lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Yzy2STXGSBmSLhmA@kernel.org>
Date:   Wed, 5 Oct 2022 01:40:09 +0300
From:   Jarkko Sakkinen <jarkko@...nel.org>
To:     Morten Linderud <morten@...derud.pw>
Cc:     Peter Huewe <peterhuewe@....de>, Jason Gunthorpe <jgg@...pe.ca>,
        Stefan Berger <stefanb@...ux.ibm.com>,
        linux-integrity@...r.kernel.org, linux-kernel@...r.kernel.org,
        Oleksandr Natalenko <oleksandr@...alenko.name>
Subject: Re: [PATCH] tpm/eventlog: Don't abort tpm_read_log on faulty ACPI
 config

On Mon, Sep 20, 2021 at 10:34:47PM +0200, Morten Linderud wrote:
> Some vendors report faulty values in the acpi TPM2 table. This causes

s/acpi/ACPI/

> the function to abort with EIO and essentially short circuits the

s/the function/tpm_read_log()/

> tpm_read_log function as we never even attempt to read the EFI
> configuration table for a log.

> 
> This changes the condition to only look for a positive return value,
> else hands over the eventlog discovery to the EFI configuration table
> which should hopefully work better.

Please, write in imperative ("Change...").

Also exlicitly state how are you changing the check for
tpm_read_log_acpi() in tpm_read_log().

You could *even* have a snippet how the checks change
here for clarity.

> It's unclear to me if there is a better solution to this then just
> failing. However, I do not see any clear reason why we can't properly
> fallback to the EFI configuration table.

This paragraph should not be part of the commit message.

Rest of the commit message made sense can you add also fixes tag
as this is clearly a bug fix?

Also, please remove the two spurious diff's from the commit that
are not relevant for a stable bug fix (pr_warn() and comment
removal).

BR, Jarkko

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ