Re: [RFC PATCH] tpm: don't return -EINVAL if TPM command validation fails
From: Jason Gunthorpe
Date: Sun Nov 19 2017 - 10:27:29 EST
On Sat, Nov 18, 2017 at 01:53:49AM +0100, Javier Martinez Canillas wrote:
> What I fail to understand is why that's not a problem when the TPM spaces
> infrastructure isn't used, tpm_validate_command() function just returns
> true if space is NULL. So when sending command to /dev/tpm0 directly, a
> rogue user-space program can send any arbitrary data to the TPM.
tpm spaces was designed to allow unprivileged user space access to
the TPM so it has additional protection designed to keep the TPM
secure.
Allowing unprivileged user space to send send garbage to the TPM seems
like a good way to trigger a TPM bug in parsing.
When spaces are not used /dev/tpm0 is root only and has full
unrestricted access.
Jason