From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751328AbdBAT0U (ORCPT <rfc822;w@1wt.eu>);
        Wed, 1 Feb 2017 14:26:20 -0500
Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:40386 "EHLO
        mx0a-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-FAIL)
        by vger.kernel.org with ESMTP id S1751053AbdBAT0S (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 1 Feb 2017 14:26:18 -0500
Subject: Re: Fwd: Re: [tpmdd-devel] [PATCH v9 2/2] tpm: add securityfs
 support,for TPM 2.0 firmware event log
To: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
References: <de409ad1-de39-20d2-bda6-5d2a965e7256@linux.vnet.ibm.com>
 <CALAzByG474T_qSJ0Kry1LiNSsCQAHUagqcqtR_CnpporicZrdg@mail.gmail.com>
 <588F09A2.4090502@linux.vnet.ibm.com>
 <20170131174659.b6njebycqzd5ur6f@intel.com>
 <5890DAFC.9030407@linux.vnet.ibm.com>
 <20170131205006.fljtxsy4s6lyhkvv@intel.com>
 <20170201144837.aenzg5cauzl2ofbt@intel.com>
 <20170201145430.s336rtavopx4k5r2@intel.com>
Cc: Kenneth Goldman <kgoldman@us.ibm.com>,
        "moderated list:TPM DEVICE DRIVER" 
        <tpmdd-devel@lists.sourceforge.net>,
        open list <linux-kernel@vger.kernel.org>,
        linux-security-module@vger.kernel.org
From: Nayna <nayna@linux.vnet.ibm.com>
Date: Thu, 2 Feb 2017 00:55:41 +0530
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <20170201145430.s336rtavopx4k5r2@intel.com>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
X-TM-AS-GCONF: 00
X-Content-Scanned: Fidelis XPS MAILER
x-cbid: 17020119-0056-0000-0000-000002A4B8A2
X-IBM-SpamModules-Scores: 
X-IBM-SpamModules-Versions: BY=3.00006538; HX=3.00000240; KW=3.00000007;
 PH=3.00000004; SC=3.00000201; SDB=6.00815819; UDB=6.00398324; IPR=6.00593260;
 BA=6.00005108; NDR=6.00000001; ZLA=6.00000005; ZF=6.00000009; ZB=6.00000000;
 ZP=6.00000000; ZH=6.00000000; ZU=6.00000002; MB=3.00014140; XFM=3.00000011;
 UTC=2017-02-01 19:26:14
X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused
x-cbparentid: 17020119-0057-0000-0000-000006D9BC8A
Message-Id: <58923635.8060004@linux.vnet.ibm.com>
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:,, definitions=2017-02-01_14:,,
 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 spamscore=0 suspectscore=0
 malwarescore=0 phishscore=0 adultscore=0 bulkscore=0 classifier=spam
 adjust=0 reason=mlx scancount=1 engine=8.0.1-1612050000
 definitions=main-1702010191
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 02/01/2017 08:24 PM, Jarkko Sakkinen wrote:
> On Wed, Feb 01, 2017 at 04:48:37PM +0200, Jarkko Sakkinen wrote:
>> On Tue, Jan 31, 2017 at 10:50:06PM +0200, Jarkko Sakkinen wrote:
>>> On Wed, Feb 01, 2017 at 12:14:12AM +0530, Nayna wrote:
>>>>> I already sent my pull request to 4.11 and even today I found something
>>>>> fishy. You declared a function local array by using a variable in "tpm:
>>>>> enhance TPM 2.0 PCR extend to support multiple banks" (max_active_banks
>>>>> or something). And the event log patches have just passed the review.
>>>>
>>>> Yes. I have checked using clang and it has passed the clang.. and I also
>>>> verified there were no complains during build.
>>>
>>> What we can deduce from that is that they didn't expose the issue in
>>> question.
>>>
>>> I found this by running sparse with make C=2 M=drives/char/tpm
>>>
>>>> What type of problem do you see ?
>>>
>>> It is disallowed to do stack allocation in the kernel code even if C
>>> standard would allow it. Stack is scarce resource so you need to know
>>> its usage at compile time.
>>>
>>> In this case you actually know the allocation because the value is not
>>> changed during the course of the function but it is still bad. Probably
>>> compiler will optimize it out. Still it is not a good practice.
>>>
>>>> Also, to understand, this is related to multi-bank patchset. I mean how does
>>>> it affect for event log patchset ?
>>>
>>> Well in both cases these have landed fairly late but I asked from James
>>> whether I'll have to postpone these to 4.12.
>>>
>>> Usually when I've sent my release pull request I do not want to make any
>>> radical changes to the codebase because they always require extra QA and
>>> thus take extra time.
>>
>> rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0, 0,
>> 		      "attempting extend a PCR value");
>>
>> This should be
>>
>> rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, 0, 0,
>> 		      "attempting extend a PCR value");
>>
>> The second parameter is the size of the buffer, not length of the input
>> data.
>>
>> /Jarkko
>
> As a sanity check can you test these commits and see if they still
> work for you as I've done now some updates to them? Thanks.

Thanks Jarkko, yes I tested for both multi-bank patches and event log.
Its working fine.

Thanks & Regards,
    - Nayna

>
> /Jarkko
>