All of lore.kernel.org
 help / color / mirror / Atom feed
* [jarkko-tpmdd:tpm2-session 14/14] security/keys/trusted-keys/trusted_tpm2.c:489:21: warning: the comparison will always evaluate as 'true' for the address of 'blobauth' will never be NULL
@ 2025-09-23  5:29 kernel test robot
  0 siblings, 0 replies; only message in thread
From: kernel test robot @ 2025-09-23  5:29 UTC (permalink / raw)
  To: Jarkko Sakkinen; +Cc: oe-kbuild-all

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git tpm2-session
head:   8443d24da35ca59b7be6056fa1ebe74070eb9e4a
commit: 8443d24da35ca59b7be6056fa1ebe74070eb9e4a [14/14] keys, trusted: Remove redundant helper
config: x86_64-rhel-9.4-func (https://download.01.org/0day-ci/archive/20250923/202509230748.evWsUrty-lkp@intel.com/config)
compiler: gcc-14 (Debian 14.2.0-19) 14.2.0
reproduce (this is a W=1 build): (https://download.01.org/0day-ci/archive/20250923/202509230748.evWsUrty-lkp@intel.com/reproduce)

If you fix the issue in a separate patch/commit (i.e. not just a new version of
the same patch/commit), kindly add following tags
| Reported-by: kernel test robot <lkp@intel.com>
| Closes: https://lore.kernel.org/oe-kbuild-all/202509230748.evWsUrty-lkp@intel.com/

All warnings (new ones prefixed by >>):

   security/keys/trusted-keys/trusted_tpm2.c: In function 'tpm2_unseal_cmd':
>> security/keys/trusted-keys/trusted_tpm2.c:489:21: warning: the comparison will always evaluate as 'true' for the address of 'blobauth' will never be NULL [-Waddress]
     489 |                 if (options->blobauth)
         |                     ^~~~~~~
   In file included from security/keys/trusted-keys/trusted_tpm2.c:14:
   include/keys/trusted-type.h:41:23: note: 'blobauth' declared here
      41 |         unsigned char blobauth[TPM_DIGEST_SIZE];
         |                       ^~~~~~~~


vim +489 security/keys/trusted-keys/trusted_tpm2.c

   437	
   438	/**
   439	 * tpm2_unseal_cmd() - execute a TPM2_Unload command
   440	 *
   441	 * @chip: TPM chip to use
   442	 * @payload: the key data in clear and encrypted form
   443	 * @options: authentication values and other options
   444	 * @blob_handle: blob handle
   445	 *
   446	 * Return: 0 on success
   447	 *         -EPERM on tpm error status
   448	 *         < 0 error from tpm_send
   449	 */
   450	static int tpm2_unseal_cmd(struct tpm_chip *chip,
   451				   struct trusted_key_payload *payload,
   452				   struct trusted_key_options *options,
   453				   u32 blob_handle)
   454	{
   455		struct tpm_header *head;
   456		struct tpm_buf buf;
   457		u16 data_len;
   458		int offset;
   459		u8 *data;
   460		int rc;
   461	
   462		rc = tpm2_start_auth_session(chip);
   463		if (rc)
   464			return rc;
   465	
   466		rc = tpm_buf_init(&buf, TPM2_ST_SESSIONS, TPM2_CC_UNSEAL);
   467		if (rc) {
   468			tpm2_end_auth_session(chip);
   469			return rc;
   470		}
   471	
   472		tpm_buf_append_name(chip, &buf, blob_handle, NULL);
   473	
   474		if (!options->policyhandle) {
   475			tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_ENCRYPT,
   476						    options->blobauth,
   477						    options->blobauth_len);
   478		} else {
   479			/*
   480			 * The policy session is generated outside the kernel, and thus
   481			 * the password will end up being unencrypted on the bus, as
   482			 * HMAC nonce cannot be calculated for it.
   483			 */
   484			tpm_buf_append_u32(&buf, 9 + options->blobauth_len);
   485			tpm_buf_append_u32(&buf, options->policyhandle);
   486			tpm_buf_append_u16(&buf, 0);
   487			tpm_buf_append_u8(&buf, 0);
   488			tpm_buf_append_u16(&buf, options->blobauth_len);
 > 489			if (options->blobauth)
   490				tpm_buf_append(&buf, options->blobauth, options->blobauth_len);
   491			if (tpm2_chip_auth(chip)) {
   492				tpm_buf_append_hmac_session(chip, &buf, TPM2_SA_ENCRYPT, NULL, 0);
   493			} else  {
   494				offset = buf.handles * 4 + TPM_HEADER_SIZE;
   495				head = (struct tpm_header *)buf.data;
   496				if (tpm_buf_length(&buf) == offset)
   497					head->tag = cpu_to_be16(TPM2_ST_NO_SESSIONS);
   498			}
   499		}
   500	
   501		tpm_buf_fill_hmac_session(chip, &buf);
   502		rc = tpm_transmit_cmd(chip, &buf, 6, "unsealing");
   503		rc = tpm_buf_check_hmac_response(chip, &buf, rc);
   504	
   505		if (!rc) {
   506			data_len = be16_to_cpup(
   507				(__be16 *) &buf.data[TPM_HEADER_SIZE + 4]);
   508			if (data_len < MIN_KEY_SIZE ||  data_len > MAX_KEY_SIZE) {
   509				rc = -EFAULT;
   510				goto out;
   511			}
   512	
   513			if (tpm_buf_length(&buf) < TPM_HEADER_SIZE + 6 + data_len) {
   514				rc = -EFAULT;
   515				goto out;
   516			}
   517			data = &buf.data[TPM_HEADER_SIZE + 6];
   518	
   519			if (payload->old_format) {
   520				/* migratable flag is at the end of the key */
   521				memcpy(payload->key, data, data_len - 1);
   522				payload->key_len = data_len - 1;
   523				payload->migratable = data[data_len - 1];
   524			} else {
   525				/*
   526				 * migratable flag already collected from key
   527				 * attributes
   528				 */
   529				memcpy(payload->key, data, data_len);
   530				payload->key_len = data_len;
   531			}
   532		}
   533	
   534	out:
   535		tpm_buf_destroy(&buf);
   536		return tpm_ret_to_err(rc);
   537	}
   538	

-- 
0-DAY CI Kernel Test Service
https://github.com/intel/lkp-tests/wiki

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2025-09-23  5:29 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-09-23  5:29 [jarkko-tpmdd:tpm2-session 14/14] security/keys/trusted-keys/trusted_tpm2.c:489:21: warning: the comparison will always evaluate as 'true' for the address of 'blobauth' will never be NULL kernel test robot

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.