Re: [Trustedjava-support] Locality- and PCR-based access control for NV RAM

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hello again. :)

I follow-up with a second question that is different, but related.
Here I try to define space that exclusively depends upon the value of
PCR 10:

jtt nv_definespace --index 0x00011222 --size 64 -o tpm -e ASCII -p 10
-w --permission 0x00000000

14:05:13:544 [INFO] NvDefineSpace::execute (146):       Defining NV
space to depend on pcr: 10
iaik.tc.tss.api.exceptions.tcs.TcTcsException:
TSS Error:
error layer:                0x3000 (TSP)
error code (without layer): 0x03
error code (full):          0x3003
error message: unknown
additional info: no write permissions set

        at iaik.tc.tss.impl.java.tsp.TcNvRam.defineSpace(TcNvRam.java:168)
        at iaik.tc.apps.jtt.tboot.NvDefineSpace.execute(NvDefineSpace.java:240)
        at iaik.tc.utils.cmdline.SubCommand.run(SubCommand.java:69)
        at iaik.tc.utils.cmdline.SubCommandParser.parse(SubCommandParser.java:41)
        at iaik.tc.apps.JTpmTools.main(JTpmTools.java:198)

14:05:13:778 [ERROR] JTpmTools::main (209):     application exits with error:
TSS Error:
error layer:                0x3000 (TSP)
error code (without layer): 0x03
error code (full):          0x3003
error message: unknown
additional info: no write permissions set
 (return: -1)

In jtss_tsp/src/iaik/tc/tss/impl/java/tsp/TcNvRam.java, we see that
this is an exception that is thrown if no write permissions are set:

if (((permissions & TcTpmConstants.TPM_NV_PER_AUTHWRITE) == 0)
                                && ((permissions &
TcTpmConstants.TPM_NV_PER_OWNERWRITE) == 0)
                                && ((permissions &
TcTpmConstants.TPM_NV_PER_WRITEDEFINE) == 0)
                                && ((permissions &
TcTpmConstants.TPM_NV_PER_PPWRITE) == 0)
                                && !writeLocalities) {
                        throw new
TcTcsException(TcTcsErrors.TCS_E_BAD_PARAMETER,
                                        "no write permissions set");
                }

Again, what's the problem?  I did specify PCR-based access control for
writing.  Is there any fundamental reason why this shouldn't work?
The only thing I can think of is that NV space without any access
control might be more susceptible to malicious wear-out.

For both this and my previous message, I am happy to augment the code
with a patch that adds a check for a non-empty set of PCR-based
restrictions for writing.  From a design perspective, is there any
reason that this is not an acceptable set of restrictions?

Again, many thanks for your time and attention.
-Jon