lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 Jan 2017 11:44:22 -0700 From: Jason Gunthorpe <jgunthorpe@...idianresearch.com> To: Stefan Berger <stefanb@...ibm.com> Cc: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>, linux-security-module@...r.kernel.org, tpmdd-devel@...ts.sourceforge.net, open list <linux-kernel@...r.kernel.org> Subject: Re: [tpmdd-devel] [PATCH RFC 2/4] tpm: validate TPM 2.0 commands On Wed, Jan 04, 2017 at 01:04:59PM -0500, Stefan Berger wrote: > > @@ -943,7 +943,9 @@ EXPORT_SYMBOL_GPL(tpm2_probe); > > */ > > int tpm2_auto_startup(struct tpm_chip *chip) > > { > > + u32 nr_commands; > > int rc; > > + int i; > > > > rc = tpm_get_timeouts(chip); > > if (rc) > > @@ -967,8 +969,49 @@ int tpm2_auto_startup(struct tpm_chip *chip) > > } > > } > > > > + rc = tpm2_get_tpm_pt(chip, TPM_PT_TOTAL_COMMANDS, &nr_commands, > NULL); > > + if (rc) > > + return rc; > > + > > + chip->cc_attrs_tbl = devm_kzalloc(&chip->dev, 4 * nr_commands, > > + GFP_KERNEL); > For some reason this devm_kzalloc bombs for the vtpm proxy driver. The > only reason I could come up with is that it's being called before > tpm_add_char_device() has been called. It would also fail if nr_commands is wrong, and this should be one of the array safe allocation functions since nr_command is data from the TPM... Jason
Powered by blists - more mailing lists