pkcs11 C_login issue.

[pchand20]

we found a issue in C_login in a corner case testing. scenerio: InitPin is completed in a previous iteration then when we do opensession in the next run. In that 2nd run we use a pin (to user login)which was not the same length as previous one then this issue bight happen. here is gdb traceback.

(gdb) r Starting program: /host_home/secure_compute/recipe_wip/sample/client warning: Error disabling address space randomization: Operation not permitted [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". INFO on line: "387" in file: "src/pkcs11.c": enter "C_GetFunctionList" INFO on line: "387" in file: "src/pkcs11.c": return "C_GetFunctionList" value: 0 INFO on line: "375" in file: "src/pkcs11.c": enter "C_Initialize" INFO on line: "1697" in file: "src/lib/db.c": Using sqlite3 DB: "/pkcs11_store/tpm2_pkcs11.sqlite3" INFO on line: "1660" in file: "src/lib/db.c": No DB upgrade needed INFO on line: "273" in file: "src/lib/tpm.c": tcti=(null) [New Thread 0x7f3d500ba700 (LWP 14089)] [New Thread 0x7f3d4f8b9700 (LWP 14090)] INFO on line: "273" in file: "src/lib/tpm.c": tcti=(null) INFO on line: "375" in file: "src/pkcs11.c": return "C_Initialize" value: 0 INFO on line: "391" in file: "src/pkcs11.c": enter "C_GetSlotList" INFO on line: "391" in file: "src/pkcs11.c": return "C_GetSlotList" value: 0 slotCount = 2 INFO on line: "391" in file: "src/pkcs11.c": enter "C_GetSlotList" INFO on line: "391" in file: "src/pkcs11.c": return "C_GetSlotList" value: 0 INFO on line: "411" in file: "src/pkcs11.c": enter "C_GetMechanismInfo" WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001c4) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001c4) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) WARNING:esys:src/tss2-esys/api/Esys_TestParms.c:269:Esys_TestParms_Finish() Received TPM Error ERROR:esys:src/tss2-esys/api/Esys_TestParms.c:95:Esys_TestParms() Esys Finish ErrorCode (0x000001e6) INFO on line: "411" in file: "src/pkcs11.c": return "C_GetMechanismInfo" value: 0 INFO on line: "411" in file: "src/pkcs11.c": enter "C_GetMechanismInfo" INFO on line: "411" in file: "src/pkcs11.c": return "C_GetMechanismInfo" value: 0 selected slot: 1 INFO on line: "399" in file: "src/pkcs11.c": enter "C_GetTokenInfo" INFO on line: "399" in file: "src/pkcs11.c": return "C_GetTokenInfo" value: 0 C_GetTokenInfo: rv = 0x00000000 Token already initialized INFO on line: "427" in file: "src/pkcs11.c": enter "C_OpenSession" INFO on line: "427" in file: "src/pkcs11.c": return "C_OpenSession" value: 0 C_OpenSession: rv = 0x00000000 INFO on line: "451" in file: "src/pkcs11.c": enter "C_Login"

Thread 1 "client" received signal SIGSEGV, Segmentation fault. 0x00007f3d547f32a4 in twist_len () from /usr/local/lib/libtpm2_pkcs11.so.0 (gdb) bt

0 0x00007f3d547f32a4 in twist_len () at /usr/local/lib/libtpm2_pkcs11.so.0

1 0x00007f3d547ef6f3 in tpm_loadobj () at /usr/local/lib/libtpm2_pkcs11.so.0

2 0x00007f3d547e9c22 in session_ctx_login () at /usr/local/lib/libtpm2_pkcs11.so.0

3 0x00007f3d547d8703 in C_Login () at /usr/local/lib/libtpm2_pkcs11.so.0

4 0x0000557c0c6d7a64 in main() () at login_issue.c:290

(gdb)

[fishilico]

Hello, to better debug what is going on, could you please provide:

• the version of tpm2-pkcs11 your are using
• the operating system (and Linux distribution, if the OS is Linux) you are using
• the compiler options you used to build tpm2-pkcs11 (or a reference to the package you are using, if you are using a package form a Linux distribution for example)

Moreover the stack trace would be more helpful if libtpm2_pkcs11.so.0 was compiled with debug options (for example with options -g -ggdb3). Are you able to rebuild the library with debug options, trigger the issue again and share the resulting stack trace?

Also, did you write a program which triggers this issue in a deterministic way? If yes, could you please share it, in order to be able to find out what is wrong more quickly?

[pchand20]

could not see in latest release. will let you know if we see it again. for now we assume it fixed.