From 2ad394d5c029e09d06b9f41f4bdb56e4fa48ee6a Mon Sep 17 00:00:00 2001 From: nagendra modadugu Date: Wed, 18 Jan 2017 14:38:01 -0800 Subject: [PATCH] CR50: have the TPM2 library always use software SHA As discussed in the associated bug, interleaving usage of the key-ladder and the h/w SHA engine is not supported by the underlying hardware. So far this limitation has not been an issue since the key-ladder was not used during run-time, however this is changing with encrypted NVMEM support. Once we can guarantee that the key-ladder will not be invoked between SHA_init() and final(), we can re-enable h/w support for TPM2 code. The performance impact to TPM2 operations is expected to be minor, since the data being hashed is at most a few kB. BRANCH=none BUG=chrome-os-partner:55331 TEST=TCG tests pass Change-Id: Ia0a565af7179d0b3745eb465220ba844feaecb92 Signed-off-by: nagendra modadugu Reviewed-on: https://chromium-review.googlesource.com/430292 Commit-Ready: Marius Schilder Tested-by: Marius Schilder Reviewed-by: Marius Schilder Reviewed-by: Vadim Bendebury --- board/cr50/tpm2/hash.c | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/board/cr50/tpm2/hash.c b/board/cr50/tpm2/hash.c index 6c8ac91f3c..cb52526831 100644 --- a/board/cr50/tpm2/hash.c +++ b/board/cr50/tpm2/hash.c @@ -95,13 +95,19 @@ uint16_t _cpri__StartHash(TPM_ALG_ID alg, BOOL sequence, struct HASH_CTX *ctx = (struct HASH_CTX *) state->state; uint16_t result; + /* NOTE: as per bug http://crosbug.com/p/55331#26 (NVMEM + * encryption), always use the software hash implementation + * for TPM related calculations, since we have no guarantee + * that the key-ladder will not be used between SHA_init() and + * final(). + */ switch (alg) { case TPM_ALG_SHA1: - DCRYPTO_SHA1_init(ctx, sequence); + DCRYPTO_SHA1_init(ctx, 1); result = HASH_size(ctx); break; case TPM_ALG_SHA256: - DCRYPTO_SHA256_init(ctx, sequence); + DCRYPTO_SHA256_init(ctx, 1); result = HASH_size(ctx); break;