lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240906202745.11159-1-gourry@gourry.net>
Date: Fri,  6 Sep 2024 16:27:39 -0400
From: Gregory Price <gourry@...rry.net>
To: linux-efi@...r.kernel.org
Cc: linux-kernel@...r.kernel.org,
	ardb@...nel.org,
	leitao@...ian.org,
	usamaarif642@...il.com,
	sathyanarayanan.kuppuswamy@...ux.intel.com,
	ilias.apalodimas@...aro.org
Subject: [PATCH 0/6] libstub,tpm: fix small bugs and improve error reporting

The efi/tpm code has a number of small signed/unsigned bugs and
inaccuracies are prone to cause further bugs in a difficult to
debug manner.  For example, there is a signed/unsigned mismatch
in efi/tpm.c that leads to a memblock_reserve on a range with
an effectively negative length.

Additionally, there are silently ignored error conditions that are
better explicitly reported.

Finally, there exists some bad interaction between tpm and kexec
that causes the log version and the log size to become corrupted.
The log size cannot be reasonably sanity checked, as the value is
a u32 and there is no defined max-size per the spec - however the
version can at least be sanity checked. This reports the error and
avoids calling memblock_reserve with clearly corrupted arguments.

Signed-off-by: Gregory Price <gourry@...rry.net>

Gregory Price (6):
  tpm: fix signed/unsigned bug when checking event logs
  tpm: do not ignore memblock_reserve return value
  libstub,tpm: provide indication of failure when getting event log
  tpm: sanity check the log version before using it
  tpm: fix unsigned/signed mismatch errors related to
    __calc_tpm2_event_size
  libstub,tpm: do not ignore failure case when reading final event log

 drivers/firmware/efi/libstub/tpm.c | 14 ++++++++----
 drivers/firmware/efi/tpm.c         | 34 +++++++++++++++++++++---------
 include/linux/tpm_eventlog.h       |  2 +-
 3 files changed, 35 insertions(+), 15 deletions(-)

-- 
2.43.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ