tpm: disable the TPM if NULL name changes

Update tpm2_load_context() to return -EINVAL on integrity failures and use this as a signal when loading the NULL context that something might be wrong. If the signal fails, check the name of the NULL primary against the one stored in the chip data and if there is a mismatch disable the TPM because it is likely to have suffered a reset attack. Signed-off-by: James Bottomley <James.Bottomley@HansenPartnership.com> Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Tested-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
author: James Bottomley <James.Bottomley@HansenPartnership.com> 2024-04-29 22:28:11 +0200
committer: Jarkko Sakkinen <jarkko@kernel.org> 2024-05-09 21:30:52 +0200
commit: eb24c9788cd90db397b3e41322aff4a5557623b4 (patch)
tree: 04195ece62ff15a24cafa0fed23ba9c24ca34863 /drivers/char/tpm/tpm-chip.c
parent: Documentation: add tpm-security.rst (diff)
download: linux-eb24c9788cd90db397b3e41322aff4a5557623b4.tar.xz
linux-eb24c9788cd90db397b3e41322aff4a5557623b4.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/drivers/char/tpm/tpm-chip.c b/drivers/char/tpm/tpm-chip.c
index d93937326b2e..854546000c92 100644
--- a/drivers/char/tpm/tpm-chip.c
+++ b/drivers/char/tpm/tpm-chip.c
@@ -158,6 +158,9 @@ int tpm_try_get_ops(struct tpm_chip *chip)
 {
 	int rc = -EIO;
 
+	if (chip->flags & TPM_CHIP_FLAG_DISABLE)
+		return rc;
+
 	get_device(&chip->dev);
 
 	down_read(&chip->ops_sem);
author	James Bottomley <James.Bottomley@HansenPartnership.com>	2024-04-29 22:28:11 +0200
committer	Jarkko Sakkinen <jarkko@kernel.org>	2024-05-09 21:30:52 +0200
commit	eb24c9788cd90db397b3e41322aff4a5557623b4 (patch)
tree	04195ece62ff15a24cafa0fed23ba9c24ca34863 /drivers/char/tpm/tpm-chip.c
parent	Documentation: add tpm-security.rst (diff)
download	linux-eb24c9788cd90db397b3e41322aff4a5557623b4.tar.xz linux-eb24c9788cd90db397b3e41322aff4a5557623b4.zip