* [PATCH] tpm: Fix expected number of response bytes of TPM1.2 PCR Extend
@ 2017-02-15 16:56 Stefan Berger
2017-02-15 18:09 ` Jarkko Sakkinen
0 siblings, 1 reply; 7+ messages in thread
From: Stefan Berger @ 2017-02-15 16:56 UTC (permalink / raw)
To: tpmdd-devel, james.l.morris
Cc: linux-security-module, jarkko.sakkinen, linux-kernel, zohar,
Stefan Berger
The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
which is the size of the PCR state.
This fixes a problem where IMA gets errors with every PCR Extend.
Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
Acked-by: Mimi Zohar <zohar@us.ibm.com>
---
drivers/char/tpm/tpm-interface.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
index 6e368ee..bd2128e 100644
--- a/drivers/char/tpm/tpm-interface.c
+++ b/drivers/char/tpm/tpm-interface.c
@@ -767,7 +767,7 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
#define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
#define EXTEND_PCR_RESULT_SIZE 34
-#define EXTEND_PCR_RESULT_BODY_SIZE 24
+#define EXTEND_PCR_RESULT_BODY_SIZE 20
static const struct tpm_input_header pcrextend_header = {
.tag = TPM_TAG_RQU_COMMAND,
.length = cpu_to_be32(34),
--
2.4.3
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH] tpm: Fix expected number of response bytes of TPM1.2 PCR Extend
2017-02-15 16:56 [PATCH] tpm: Fix expected number of response bytes of TPM1.2 PCR Extend Stefan Berger
@ 2017-02-15 18:09 ` Jarkko Sakkinen
[not found] ` <20170215180903.3simazptqnlhbqi6-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-02-17 12:46 ` Mimi Zohar
0 siblings, 2 replies; 7+ messages in thread
From: Jarkko Sakkinen @ 2017-02-15 18:09 UTC (permalink / raw)
To: Stefan Berger
Cc: tpmdd-devel, james.l.morris, linux-security-module, linux-kernel, zohar
On Wed, Feb 15, 2017 at 11:56:23AM -0500, Stefan Berger wrote:
> The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
> which is the size of the PCR state.
>
> This fixes a problem where IMA gets errors with every PCR Extend.
>
> Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
> Acked-by: Mimi Zohar <zohar@us.ibm.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
/Jarkko
> ---
> drivers/char/tpm/tpm-interface.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
> index 6e368ee..bd2128e 100644
> --- a/drivers/char/tpm/tpm-interface.c
> +++ b/drivers/char/tpm/tpm-interface.c
> @@ -767,7 +767,7 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
>
> #define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
> #define EXTEND_PCR_RESULT_SIZE 34
> -#define EXTEND_PCR_RESULT_BODY_SIZE 24
> +#define EXTEND_PCR_RESULT_BODY_SIZE 20
> static const struct tpm_input_header pcrextend_header = {
> .tag = TPM_TAG_RQU_COMMAND,
> .length = cpu_to_be32(34),
> --
> 2.4.3
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] tpm: Fix expected number of response bytes of TPM1.2 PCR Extend
[not found] ` <20170215180903.3simazptqnlhbqi6-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
@ 2017-02-15 18:17 ` Stefan Berger
0 siblings, 0 replies; 7+ messages in thread
From: Stefan Berger @ 2017-02-15 18:17 UTC (permalink / raw)
To: Jarkko Sakkinen; +Cc: tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f
On 02/15/2017 01:09 PM, Jarkko Sakkinen wrote:
> On Wed, Feb 15, 2017 at 11:56:23AM -0500, Stefan Berger wrote:
>> The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
>> which is the size of the PCR state.
>>
>> This fixes a problem where IMA gets errors with every PCR Extend.
>>
>> Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
>> Signed-off-by: Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
>> Acked-by: Mimi Zohar <zohar-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
>
> /Jarkko
>
>> ---
>> drivers/char/tpm/tpm-interface.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c
>> index 6e368ee..bd2128e 100644
>> --- a/drivers/char/tpm/tpm-interface.c
>> +++ b/drivers/char/tpm/tpm-interface.c
>> @@ -767,7 +767,7 @@ EXPORT_SYMBOL_GPL(tpm_pcr_read);
>>
>> #define TPM_ORD_PCR_EXTEND cpu_to_be32(20)
>> #define EXTEND_PCR_RESULT_SIZE 34
We should probably rename the above to EXTEND_PCR_BUFFER_SIZE. It's the
input buffer that's size 34, the output is 30 bytes.
Stefan
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] tpm: Fix expected number of response bytes of TPM1.2 PCR Extend
2017-02-15 18:09 ` Jarkko Sakkinen
[not found] ` <20170215180903.3simazptqnlhbqi6-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
@ 2017-02-17 12:46 ` Mimi Zohar
2017-02-17 18:45 ` Jarkko Sakkinen
1 sibling, 1 reply; 7+ messages in thread
From: Mimi Zohar @ 2017-02-17 12:46 UTC (permalink / raw)
To: James Morris
Cc: Stefan Berger, tpmdd-devel, linux-security-module, linux-kernel,
Jarkko Sakkinen
Hi James,
On Wed, 2017-02-15 at 20:09 +0200, Jarkko Sakkinen wrote:
> On Wed, Feb 15, 2017 at 11:56:23AM -0500, Stefan Berger wrote:
> > The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
> > which is the size of the PCR state.
> >
> > This fixes a problem where IMA gets errors with every PCR Extend.
> >
> > Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
> > Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
> > Acked-by: Mimi Zohar <zohar@us.ibm.com>
>
> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
This patch needs to be included with the rest of the patches being
upstreamed in the next open window. Should Jarkko or I send you a pull
request for it?
thanks,
Mimi
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] tpm: Fix expected number of response bytes of TPM1.2 PCR Extend
2017-02-17 12:46 ` Mimi Zohar
@ 2017-02-17 18:45 ` Jarkko Sakkinen
2017-02-17 18:48 ` Mimi Zohar
0 siblings, 1 reply; 7+ messages in thread
From: Jarkko Sakkinen @ 2017-02-17 18:45 UTC (permalink / raw)
To: Mimi Zohar
Cc: James Morris, Stefan Berger, tpmdd-devel, linux-security-module,
linux-kernel
On Fri, Feb 17, 2017 at 07:46:38AM -0500, Mimi Zohar wrote:
> Hi James,
>
> On Wed, 2017-02-15 at 20:09 +0200, Jarkko Sakkinen wrote:
> > On Wed, Feb 15, 2017 at 11:56:23AM -0500, Stefan Berger wrote:
> > > The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
> > > which is the size of the PCR state.
> > >
> > > This fixes a problem where IMA gets errors with every PCR Extend.
> > >
> > > Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
> > > Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
> > > Acked-by: Mimi Zohar <zohar@us.ibm.com>
> >
> > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
>
> This patch needs to be included with the rest of the patches being
> upstreamed in the next open window. Should Jarkko or I send you a pull
> request for it?
>
> thanks,
>
> Mimi
I'm sending a pull request after the weekend. It will contain
only a few small scoped fixes so wouldn't it be easiest if I
just include this to the pack?
/Jarkko
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] tpm: Fix expected number of response bytes of TPM1.2 PCR Extend
@ 2017-02-17 18:48 ` Mimi Zohar
0 siblings, 0 replies; 7+ messages in thread
From: Mimi Zohar @ 2017-02-17 18:48 UTC (permalink / raw)
To: Jarkko Sakkinen
Cc: James Morris, Stefan Berger, tpmdd-devel, linux-security-module,
linux-kernel
On Fri, 2017-02-17 at 20:45 +0200, Jarkko Sakkinen wrote:
> On Fri, Feb 17, 2017 at 07:46:38AM -0500, Mimi Zohar wrote:
> > Hi James,
> >
> > On Wed, 2017-02-15 at 20:09 +0200, Jarkko Sakkinen wrote:
> > > On Wed, Feb 15, 2017 at 11:56:23AM -0500, Stefan Berger wrote:
> > > > The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
> > > > which is the size of the PCR state.
> > > >
> > > > This fixes a problem where IMA gets errors with every PCR Extend.
> > > >
> > > > Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
> > > > Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
> > > > Acked-by: Mimi Zohar <zohar@us.ibm.com>
> > >
> > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
> >
> > This patch needs to be included with the rest of the patches being
> > upstreamed in the next open window. Should Jarkko or I send you a pull
> > request for it?
> I'm sending a pull request after the weekend. It will contain
> only a few small scoped fixes so wouldn't it be easiest if I
> just include this to the pack?
As long as it makes it into the James' pull request to Linus, that's
fine.
Mimi
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] tpm: Fix expected number of response bytes of TPM1.2 PCR Extend
@ 2017-02-17 18:48 ` Mimi Zohar
0 siblings, 0 replies; 7+ messages in thread
From: Mimi Zohar @ 2017-02-17 18:48 UTC (permalink / raw)
To: Jarkko Sakkinen
Cc: linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-security-module-u79uwXL29TY76Z2rM5mHXA,
tpmdd-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f, James Morris
On Fri, 2017-02-17 at 20:45 +0200, Jarkko Sakkinen wrote:
> On Fri, Feb 17, 2017 at 07:46:38AM -0500, Mimi Zohar wrote:
> > Hi James,
> >
> > On Wed, 2017-02-15 at 20:09 +0200, Jarkko Sakkinen wrote:
> > > On Wed, Feb 15, 2017 at 11:56:23AM -0500, Stefan Berger wrote:
> > > > The TPM1.2 PCR Extend operation only returns 20 bytes in the body,
> > > > which is the size of the PCR state.
> > > >
> > > > This fixes a problem where IMA gets errors with every PCR Extend.
> > > >
> > > > Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
> > > > Signed-off-by: Stefan Berger <stefanb-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
> > > > Acked-by: Mimi Zohar <zohar-r/Jw6+rmf7HQT0dZR+AlfA@public.gmane.org>
> > >
> > > Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>
> >
> > This patch needs to be included with the rest of the patches being
> > upstreamed in the next open window. Should Jarkko or I send you a pull
> > request for it?
> I'm sending a pull request after the weekend. It will contain
> only a few small scoped fixes so wouldn't it be easiest if I
> just include this to the pack?
As long as it makes it into the James' pull request to Linus, that's
fine.
Mimi
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2017-02-17 18:50 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-02-15 16:56 [PATCH] tpm: Fix expected number of response bytes of TPM1.2 PCR Extend Stefan Berger
2017-02-15 18:09 ` Jarkko Sakkinen
[not found] ` <20170215180903.3simazptqnlhbqi6-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>
2017-02-15 18:17 ` Stefan Berger
2017-02-17 12:46 ` Mimi Zohar
2017-02-17 18:45 ` Jarkko Sakkinen
2017-02-17 18:48 ` Mimi Zohar
2017-02-17 18:48 ` Mimi Zohar
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.