Re: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails

From: Jason Gunthorpe
Date: Sun Nov 19 2017 - 10:27:29 EST

Next message: Jonathan Cameron: "Re: [PATCH] staging: iio: ad7152: Improve unlocking of a mutex in ad7152_start_calib()"
Previous message: Jon Mason: "[GIT PULL] NTB bug fixes for v4.15"
In reply to: Javier Martinez Canillas: "Re: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails"
Next in thread: Javier Martinez Canillas: "Re: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, Nov 18, 2017 at 01:53:49AM +0100, Javier Martinez Canillas wrote:

> What I fail to understand is why that's not a problem when the TPM spaces
> infrastructure isn't used, tpm_validate_command() function just returns
> true if space is NULL. So when sending command to /dev/tpm0 directly, a
> rogue user-space program can send any arbitrary data to the TPM.

tpm spaces was designed to allow unprivileged user space access to
the TPM so it has additional protection designed to keep the TPM
secure.

Allowing unprivileged user space to send send garbage to the TPM seems
like a good way to trigger a TPM bug in parsing.

When spaces are not used /dev/tpm0 is root only and has full
unrestricted access.

Jason

Next message: Jonathan Cameron: "Re: [PATCH] staging: iio: ad7152: Improve unlocking of a mutex in ad7152_start_calib()"
Previous message: Jon Mason: "[GIT PULL] NTB bug fixes for v4.15"
In reply to: Javier Martinez Canillas: "Re: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails"
Next in thread: Javier Martinez Canillas: "Re: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]