Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tpm2: fix dangling loaded session after tpm2_createpolicy #484

Merged
merged 1 commit into from
Oct 8, 2024

Conversation

oldium
Copy link
Contributor

@oldium oldium commented Oct 5, 2024

Clevis cleans the context regurarly from transient objects by invoking tpm2_flushcontext -t, but there is one case which Clevis omits. The tpm2_createpolicy command loads new session and this needs to be cleaned by a call to tpm2_flushcontext -l, see tpm2-software/tpm2-tools#3427.

This is usually not an issue when resource manager is used (i.e. with /dev/tpmrm0 device), but when raw TPM device /dev/tpm0 or software TPM (swtpm) without resource manager is used, the usage of clevis (multiple calls are required) ends with the following error:

WARNING:esys:src/tss2-esys/api/Esys_StartAuthSession.c:390:Esys_StartAuthSession_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_StartAuthSession.c:136:Esys_StartAuthSession() Esys Finish ErrorCode (0x00000903)
ERROR: Esys_StartAuthSession(0x903) - tpm:warn(2.0): out of memory for session contexts
ERROR: Unable to run tpm2_create

Clevis cleans the context regurarly from transient objects by invoking
`tpm2_flushcontext -t`, but there is one case which Clevis omits. The
`tpm2_createpolicy` command loads new session and this needs to be cleaned
by a call to `tpm2_flushcontext -l`, see [1].

This is usually not an issue when resource manager is used (i.e. with
`/dev/tpmrm0` device), but when raw TPM device `/dev/tpm0` or software TPM
(swtpm) without resource manager is used, the usage of clevis ends with
the following error:

```
WARNING:esys:src/tss2-esys/api/Esys_StartAuthSession.c:390:Esys_StartAuthSession_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_StartAuthSession.c:136:Esys_StartAuthSession() Esys Finish ErrorCode (0x00000903)
ERROR: Esys_StartAuthSession(0x903) - tpm:warn(2.0): out of memory for session contexts
```

[1] tpm2-software/tpm2-tools#3427

Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
@oldium
Copy link
Contributor Author

oldium commented Oct 5, 2024

It seems they will be fixing the behaviour of tpm2-createpolicy (see tpm2-software/tpm2-tools#3427 (comment)), but in order to have this working with older versions, I would keep the workaround with tpm2_flushcontext -l for now.

@oldium
Copy link
Contributor Author

oldium commented Oct 7, 2024

Reproduction with clevis is actually simple - either use swtpm (I discovered this with swtpm originally) or raw TPM device (/dev/tpm0) and run tpm2 pin tests. Or the following:

# export TPM2TOOLS_TCTI=device:/dev/tpm0
# tpm2_getcap pcrs
selected-pcrs:
  - sha1: [ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 ]
  - sha256: [ 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23 ]
# echo "test" | clevis encrypt tpm2 '{"pcr_ids":"23"}' | clevis decrypt
test
# echo "test" | clevis encrypt tpm2 '{"pcr_ids":"23"}' | clevis decrypt
test
# echo "test" | clevis encrypt tpm2 '{"pcr_ids":"23"}' | clevis decrypt
WARNING:esys:src/tss2-esys/api/Esys_StartAuthSession.c:390:Esys_StartAuthSession_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_StartAuthSession.c:136:Esys_StartAuthSession() Esys Finish ErrorCode (0x00000903)
ERROR: Esys_StartAuthSession(0x903) - tpm:warn(2.0): out of memory for session contexts
ERROR: Unable to run tpm2_create
Creating TPM2 object for jwk failed!

Copy link
Collaborator

@sarroutbi sarroutbi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for your PR, @oldium . Sorry for my ignorance but ... is it necessary to call it twice? Is not a call to this command valid?:

tpm2_flushcontext -t -l

@oldium
Copy link
Contributor Author

oldium commented Oct 7, 2024

Thanks for your PR, @oldium . Sorry for my ignorance but ... is it necessary to call it twice? Is not a call to this command valid?:

tpm2_flushcontext -t -l

Your question is right on target, I have checked exactly that. 😁 This is supported since tpm2-tools 5.3, but unfortunately Debian 11 ships tpm2-tools 5.0...

@oldium
Copy link
Contributor Author

oldium commented Oct 7, 2024

@sarroutbi But meson could check for that, safe command to execute is:

TPM2TOOLS_TCTI=none tpm2_flushcontext -t -l

When it reports ERROR: Options -t, -l and -s are mutually exclusive, the flushing combo is not supported. And it is forwards compatible, so any update to tpm2-tools in future cannot break the current clevis release.

The correct command/sequence can be generated during build (with configure_file). What do you think?

@sarroutbi
Copy link
Collaborator

@sarroutbi But meson could check for that, safe command to execute is:

TPM2TOOLS_TCTI=none tpm2_flushcontext -t -l

When it reports ERROR: Options -t, -l and -s are mutually exclusive, the flushing combo is not supported. And it is forwards compatible, so any update to tpm2-tools in future cannot break the current clevis release.

The correct command/sequence can be generated during build (with configure_file). What do you think?

Thanks for clarifying. In that case, I would keep it as it is now.

Copy link
Collaborator

@sarroutbi sarroutbi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sarroutbi sarroutbi merged commit 4b754bd into latchset:master Oct 8, 2024
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants