commit | 2149ae0304029034c65eed0e73b63194550e639a | [log] [tgz] |
---|---|---|
author | Andrey Pronin <apronin@google.com> | Fri Jul 23 15:02:46 2021 |
committer | Commit Bot <commit-bot@chromium.org> | Fri Aug 06 01:50:49 2021 |
tree | 612b6a5c8233d074f7c63de6228c3c69f9c9d7e5 | |
parent | 37335af9c5488ed349271a8ba9ff209c940a5e2c [diff] |
tpm2: don't assert on policy sessions in IsAuthValueAvailable This CL fixes the incorrect assert in IsAuthValueAvailable. Before the fix, the code was doing pAssert(!IsPolicySessionRequired(commandCode, sessionIndex)); assuming that we can and should never come to this point with policy session, since entities requiring policy sessions can't have authValues. This is wrong on two accounts: 1) nv indices have authVaues, but e.g. NV_ChangeAuth requires ADMIN auth, and thus policy session, for the affected nv index; 2) it is possible to call IsAuthValueAvailable() with policy session if the policy session is also used as an encrypt/decrypt session (which is allowed): in ParseSessionBuffer(), when it starts decrypting the 1st parameter, if s_decryptSessionIndex != UNDEFINED_INDEX and s_associatedHandles[s_decryptSessionIndex] != TPM_RH_UNASSIGNED, IsAuthValueAvailable() is called regarless the type of the session. This error is fixed in TPM reference code on github.com/microsoft/ms-tpm-20-ref since at least rev 1.38: https://github.com/microsoft/ms-tpm-20-ref/blob/b8e599267381badbe0571f8ace55b28a5f16457c/TPMCmd/tpm/src/main/SessionProcess.c#L295 See also item 2.12 in TPM 2.0 rev 1.16 errata: https://trustedcomputinggroup.org/wp-content/uploads/TPM2.0-Library-Spec-v1.16-Errata_v1.5_09212016.pdf BUG=none TEST=NV_ChangeAuth with a single auth+encrypt+decrypt session Change-Id: Id0abcac078c76918254595b749e5d4aed919b74a Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/tpm2/+/3048088 Tested-by: Andrey Pronin <apronin@chromium.org> Reviewed-by: Vadim Bendebury <vbendeb@chromium.org> Commit-Queue: Mary Ruthven <mruthven@chromium.org>