From: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
To: Stefan Berger <stefanb@linux.vnet.ibm.com>
Cc: tpmdd-devel@lists.sourceforge.net, linux-security-module@vger.kernel.org
Subject: Re: [tpmdd-devel] [PATCH 03/10] tpm: tpm2_pcr_read: check size of response before accessing data
Date: Tue, 10 Jan 2017 09:18:37 -0700 [thread overview]
Message-ID: <20170110161837.GD15493@obsidianresearch.com> (raw)
In-Reply-To: <1484057900-17871-3-git-send-email-stefanb@linux.vnet.ibm.com>
On Tue, Jan 10, 2017 at 09:18:13AM -0500, Stefan Berger wrote:
> Check the size of the response before accessing data in the
> response packet. This is to avoid accessing data beyond the
> end of the response.
IMHO you should chnage the signature for
tpm_transmit_cmd to be:
ssize_t tpm_transmit_cmd(struct tpm_chip *chip,
void *iobuf, size_t tx_len,
size_t min_rx_len,
unsigned int flags,
const char *desc);
And then fold this repeated:
> rc = tpm_transmit_cmd(chip, &cmd, sizeof(cmd), 0,
> "attempting to read a pcr value");
> + if (rc == 0 &&
> + be32_to_cpu(cmd.header.out.length) < TPM2_PCR_READ_OUT_SIZE)
> + return -EFAULT;
test into tpm_transmit_cmd and now we require every single caller to
specify the minimum command length.
You can fold all of that into one patch, IMHO. Easier for stable.
Jason
next prev parent reply other threads:[~2017-01-10 16:18 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-10 14:18 [PATCH 01/10] tpm: Check received number of bytes against length indicator in header Stefan Berger
[not found] ` <1484057900-17871-1-git-send-email-stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
2017-01-10 14:18 ` [PATCH 02/10] tpm: tpm2_get_tpm_pt: check size of response before accessing data Stefan Berger
2017-01-10 14:18 ` [PATCH 03/10] tpm: tpm2_pcr_read: " Stefan Berger
2017-01-10 16:18 ` Jason Gunthorpe [this message]
2017-01-10 14:18 ` [PATCH 04/10] tpm: tpm2_get_random: " Stefan Berger
2017-01-10 14:18 ` [PATCH 06/10] tpm: tpm2_load_cmd: " Stefan Berger
2017-01-10 14:18 ` [PATCH 07/10] tpm: tpm2_unseal_cmd: " Stefan Berger
2017-01-10 14:18 ` [PATCH 08/10] tpm: tpm_getcap: " Stefan Berger
2017-01-10 14:18 ` [PATCH 09/10] tpm: tpm_get_random: " Stefan Berger
2017-01-10 14:18 ` [PATCH 05/10] tpm: tpm2_seal_trusted: " Stefan Berger
2017-01-10 14:18 ` [PATCH 10/10] tpm: tpm_pcr_read_dev: " Stefan Berger
2017-01-10 16:15 ` [tpmdd-devel] [PATCH 01/10] tpm: Check received number of bytes against length indicator in header Jason Gunthorpe
[not found] ` <20170110161519.GC15493-ePGOBjL8dl3ta4EC/59zMFaTQe2KTcn/@public.gmane.org>
2017-01-10 19:59 ` Stefan Berger
2017-01-12 14:45 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170110161837.GD15493@obsidianresearch.com \
--to=jgunthorpe@obsidianresearch.com \
--cc=linux-security-module@vger.kernel.org \
--cc=stefanb@linux.vnet.ibm.com \
--cc=tpmdd-devel@lists.sourceforge.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.