessions are optional, the command tag must change to - * TPM2_ST_NO_SESSIONS. - */ - if (tpm_buf_length(buf) =3D=3D offset) - head->tag =3D cpu_to_be16(TPM2_ST_NO_SESSIONS); - } -} + u8 *passphrase, int passphraselen); =20 #ifdef CONFIG_TCG_TPM2_HMAC =20 --=20 2.39.5 From nobody Thu Oct 2 05:03:35 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 27BCB3126A0; Mon, 22 Sep 2025 16:43:41 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1758559422; cv=none; b=M1GsAVBxYdlxxhvzZhsuIHPIh7ZxJlxCHpP30KgVsoeKbFtB0GfmCpcL5Lkhdo80359TqrIG7S27DbPwO8/RDXqU63UCtnigBuSlzs5VuCf+90J+dUbLI9FUHzy6krkjjFRv5IQQw76VOGOCxQCYOs3ktUDuOozfwARmJCyK4TU= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1758559422; c=relaxed/simple; bh=RMx6siXIeqVXuN1p/iukcu2ZicONPOiKZaft77WYbOs=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=rktMbSbPuPtrIPT/TuyBscCRIptkLG/auljdgeXOFjU9nmqOtekMnPhYUieePFuz2Qwc7aNNnQe0QU8b/KBJUDuLbtseppG8Hc92cO3SAypku0JJja8F0mOknygQAyRHB7Y8HP9T8R6bVk8r6NQhOlQM5uFI0tmL8Zas4B7vrQc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Au+5IcJk; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Au+5IcJk" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 59926C4CEF0; Mon, 22 Sep 2025 16:43:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1758559421; bh=RMx6siXIeqVXuN1p/iukcu2ZicONPOiKZaft77WYbOs=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Au+5IcJkOfY2W+7+X80vfpT/DsC8grrYXXPFrGinXajYvn2raiHV7sAI2PmeicNum jkodul7tlqw9w5URp3a1CL0E0hcU29sssOje3rge8ULlu0+3PPjEwduYhSX6Ed66W/ zMbnO6YzMI68x34XosQ8QrWfKXE4EwSBdX1GmVro2YOq35tVhcwqr2fP1UyWdBL/sp oWjNOLMGrSb9jl2ukKeoYoIyvDNM10CIVbnszvxlT+zNx7i/4OI5M+Q98e8Q7KmCEI tFmO2ArGNPSv60tdUvmyqHpvtuUpgkl4Ia2uVWuJaTdHEAhmDXvqruMnCKdAl3uTnm FSCA56p8TAWBQ== From: Jarkko Sakkinen To: linux-integrity@vger.kernel.org Cc: Jarkko Sakkinen , Peter Huewe , Jarkko Sakkinen , Jason Gunthorpe , David Howells , Paul Moore , James Morris , "Serge E. Hallyn" , James Bottomley , Mimi Zohar , linux-kernel@vger.kernel.org (open list), keyrings@vger.kernel.org (open list:KEYS/KEYRINGS), linux-security-module@vger.kernel.org (open list:SECURITY SUBSYSTEM) Subject: [PATCH 3/4] tpm2-sessions: Remove unnecessary wrapper Date: Mon, 22 Sep 2025 19:43:16 +0300 Message-Id: <20250922164318.3540792-4-jarkko@kernel.org> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250922164318.3540792-1-jarkko@kernel.org> References: <20250922164318.3540792-1-jarkko@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jarkko Sakkinen Open code tpm_buf_append_hmac_session_opt() because it adds unnecessary disperancy to the call sites (and reduces the amount of code). Signed-off-by: Jarkko Sakkinen --- drivers/char/tpm/tpm2-cmd.c | 14 +++++++++++--- security/keys/trusted-keys/trusted_tpm2.c | 12 ++++++++++-- 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/drivers/char/tpm/tpm2-cmd.c b/drivers/char/tpm/tpm2-cmd.c index 61a4daaef292..0a795adbdc11 100644 --- a/drivers/char/tpm/tpm2-cmd.c +++ b/drivers/char/tpm/tpm2-cmd.c @@ -257,9 +257,17 @@ int tpm2_get_random(struct tpm_chip *chip, u8 *dest, s= ize_t max) =20 do { tpm_buf_reset(&buf, TPM2_ST_SESSIONS, TPM2_CC_GET_RANDOM); - tpm_buf_append_hmac_session_opt(chip, &buf, TPM2_SA_ENCRYPT - | TPM2_SA_CONTINUE_SESSION, - NULL, 0); + if (tpm2_chip_auth(chip)) { + tpm_buf_append_hmac_session(chip, &buf, + TPM2_SA_ENCRYPT | + TPM2_SA_CONTINUE_SESSION, + NULL, 0); + } else { + offset =3D buf.handles * 4 + TPM_HEADER_SIZE; + head =3D (struct tpm_header *)buf.data; + if (tpm_buf_length(&buf) =3D=3D offset) + head->tag =3D cpu_to_be16(TPM2_ST_NO_SESSIONS); + } tpm_buf_append_u16(&buf, num_bytes); tpm_buf_fill_hmac_session(chip, &buf); err =3D tpm_transmit_cmd(chip, &buf, diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trus= ted-keys/trusted_tpm2.c index e165b117bbca..c414a7006d78 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -482,8 +482,10 @@ static int tpm2_unseal_cmd(struct tpm_chip *chip, struct trusted_key_options *options, u32 blob_handle) { + struct tpm_header *head; struct tpm_buf buf; u16 data_len; + int offset; u8 *data; int rc; =20 @@ -518,8 +520,14 @@ static int tpm2_unseal_cmd(struct tpm_chip *chip, tpm2_buf_append_auth(&buf, options->policyhandle, NULL /* nonce */, 0, 0, options->blobauth, options->blobauth_len); - tpm_buf_append_hmac_session_opt(chip, &buf, TPM2_SA_ENCRYPT, - NULL, 0); + if (tpm2_chip_auth(chip)) { + tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_ENCRYPT, NULL, 0); + } else { + offset =3D buf.handles * 4 + TPM_HEADER_SIZE; + head =3D (struct tpm_header *)buf.data; + if (tpm_buf_length(&buf) =3D=3D offset) + head->tag =3D cpu_to_be16(TPM2_ST_NO_SESSIONS); + } } =20 tpm_buf_fill_hmac_session(chip, &buf); --=20 2.39.5 From nobody Thu Oct 2 05:03:35 2025 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6FF7F3126AD; Mon, 22 Sep 2025 16:43:46 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1758559426; cv=none; b=VJDPXz7ADG/5ri+Oz2tZpXZBNrWj9WK6Vd4lrzH/d6xDFh9RpuyBBmv97thx6qB5r8/DkHUT1He+2g1Hnr/uRR5gjZL10Drze5Bs3SP7UPKB9YnVdIZy7JQNFkwFAMEwVEhfLur3eXN9HsoVZtjVpxCOeA02ShzjHQk4YQJM5Q0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1758559426; c=relaxed/simple; bh=270KFyPEbHS6OLAoXdrYbJe9v20NCmpKDt5TEru0MY8=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=ax0l4o/3NOvhT8tNBEpnnrJyPx4mK7AP+FVHpY6K5nx73qYk2L8DV8P6F2oQHgf3pdomjn0bW2Hmum85pYBoDLQY6EM37DlwzeOcX8CC9b9SMzAgw8lyMgpD7m8u/gKUYdQTdbkc1MZ0TqPJKCNbsxaNA5C2IVH63tFbw6bYIBA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=Pn6Tbe7G; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="Pn6Tbe7G" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9E0EFC4CEF0; Mon, 22 Sep 2025 16:43:45 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1758559426; bh=270KFyPEbHS6OLAoXdrYbJe9v20NCmpKDt5TEru0MY8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Pn6Tbe7G+ItNKCddy6m21L1z+OsXttgayE001/okN7jMXg6lvfluQRGuxMJ/NqPNI LB0PmGdsmB86db8yB87aMsan/GzTyAQOYNbZvENKnvL4GynsMdk9lv+eP3Fhq2WNNV Llz5P1dESoI3o4g8PL+ul9ROQchhvJ7eHBSc7mYvFE+jGzjGBScgJJsd58M2JL9P6n byQfU7gyB+KfIqCweh4k6XEgQPzeyQFlSgA8/YAM4efRTgqa2WM6yhKLu0UrSL2Gli wBGwjb0FJqxGqcAXJsiv/rv8jXWJicbk0TEFyC8evxJWOXdAshUhUjByJbvdg1PxMs KHkAUQ1wvg/EQ== From: Jarkko Sakkinen To: linux-integrity@vger.kernel.org Cc: Jarkko Sakkinen , David Howells , Jarkko Sakkinen , Paul Moore , James Morris , "Serge E. Hallyn" , James Bottomley , Mimi Zohar , keyrings@vger.kernel.org (open list:KEYS/KEYRINGS), linux-security-module@vger.kernel.org (open list:SECURITY SUBSYSTEM), linux-kernel@vger.kernel.org (open list) Subject: [PATCH 4/4] keys, trusted: Remove redundant helper Date: Mon, 22 Sep 2025 19:43:17 +0300 Message-Id: <20250922164318.3540792-5-jarkko@kernel.org> X-Mailer: git-send-email 2.39.5 In-Reply-To: <20250922164318.3540792-1-jarkko@kernel.org> References: <20250922164318.3540792-1-jarkko@kernel.org> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" From: Jarkko Sakkinen tpm2_buf_append_auth has only single call site and most of its parameters are redundant. Open code it to the call site. Remove illegit FIXME comment as there is no categorized bug and replace it with more sane comment about implementation (i.e. "non-opionated inline comment"). Signed-off-by: Jarkko Sakkinen Reviewed-by: Jonathan McDowell --- security/keys/trusted-keys/trusted_tpm2.c | 51 ++++------------------- 1 file changed, 9 insertions(+), 42 deletions(-) diff --git a/security/keys/trusted-keys/trusted_tpm2.c b/security/keys/trus= ted-keys/trusted_tpm2.c index c414a7006d78..8e3b283a59b2 100644 --- a/security/keys/trusted-keys/trusted_tpm2.c +++ b/security/keys/trusted-keys/trusted_tpm2.c @@ -198,36 +198,6 @@ int tpm2_key_priv(void *context, size_t hdrlen, return 0; } =20 -/** - * tpm2_buf_append_auth() - append TPMS_AUTH_COMMAND to the buffer. - * - * @buf: an allocated tpm_buf instance - * @session_handle: session handle - * @nonce: the session nonce, may be NULL if not used - * @nonce_len: the session nonce length, may be 0 if not used - * @attributes: the session attributes - * @hmac: the session HMAC or password, may be NULL if not used - * @hmac_len: the session HMAC or password length, maybe 0 if not used - */ -static void tpm2_buf_append_auth(struct tpm_buf *buf, u32 session_handle, - const u8 *nonce, u16 nonce_len, - u8 attributes, - const u8 *hmac, u16 hmac_len) -{ - tpm_buf_append_u32(buf, 9 + nonce_len + hmac_len); - tpm_buf_append_u32(buf, session_handle); - tpm_buf_append_u16(buf, nonce_len); - - if (nonce && nonce_len) - tpm_buf_append(buf, nonce, nonce_len); - - tpm_buf_append_u8(buf, attributes); - tpm_buf_append_u16(buf, hmac_len); - - if (hmac && hmac_len) - tpm_buf_append(buf, hmac, hmac_len); -} - /** * tpm2_seal_trusted() - seal the payload of a trusted key * @@ -507,19 +477,16 @@ static int tpm2_unseal_cmd(struct tpm_chip *chip, options->blobauth_len); } else { /* - * FIXME: The policy session was generated outside the - * kernel so we don't known the nonce and thus can't - * calculate a HMAC on it. Therefore, the user can - * only really use TPM2_PolicyPassword and we must - * send down the plain text password, which could be - * intercepted. We can still encrypt the returned - * key, but that's small comfort since the interposer - * could repeat our actions with the exfiltrated - * password. + * The policy session is generated outside the kernel, and thus + * the password will end up being unencrypted on the bus, as + * HMAC nonce cannot be calculated for it. */ - tpm2_buf_append_auth(&buf, options->policyhandle, - NULL /* nonce */, 0, 0, - options->blobauth, options->blobauth_len); + tpm_buf_append_u32(&buf, 9 + options->blobauth_len); + tpm_buf_append_u32(&buf, options->policyhandle); + tpm_buf_append_u16(&buf, 0); + tpm_buf_append_u8(&buf, 0); + tpm_buf_append_u16(&buf, options->blobauth_len); + tpm_buf_append(&buf, options->blobauth, options->blobauth_len); if (tpm2_chip_auth(chip)) { tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_ENCRYPT, NULL, 0); } else { --=20 2.39.5