tpm: disable the TPM if NULL name changes
authorJames Bottomley <James.Bottomley@HansenPartnership.com>
Mon, 29 Apr 2024 20:28:11 +0000 (16:28 -0400)
committerJarkko Sakkinen <jarkko@kernel.org>
Thu, 9 May 2024 19:30:52 +0000 (22:30 +0300)
commiteb24c9788cd90db397b3e41322aff4a5557623b4
tree04195ece62ff15a24cafa0fed23ba9c24ca34863
parent3d2daf9d592e435c46a91841602e52ecbad48602
tpm: disable the TPM if NULL name changes

Update tpm2_load_context() to return -EINVAL on integrity failures and
use this as a signal when loading the NULL context that something
might be wrong.  If the signal fails, check the name of the NULL
primary against the one stored in the chip data and if there is a
mismatch disable the TPM because it is likely to have suffered a reset
attack.

Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
drivers/char/tpm/tpm-chip.c
drivers/char/tpm/tpm2-sessions.c
drivers/char/tpm/tpm2-space.c
include/linux/tpm.h