| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <33275df6-9ee8-989f-9857-20946fb64b25@linux.microsoft.com>
Date: Fri, 25 Oct 2019 08:58:35 -0700
From: Lakshmi Ramasubramanian <nramas@...ux.microsoft.com>
To: Nayna Jain <nayna@...ux.ibm.com>, linuxppc-dev@...abs.org,
linux-efi@...r.kernel.org, linux-integrity@...r.kernel.org
Cc: linux-kernel@...r.kernel.org,
Michael Ellerman <mpe@...erman.id.au>,
Benjamin Herrenschmidt <benh@...nel.crashing.org>,
Paul Mackerras <paulus@...ba.org>,
Ard Biesheuvel <ard.biesheuvel@...aro.org>,
Jeremy Kerr <jk@...abs.org>,
Matthew Garret <matthew.garret@...ula.com>,
Mimi Zohar <zohar@...ux.ibm.com>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Claudio Carvalho <cclaudio@...ux.ibm.com>,
George Wilson <gcwilson@...ux.ibm.com>,
Elaine Palmer <erpalmer@...ibm.com>,
Eric Ricther <erichte@...ux.ibm.com>,
Oliver O'Halloran <oohall@...il.com>
Subject: Re: [PATCH v5 2/4] powerpc: expose secure variables to userspace via
sysfs
On 10/24/19 5:47 PM, Nayna Jain wrote:
> +static ssize_t size_show(struct kobject *kobj, struct kobj_attribute *attr,
> + char *buf)
> +{
> + uint64_t dsize;
> + int rc;
> +
> + rc = secvar_ops->get(kobj->name, strlen(kobj->name) + 1, NULL, &dsize);
> + if (rc) {
> + pr_err("Error retrieving variable size %d\n", rc);
> + return rc;
> + }
> +
> + rc = sprintf(buf, "%llu\n", dsize);
> +
> + return rc;
> +}
nit: change it to "return sprintf(buf, "%llu\n", dsize);" instead.
> +
> +static ssize_t data_read(struct file *filep, struct kobject *kobj,
> + struct bin_attribute *attr, char *buf, loff_t off,
> + size_t count)
> +{
> + uint64_t dsize;
> + char *data;
> + int rc;
> +
> + rc = secvar_ops->get(kobj->name, strlen(kobj->name) + 1, NULL, &dsize);
> + if (rc) {
> + pr_err("Error getting variable size %d\n", rc);
> + return rc;
> + }
> + pr_debug("dsize is %llu\n", dsize);
> +
> + data = kzalloc(dsize, GFP_KERNEL);
Is there any MAX\MIN limit on dsize that can be returned by secvar_ops?
Is it ok to not validate the dsize
> +
> +static ssize_t update_write(struct file *filep, struct kobject *kobj,
> + struct bin_attribute *attr, char *buf, loff_t off,
> + size_t count)
> +{
> + int rc;
> +
> + pr_debug("count is %ld\n", count);
> + rc = secvar_ops->set(kobj->name, strlen(kobj->name)+1, buf, count);
> + if (rc) {
> + pr_err("Error setting the variable %s\n", kobj->name);
> + return rc;
> + }
> +
> + return count;
> +}
Return value from this function can be a count (of bytes in buf?) or
error code. Could cause confusion.
> +
> +static int secvar_sysfs_load(void)
> +{
> + char *name;
> + uint64_t namesize = 0;
> + struct kobject *kobj;
> + int rc;
> +
> + name = kzalloc(NAME_MAX_SIZE, GFP_KERNEL);
> + if (!name)
> + return -ENOMEM;
> +
> + do {
> + rc = secvar_ops->get_next(name, &namesize, NAME_MAX_SIZE);
> + if (rc) {
> + if (rc != -ENOENT)
> + pr_err("error getting secvar from firmware %d\n",
> + rc);
> + break;
> + }
> +
> + kobj = kzalloc(sizeof(*kobj), GFP_KERNEL);
> + if (!kobj)
> + return -ENOMEM;
Memory allocated for "name" is leaked in this case.
> +
> + kobject_init(kobj, &secvar_ktype);
> +
> + rc = kobject_add(kobj, &secvar_kset->kobj, "%s", name);
> + if (rc) {
> + pr_warn("kobject_add error %d for attribute: %s\n", rc,
> + name);
> + kobject_put(kobj);
> + kobj = NULL;
> + }
> +
> + if (kobj)
> + kobject_uevent(kobj, KOBJ_ADD);
> +
> + } while (!rc);
> +
> + kfree(name);
> + return rc;
> +}
Powered by blists - more mailing lists