lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160715193143.GA7052@apronin>
Date:	Fri, 15 Jul 2016 12:31:43 -0700
From:	Andrey Pronin <apronin@...omium.org>
To:	Jason Gunthorpe <jgunthorpe@...idianresearch.com>
Cc:	Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>,
	Peter Huewe <peterhuewe@....de>,
	Marcel Selhorst <tpmdd@...horst.net>,
	tpmdd-devel@...ts.sourceforge.net, linux-kernel@...r.kernel.org,
	groeck@...omium.org, smbarber@...omium.org, dianders@...omium.org
Subject: Re: [PATCH 2/2] tpm: fix byte-order for the value read by
 tpm2_get_tpm_pt

On Thu, Jul 14, 2016 at 09:35:53PM -0600, Jason Gunthorpe wrote:
> On Thu, Jul 14, 2016 at 08:17:01PM -0700, Andrey Pronin wrote:
> > conversion. The only place tpm2_get_tpm_pt() was used before was in
> > tpm2_gen_interrupt, which discarded the result. So, nobody noticed,
> > I guess.
> 
> If you have a moment can you run sparse on this file before/after this
> change and make sure it did complain and that there are not other
> endian errors?
> 

I ran sparse. In my case it didn't complain before or after the change.
It only complains about using cpu_to_be32() in tpm_capabilities and
tpm_sub_capabilities enum in tpm.h and the use of those enums in
tpm_getcap() in tpm-interface.c

I even tried changing the code there to
	__be32 vv = cmd.params.get_tpm_pt_out.value;
	u32 ret = vv;
to make it clear what's going on. Still, no complaints from sparse.

be32_to_cpu() should cleary be done in this case, though. As value
is defined as __be32 in struct tpm2_get_tpm_pt_out, and we return u32
in that parameter from tpm2_get_tpm_pt(). Plus, it's consistent with
the spec. It's just nobody has used this value yet in the existing
code, thus it went unnoticed.

To address "no dead code" comment, I'll drop defining various tpm2
properties and bits from this patchset and move it to the sysfs for
tpm2 patchset where they'll be needed for tpm2-specific attributes.
But this fix is valid on its own in my opinion.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ