Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753969AbbFIL7a (ORCPT ); Tue, 9 Jun 2015 07:59:30 -0400 Received: from mout.gmx.net ([212.227.15.15]:59054 "EHLO mout.gmx.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753700AbbFIL7O convert rfc822-to-8bit (ORCPT ); Tue, 9 Jun 2015 07:59:14 -0400 User-Agent: K-9 Mail for Android In-Reply-To: <20150609113913.GA1079@jsakkine-mobl1> References: <1433349555-30868-1-git-send-email-jarkko.sakkinen@linux.intel.com> <201506082239.33639.PeterHuewe@gmx.de> <20150609091932.GC4968@jsakkine-mobl1> <1C403FBE-76FF-425C-8627-5956838CD560@gmx.de> <20150609113913.GA1079@jsakkine-mobl1> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8BIT Subject: Re: [tpmdd-devel] [PATCH v2] tpm: introduce struct tpm_buf From: Peter Huewe Date: Tue, 09 Jun 2015 13:58:59 +0200 To: Jarkko Sakkinen CC: "moderated list:TPM DEVICE DRIVER" , safford@us.ibm.com, open list Message-ID: <41179E5D-88E5-46B0-BEB8-6D759F917BDD@gmx.de> X-Provags-ID: V03:K0:1EM58oAZSmL+CHcmd0y8+ZTttM0LABT7ya9uWmk47XpdRKVwAlI RGJ6skCcPSyCuneyMjjCC8nxYv0SwZrWS8+MuRAgbcF2PGHtLC5tnAmC40WaRO8v1MFI2Xf F9qpsdKcOFdPn3wdTvRLGDkeGMLSFReXyLGvaHcubrVCVIlMNI8g+38sOusKpJVPhs4mmhE qbx9Uk02rqli3OybQfETA== X-UI-Out-Filterresults: notjunk:1;V01:K0:NZBesZrvgpg=:kg8h93mTanAmm29N+EdZdc P1RJcB0uwEptAJFsyqu7Q/WkhuFSfrgvsMaw7n2PXbZdPA0NI1bSjUKLW5Y7S8v68JXJJo7rg LcgiWfLugCPijBjYHTHLfhw6euFMeLmvCAnO5ey3re/mmvTrGyXwhjNZtI9DLz1xUrP/JchD3 d1wPAAfCmcmA7hJi99tdIw+IY5EmgiWemWDOOadSgYG7EE6P6Eouc7/F0O871lmu9av5Mjgth w6iWzVncX+OM3m9CoTROPnI75sz8cxGGsDPwZHeofkeLVBEwgtcP2jmqOPgPfKa9ccMSm/4ft SNrOhZifPl/3Rjb6gf/4qpmOH88SkHkLTO0sumeFOOJTXWFML/gEJf+DnHJiYRqLf1tXJ2xk0 Jkdb6RJPZhn4wToaqB8utYKelAsRoX986B85TF1tQpN8LIafW6PmFs/PW9vG1hbCv6Ce/vOjf YrHjVAEVlGeTjh1usVFLXfh5VuY1SJFTGnWBkOc6mvRuNO0WIK13ajzk/wlKK9lcOYI1fbqyP 5gafUAJcVcVN0VqJFuKMNVGEi2Eam9TpchnpziNH1h4d1NuBMRQIFvB5ujBNirBDcDnXsfwYW UAS8WbU8um6T9Idywes2WCwhBBZTLEl8WiQzQYohbpbJr5JDaF4Zuy9E/gxTKCB/JWQLZhjJH LogXNZKecthNPysQ2tiOCs/NEMveW5gEHubvuu7Kk5W4KNm4g6pQiQes3WJCASSrARL8= Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1683 Lines: 51 Am 9. Juni 2015 13:39:13 MESZ, schrieb Jarkko Sakkinen : >On Tue, Jun 09, 2015 at 12:32:57PM +0200, Peter Huewe wrote: >> >> >> Hi >> >> >> > +static inline void tpm_buf_store(struct tpm_buf *buf, >> >> > + unsigned int pos, >> >> > + const unsigned char *data, >> >> > + unsigned int len) >> >> > +{ >> >> > + BUG_ON((pos + len) > TPM_BUF_SIZE); >> >> > + >> >> > + memcpy(&buf->data[pos], data, len); >> >> > +} >> >> >> >> Don't you have to update the ->length here? >> > >> >No. Store is for placing value in position, not appending to the >end. >> > >> Then either add a length check (whether ->length is big enough) >and/or >> call the function "update" > >There is a length check in the beginning (first line of the function >body). > Nope. The check in the first line checks whether the write is <= the max buffer size, but not <= head->length. Since head->length is not updated (as per design) it is possible to write data without effect using this function. This is not what I expect from an API. Example I create a buffer using tpm_buf_append with 12 bytes, so head->length == 12 Then I use tpm_buf_store at pos 10 and len 4 --> in the buffer are 14 bytes, but tpm_buf_length will only report 12 bytes. Which is not what I would expect and your current check dies not prevent this. Peter -- Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/