From: Mimi Zohar <zohar@linux.vnet.ibm.com>
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Cc: Peter Huewe <peterhuewe@gmx.de>,
Marcel Selhorst <tpmdd@selhorst.net>,
David Howells <dhowells@redhat.com>,
Jonathan Corbet <corbet@lwn.net>,
David Safford <safford@us.ibm.com>,
James Morris <james.l.morris@oracle.com>,
"Serge E. Hallyn" <serge@hallyn.com>,
"open list:KEYS-TRUSTED" <linux-security-module@vger.kernel.org>,
"open list:KEYS-TRUSTED" <keyrings@vger.kernel.org>,
open list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v2 1/3] keys, trusted: fix: *do not* allow duplicate key options
Date: Mon, 14 Dec 2015 08:46:33 -0500 [thread overview]
Message-ID: <1450100793.2702.42.camel@linux.vnet.ibm.com> (raw)
In-Reply-To: <1450021353-8775-2-git-send-email-jarkko.sakkinen@linux.intel.com>
On Sun, 2015-12-13 at 17:42 +0200, Jarkko Sakkinen wrote:
> The trusted keys option parsing allows specifying the same option
> multiple times. The last option value specified is used.
>
> This can be seen as a regression because:
>
> * No gain.
> * Could be problematic if there is be options dependent on other
> options.
Thanks, Jarkko. Although it should be obvious that patch limits the
number of times an option can be specified, you should explicitly
mention it in the patch description.
Mimi
> Reported-by: James Morris James Morris <jmorris@namei.org>
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> ---
> security/keys/trusted.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/security/keys/trusted.c b/security/keys/trusted.c
> index 903dace..7c183c7 100644
> --- a/security/keys/trusted.c
> +++ b/security/keys/trusted.c
> @@ -736,11 +736,14 @@ static int getoptions(char *c, struct trusted_key_payload *pay,
> int res;
> unsigned long handle;
> unsigned long lock;
> + unsigned long token_mask = 0;
>
> while ((p = strsep(&c, " \t"))) {
> if (*p == '\0' || *p == ' ' || *p == '\t')
> continue;
> token = match_token(p, key_tokens, args);
> + if (test_and_set_bit(token, &token_mask))
> + return -EINVAL;
>
> switch (token) {
> case Opt_pcrinfo:
next prev parent reply other threads:[~2015-12-14 13:47 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-13 15:42 [PATCH v2 0/3] TPM 2.0 trusted key features for v4.5 Jarkko Sakkinen
2015-12-13 15:42 ` [PATCH v2 1/3] keys, trusted: fix: *do not* allow duplicate key options Jarkko Sakkinen
2015-12-14 13:46 ` Mimi Zohar [this message]
2015-12-14 14:54 ` Jarkko Sakkinen
2015-12-13 15:42 ` [PATCH v2 2/3] keys, trusted: select hash algorithm for TPM2 chips Jarkko Sakkinen
2015-12-13 15:42 ` [PATCH v2 3/3] keys, trusted: seal with a TPM2 authorization policy Jarkko Sakkinen
2015-12-14 13:49 ` Mimi Zohar
2015-12-14 14:56 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1450100793.2702.42.camel@linux.vnet.ibm.com \
--to=zohar@linux.vnet.ibm.com \
--cc=corbet@lwn.net \
--cc=dhowells@redhat.com \
--cc=james.l.morris@oracle.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=peterhuewe@gmx.de \
--cc=safford@us.ibm.com \
--cc=serge@hallyn.com \
--cc=tpmdd@selhorst.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox