| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aNNKAIbzki-a121p@kernel.org> Date: Wed, 24 Sep 2025 04:31:44 +0300 From: Jarkko Sakkinen <jarkko@...nel.org> To: linux-integrity@...r.kernel.org Cc: Stefano Garzarella <sgarzare@...hat.com>, David Howells <dhowells@...hat.com>, Paul Moore <paul@...l-moore.com>, James Morris <jmorris@...ei.org>, "Serge E. Hallyn" <serge@...lyn.com>, "open list:KEYS/KEYRINGS" <keyrings@...r.kernel.org>, "open list:SECURITY SUBSYSTEM" <linux-security-module@...r.kernel.org>, open list <linux-kernel@...r.kernel.org> Subject: Re: [PATCH v11 0/3] tpm: robust stack allocations On Tue, Sep 23, 2025 at 08:07:41PM +0300, Jarkko Sakkinen wrote: > 1. These are previous changes to tpm_buf, which make stack allocations > much more feasible than previously. > 2. Migrate low-hanging fruit to use stack allocations. > 3. Re-orchestrate tpm_get_random(). > > Jarkko Sakkinen (3): > tpm: Make TPM buffer allocations more robust > tpm: Use TPM_MIN_BUF_SIZE in driver commands > tpm orchestrate tpm_get_random() in the function I'm quite soon sending v12 because I randomly noticed a resource over-cosumption bug. which could be theoretically triggered e.g. via interposing a bus or a faulty device: tpm2_get_pcr_allocation() does not have a hard limit for the number of PCR banks. The fix: https://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd.git/commit/?h=tpm-buf&id=3d92f14c204d09babadaa0b7c7a82c40d11696d0 It does a bit of extra (out of scope) grouping those related constants but I'd like to keep it that way (should not cause much harm in the context of merge conflicts). BR, Jarkko
Powered by blists - more mailing lists