From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752616AbdBATuT (ORCPT ); Wed, 1 Feb 2017 14:50:19 -0500 Received: from mga01.intel.com ([192.55.52.88]:5616 "EHLO mga01.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752176AbdBATuP (ORCPT ); Wed, 1 Feb 2017 14:50:15 -0500 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,321,1477983600"; d="scan'208";a="815959840" Date: Wed, 1 Feb 2017 21:50:06 +0200 From: Jarkko Sakkinen To: Nayna Cc: Kenneth Goldman , "moderated list:TPM DEVICE DRIVER" , open list , linux-security-module@vger.kernel.org Subject: Re: Fwd: Re: [tpmdd-devel] [PATCH v9 2/2] tpm: add securityfs support,for TPM 2.0 firmware event log Message-ID: <20170201195006.wqhy55327lt5wn3g@intel.com> References: <588F09A2.4090502@linux.vnet.ibm.com> <20170131174659.b6njebycqzd5ur6f@intel.com> <5890DAFC.9030407@linux.vnet.ibm.com> <20170131205006.fljtxsy4s6lyhkvv@intel.com> <20170201144837.aenzg5cauzl2ofbt@intel.com> <20170201145430.s336rtavopx4k5r2@intel.com> <58923635.8060004@linux.vnet.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <58923635.8060004@linux.vnet.ibm.com> Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo User-Agent: Mutt/1.6.2-neo (2016-08-21) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Feb 02, 2017 at 12:55:41AM +0530, Nayna wrote: > > > On 02/01/2017 08:24 PM, Jarkko Sakkinen wrote: > > On Wed, Feb 01, 2017 at 04:48:37PM +0200, Jarkko Sakkinen wrote: > > > On Tue, Jan 31, 2017 at 10:50:06PM +0200, Jarkko Sakkinen wrote: > > > > On Wed, Feb 01, 2017 at 12:14:12AM +0530, Nayna wrote: > > > > > > I already sent my pull request to 4.11 and even today I found something > > > > > > fishy. You declared a function local array by using a variable in "tpm: > > > > > > enhance TPM 2.0 PCR extend to support multiple banks" (max_active_banks > > > > > > or something). And the event log patches have just passed the review. > > > > > > > > > > Yes. I have checked using clang and it has passed the clang.. and I also > > > > > verified there were no complains during build. > > > > > > > > What we can deduce from that is that they didn't expose the issue in > > > > question. > > > > > > > > I found this by running sparse with make C=2 M=drives/char/tpm > > > > > > > > > What type of problem do you see ? > > > > > > > > It is disallowed to do stack allocation in the kernel code even if C > > > > standard would allow it. Stack is scarce resource so you need to know > > > > its usage at compile time. > > > > > > > > In this case you actually know the allocation because the value is not > > > > changed during the course of the function but it is still bad. Probably > > > > compiler will optimize it out. Still it is not a good practice. > > > > > > > > > Also, to understand, this is related to multi-bank patchset. I mean how does > > > > > it affect for event log patchset ? > > > > > > > > Well in both cases these have landed fairly late but I asked from James > > > > whether I'll have to postpone these to 4.12. > > > > > > > > Usually when I've sent my release pull request I do not want to make any > > > > radical changes to the codebase because they always require extra QA and > > > > thus take extra time. > > > > > > rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0, 0, > > > "attempting extend a PCR value"); > > > > > > This should be > > > > > > rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, 0, 0, > > > "attempting extend a PCR value"); > > > > > > The second parameter is the size of the buffer, not length of the input > > > data. > > > > > > /Jarkko > > > > As a sanity check can you test these commits and see if they still > > work for you as I've done now some updates to them? Thanks. > > Thanks Jarkko, yes I tested for both multi-bank patches and event log. > Its working fine. > > Thanks & Regards, > - Nayna OK, good, thanks. /Jarkko From mboxrd@z Thu Jan 1 00:00:00 1970 From: Jarkko Sakkinen Subject: Re: Fwd: Re: [PATCH v9 2/2] tpm: add securityfs support, for TPM 2.0 firmware event log Date: Wed, 1 Feb 2017 21:50:06 +0200 Message-ID: <20170201195006.wqhy55327lt5wn3g@intel.com> References: <588F09A2.4090502@linux.vnet.ibm.com> <20170131174659.b6njebycqzd5ur6f@intel.com> <5890DAFC.9030407@linux.vnet.ibm.com> <20170131205006.fljtxsy4s6lyhkvv@intel.com> <20170201144837.aenzg5cauzl2ofbt@intel.com> <20170201145430.s336rtavopx4k5r2@intel.com> <58923635.8060004@linux.vnet.ibm.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Content-Disposition: inline In-Reply-To: <58923635.8060004-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: tpmdd-devel-bounces-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org To: Nayna Cc: "moderated list:TPM DEVICE DRIVER" , linux-security-module-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, Kenneth Goldman , open list List-Id: tpmdd-devel@lists.sourceforge.net On Thu, Feb 02, 2017 at 12:55:41AM +0530, Nayna wrote: > > > On 02/01/2017 08:24 PM, Jarkko Sakkinen wrote: > > On Wed, Feb 01, 2017 at 04:48:37PM +0200, Jarkko Sakkinen wrote: > > > On Tue, Jan 31, 2017 at 10:50:06PM +0200, Jarkko Sakkinen wrote: > > > > On Wed, Feb 01, 2017 at 12:14:12AM +0530, Nayna wrote: > > > > > > I already sent my pull request to 4.11 and even today I found something > > > > > > fishy. You declared a function local array by using a variable in "tpm: > > > > > > enhance TPM 2.0 PCR extend to support multiple banks" (max_active_banks > > > > > > or something). And the event log patches have just passed the review. > > > > > > > > > > Yes. I have checked using clang and it has passed the clang.. and I also > > > > > verified there were no complains during build. > > > > > > > > What we can deduce from that is that they didn't expose the issue in > > > > question. > > > > > > > > I found this by running sparse with make C=2 M=drives/char/tpm > > > > > > > > > What type of problem do you see ? > > > > > > > > It is disallowed to do stack allocation in the kernel code even if C > > > > standard would allow it. Stack is scarce resource so you need to know > > > > its usage at compile time. > > > > > > > > In this case you actually know the allocation because the value is not > > > > changed during the course of the function but it is still bad. Probably > > > > compiler will optimize it out. Still it is not a good practice. > > > > > > > > > Also, to understand, this is related to multi-bank patchset. I mean how does > > > > > it affect for event log patchset ? > > > > > > > > Well in both cases these have landed fairly late but I asked from James > > > > whether I'll have to postpone these to 4.12. > > > > > > > > Usually when I've sent my release pull request I do not want to make any > > > > radical changes to the codebase because they always require extra QA and > > > > thus take extra time. > > > > > > rc = tpm_transmit_cmd(chip, buf.data, tpm_buf_length(&buf), 0, 0, > > > "attempting extend a PCR value"); > > > > > > This should be > > > > > > rc = tpm_transmit_cmd(chip, buf.data, PAGE_SIZE, 0, 0, > > > "attempting extend a PCR value"); > > > > > > The second parameter is the size of the buffer, not length of the input > > > data. > > > > > > /Jarkko > > > > As a sanity check can you test these commits and see if they still > > work for you as I've done now some updates to them? Thanks. > > Thanks Jarkko, yes I tested for both multi-bank patches and event log. > Its working fine. > > Thanks & Regards, > - Nayna OK, good, thanks. /Jarkko ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot