lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 23 Oct 2021 03:44:01 +0300
From:   Jarkko Sakkinen <>
Subject: Re: [PATCH v16 1/6] tpm_tis: Fix expected bit handling and send all
 bytes in one shot without last byte in exception

On Thu, 2021-10-21 at 15:05 +0300, wrote:
> From: Amir Mizinski <>
> Detected an incorrect implementation of the send command.

Nit: please just remove this sentence.

It tells nothing.

> Currently, the driver polls the TPM_STS.stsValid field until TRUE; then it
> reads TPM_STS register again to verify only that TPM_STS.expect field is
> FALSE (i.e., it ignores TPM_STS.stsValid).
> Since TPM_STS.stsValid represents the TPM_STS.expect validity, a check of
> only one of these fields is wrong. Fix this condition so that both fields
> are checked in the same TPM_STS register read.
> Modify the signature of 'wait_for_tpm_stat()', adding an additional

Remove single quotes from functions, e.g. just write

> "result" parameter to its call.
> 'wait_for_tpm_stat()' is now polling the TPM_STS with a mask and waits
> for the value in result. This modification adds the ability to check if
> certain TPM_STS bits have been cleared.
> For example, use the new parameter to check in status that TPM_STS_VALID
> is set and also that TPM_STS_EXPECT is zeroed. This prevents a racy
> check.
> In addition, the send command was changed to comply with
> TCG_DesignPrinciples_TPM2p0Driver_vp24_pubrev.pdf as follows:
> - send all command bytes in one loop

What does this mean? Also, please write proper sentences with
the first letter capitalized etc. Also, I'm missing what is the
thing that this patch is complying with, and why we should care?

A bug fix should never do anything else than fix a bug.

> - remove special handling of the last byte

I have no idea what you mean by send command. Please, refer
to some thing that exists, e.g. a function or what ever.

Nit: try not to use passive form in a commit message. E.g.
"Change ... to comply with" would be better.

> Fixes: 27084efee0c3 (tpm: driver for next generation TPM chips)

This is incorrectly formatted, it is missing double quotes. Have you run
your patches through  Please review "Describe your
changes" section from Documentation/SubmittingPatches.


Powered by blists - more mailing lists