lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <1487177783-15687-1-git-send-email-stefanb@linux.vnet.ibm.com>
Date:   Wed, 15 Feb 2017 11:56:23 -0500
From:   Stefan Berger <stefanb@...ux.vnet.ibm.com>
To:     tpmdd-devel@...ts.sourceforge.net, james.l.morris@...cle.com
Cc:     linux-security-module@...r.kernel.org,
        jarkko.sakkinen@...ux.intel.com, linux-kernel@...r.kernel.org,
        zohar@...ux.vnet.ibm.com,
        Stefan Berger <stefanb@...ux.vnet.ibm.com>
Subject: [PATCH] tpm: Fix expected number of response bytes of TPM1.2 PCR Extend

The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
which is the size of the PCR state.

This fixes a problem where IMA gets errors with every PCR Extend.

Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
Signed-off-by: Stefan Berger <stefanb@...ux.vnet.ibm.com>
Acked-by: Mimi Zohar <zohar@...ibm.com>
---
 drivers/char/tpm/tpm-interface.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 6e368ee..bd2128e 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -767,7 +767,7 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
 
 #define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
 #define EXTEND_PCR_RESULT_SIZE 34
-#define EXTEND_PCR_RESULT_BODY_SIZE 24
+#define EXTEND_PCR_RESULT_BODY_SIZE 20
 static const struct tpm_input_header pcrextend_header = {
 	.tag = TPM_TAG_RQU_COMMAND,
 	.length = cpu_to_be32(34),
-- 
2.4.3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ