From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1750868AbdA0XzX (ORCPT <rfc822;w@1wt.eu>);
        Fri, 27 Jan 2017 18:55:23 -0500
Received: from quartz.orcorp.ca ([184.70.90.242]:47470 "EHLO quartz.orcorp.ca"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1750776AbdA0XzQ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 27 Jan 2017 18:55:16 -0500
Date: Fri, 27 Jan 2017 16:35:13 -0700
From: Jason Gunthorpe <jgunthorpe@obsidianresearch.com>
To: James Bottomley <James.Bottomley@HansenPartnership.com>
Cc: Ken Goldman <kgoldman@us.ibm.com>, tpmdd-devel@lists.sourceforge.net,
        linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [tpmdd-devel] [RFC] tpm2-space: add handling for global session
 exhaustion
Message-ID: <20170127233513.GA28995@obsidianresearch.com>
References: <1484772489.2396.2.camel@HansenPartnership.com>
 <o6gese$pev$1@blaine.gmane.org>
 <1485554699.3229.20.camel@HansenPartnership.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1485554699.3229.20.camel@HansenPartnership.com>
User-Agent: Mutt/1.5.24 (2015-08-30)
X-Broken-Reverse-DNS: no host name found for IP address 10.0.0.156
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, Jan 27, 2017 at 02:04:59PM -0800, James Bottomley wrote:

> if I look at the code I've written, I don't know what the session
> number is, I just save sessionHandle in a variable for later use (lets
> say to v1).  If I got the same session number returned at a later time
> and placed it in v2, all I'd notice is that an authorization using v1
> would fail.

Is there any way that could be used to cause an op thinking it is
using v1 to authorize something it shouldn't?

Jason