lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 22 Oct 2014 11:26:46 -0600 From: Jason Gunthorpe <jgunthorpe@...idianresearch.com> To: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com> Cc: Peter Huewe <peterhuewe@....de>, Ashley Lai <ashley@...leylai.com>, Marcel Selhorst <tpmdd@...horst.net>, tpmdd-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org, linux-api@...r.kernel.org, josh.triplett@...el.com, christophe.ricard@...il.com, jason.gunthorpe@...idianresearch.com Subject: Re: [PATCH v1 3/3] tpm: fix multiple race conditions in tpm_ppi.c On Wed, Oct 22, 2014 at 07:23:56PM +0300, Jarkko Sakkinen wrote: > Traversal of the ACPI device tree was not done right. It should lookup > PPI only under the ACPI device that it is associated. Otherwise, it could > match to a wrong PPI interface if there are two TPM devices in the device > tree. > > Removed global ACPI handle and version string from tpm_ppi.c as this > is racy. Instead they should be associated with the chip. > > Moved code just a tiny bit towards two-phase allocation to implement > fix for the PPI race conditions. Not this version.. > Added missing copyright platter to tpm_ppi.c. > > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com> Reviewed-by: Jason Gunthorpe <jgunthorpe@...idianresearch.com> I like this one the most of the three I've seen :) Did you also look in tpm_acpi.c to see if it needs to use acpi_dev_handle somehow too? > + union acpi_object *obj; > + struct kobject *parent = &chip->dev->kobj; Nit, this variable is only used once, it would be clearer to inline > + /* Cache PPI version string. */ > + obj = acpi_evaluate_dsm_typed(chip->acpi_dev_handle, tpm_ppi_uuid, > + TPM_PPI_REVISION_ID, TPM_PPI_FN_VERSION, > + NULL, ACPI_TYPE_STRING); > + if (obj) { > + strlcpy(chip->ppi_version, obj->string.pointer, > + PPI_VERSION_LEN + 1); > + ACPI_FREE(obj); > + } else > + return -ENOMEM; > + > + return chip->acpi_dev_handle ? > + sysfs_create_group(parent, &ppi_attr_grp) : 0; The above sequence can just be: if (!obj) return -ENOMEM; strlcpy(chip->ppi_version, obj->string.pointer, sizeof(chip->ppi_version)); ACPI_FREE(obj); return sysfs_create_group(&chip->dev->kobj, &ppi_attr_grp); Which is more idiomatic. Also remove TPM_PPI_VERSION_LEN, sizeof is better. I know nothing about acpi, but is ENOMEM the right code? I would think acpi_evalute_dsm_typed would also fail if tpm_ppi_uuid is not found?? > + return chip->acpi_dev_handle ? > + sysfs_create_group(parent, &ppi_attr_grp) : 0; dev_handle is already checked to be non 0 > +void tpm_remove_ppi(struct tpm_chip *chip) > + struct kobject *parent = &chip->dev->kobj; Also used only once Jason -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists