Skip to content

Ensure PcrSelectionList retains order #236

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Ensure PcrSelectionList retains order #236

wants to merge 1 commit into from

Conversation

puiterwijk
Copy link
Collaborator

PcrSelectionList would (possibly) reorder and merge the different
TPML_PCR_SELECTION entries.
This is not valid in the case where for example the PcrSelectionList is
the result of a pcr_read() call: in that case, the actual PCR values are
in the same order as the TPML_PRC_SELECTION entries.
This means that "subtracting" a PcrSelectionList becomes practically
impossible.

Signed-off-by: Patrick Uiterwijk patrick@puiterwijk.org

@puiterwijk
Ensure PcrSelectionList retains order
7295e2b 
PcrSelectionList would (possibly) reorder and merge the different
TPML_PCR_SELECTION entries.
This is not valid in the case where for example the PcrSelectionList is
the result of a pcr_read() call: in that case, the actual PCR values are
in the same order as the TPML_PRC_SELECTION entries.
This means that "subtracting" a PcrSelectionList becomes practically
impossible.

Signed-off-by: Patrick Uiterwijk <patrick@puiterwijk.org>
@lkatalin lkatalin mentioned this pull request Jul 14, 2021
Merged
@puiterwijk
Copy link
Collaborator Author

puiterwijk commented Jul 14, 2021
edited
Loading

This was causing bugs with attestation where we have two PcrSelection's (one sha256 with some slots, and one sha1 with a slot, due to... reasons).
After parsing the TPML_PCR_SELECTION_LIST to PcrSelectionList and then back for actual transmission, the order would be switched, which caused the receiving side to misinterpret the PcrData fields.

I considered just always serializing sha1 and then sha256, but the ordering of that is up to the TPM, and is arbitrary.
This is the only way that we can ensure that this won't cause issues.

The PcrSelectionListBuilder still uses the HashMap, because the ordering for that doesn't really matter, and that can merge things into as few Selection's as possible without problems.

(I have another PcrData patch inbound tomorrow that will replace its BTreeMap with a Vec<(PcrSlot, PcrValue)>, because the same problem is at risk of happening with that object.)

@puiterwijk puiterwijk mentioned this pull request Jul 15, 2021
Merged
@puiterwijk puiterwijk requested review from Superhepper and ionut-arm and removed request for Superhepper July 15, 2021 09:24
ionut-arm
ionut-arm approved these changes Jul 15, 2021
View reviewed changes
Copy link
Member

@ionut-arm ionut-arm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, but I'm not particularly knowledgeable around this part of the specs. Will let @Superhepper taken a better look.

@ionut-arm
Copy link
Member

Oh, also, this breaks API compatibility, so it'd have to be released in version 6.0.0

@puiterwijk
Copy link
Collaborator Author

I can try to re-add a subtract function to undo the API compatibility, although the semantics of that are... a bit vague in that case.

@Superhepper
Copy link
Collaborator

I am not against this in any way. Though I intended the subtracting method to be used when you were using a selection that was greater then could be read in one go so you easily could find what selection you needed to use next in order to get the rest.

I am not sure if it is an actual case that will happen that often. But if would be nice to have similar convenience function or method some where. But then one needs to figure out how to implement it correctly in order to make play well together with context functions like quote.

@puiterwijk
Copy link
Collaborator Author

@Superhepper Hah! I had not even realized that that's what this was used for, that explains why I recently felt like I was reimplementing this! (I had to do exactly the "reading more than 8 PCRs" usecase the other day).

I'll send a new patch later today that brings back subtract and does the best it can.

@hug-dev
Copy link
Member

hug-dev commented Jul 21, 2021
edited
Loading

Hello!
Just passing by to give a kind notice that we are planning to make a new release (6.0.0 I think since there were breaking changes), in around 10 days (in case you would like this PR in).

@ionut-arm
Copy link
Member

I'm wondering if we could merge this as is, make a new release, and then bring back subtract in a minor release when the implementation is ready. Would that work for you, @Superhepper, @puiterwijk ?

@Superhepper
Copy link
Collaborator

Yeah that is absolutely fine with me.

@hug-dev
Copy link
Member

hug-dev commented Aug 3, 2021

Your commit was merged in #243 so that we can go ahead with the release, feel free to add the substract method in a new PR!

@hug-dev hug-dev closed this Aug 3, 2021
@Superhepper Superhepper mentioned this pull request Sep 25, 2021
Closed
tgonzalezorlandoarm pushed a commit to tgonzalezorlandoarm/rust-tss-esapi that referenced this pull request Mar 14, 2024
@hug-dev
Merge pull request parallaxsecond#236 from hug-dev/docs
cd178de 
Add missing_docs lint and missing docs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Superhepper Superhepper Superhepper approved these changes

@ionut-arm ionut-arm ionut-arm approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@puiterwijk @ionut-arm @Superhepper @hug-dev