Received: by 2002:ac0:a5a6:0:0:0:0:0 with SMTP id m35-v6csp3675031imm;
        Wed, 5 Sep 2018 04:15:48 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdagjOrArs26TSgfMPAN/8bkY6UygJwvsqrARa0ZKvLQNVcSSqnXM6y5CriBOoYCesiCWNrg
X-Received: by 2002:a17:902:8f8c:: with SMTP id z12-v6mr38146114plo.4.1536146148246;
        Wed, 05 Sep 2018 04:15:48 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1536146148; cv=none;
        d=google.com; s=arc-20160816;
        b=Hl9afz0kFYJ3ZtPY7YYSz3M3h5iX6zkTxNXLxmbNdh5NyW3ZsuFlGjaCY6Ip2dPMw/
         Fe54bEUK9dtuXwVaazUbDXOjoR6UM+Y5aHdbfpVEsT3lHeDTeEr9mDONrJIcUMt4tOoi
         1DpWo6aJmFPq5oIKCoakXv9Gmb59spuql6wZprg2NKg7zmX4wB99BAli8mVASfRtkKl1
         rQhWn9kOhtvG9LoONKZ3slQBRrnq/EdDSRa+QjP0x+NhMolmYsovgiXqzJlfosbGLBlr
         gn/D8er26FTPDh/Xa9cRxkAhzND55/gGyCJsvrHjO4rcUVxH1ZTjr98tSORfs4jc/X/r
         pOkA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:organization:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date;
        bh=vycF+cYVcwXX0uqHSMXNPZduH+wjykgxeC5vDZ5Iikw=;
        b=rjwy5UdhBdZLry5nQiuleTXSgQOXT/NOD00YR0KCIE8ZjwttrBsRUyhGi3vnVgMkX7
         FAPnFuMFcIxJLnekuJlu7TgjopqdwibaPmCdzmABgRFkrC9HTKV+r83LDtsYs5DgFGoc
         t8NLhhH4nbitLgpz+Zd+RqDVsx5WEQtpMysYEK+DJcM1dBKD6TPKZLnTZRBZoKfWwVXi
         GSfn6Os1S4A3FWCRt7debhviu1uAQEMs3WuzXB2/FxnIWTXeQC91kt9itKhKM3S/tiXN
         wj2tGtR21eC8Z7XKDwI0/5xNFMNzjKeJXUJHyfAGyIa4PR6fyLgkNVnOp30PJthe9PVX
         Jt8w==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id z4-v6si1478677pgp.580.2018.09.05.04.15.32;
        Wed, 05 Sep 2018 04:15:48 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727145AbeIEPoN (ORCPT <rfc822;kerneldev.sdk@gmail.com>
        + 99 others); Wed, 5 Sep 2018 11:44:13 -0400
Received: from mga01.intel.com ([192.55.52.88]:19279 "EHLO mga01.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726189AbeIEPoN (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 5 Sep 2018 11:44:13 -0400
X-Amp-Result: UNKNOWN
X-Amp-Original-Verdict: FILE UNKNOWN
X-Amp-File-Uploaded: False
Received: from fmsmga002.fm.intel.com ([10.253.24.26])
  by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 05 Sep 2018 04:14:27 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.53,333,1531810800"; 
   d="scan'208";a="83203401"
Received: from kfitzx-mobl.ger.corp.intel.com (HELO localhost) ([10.252.37.75])
  by fmsmga002.fm.intel.com with ESMTP; 05 Sep 2018 04:12:57 -0700
Date:   Wed, 5 Sep 2018 14:12:56 +0300
From:   Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To:     linux-integrity@vger.kernel.org
Cc:     Stefan Berger <stefanb@linux.vnet.ibm.com>,
        linux-security-module@vger.kernel.org, stable@vger.kernel.org,
        Peter Huewe <peterhuewe@gmx.de>,
        Jason Gunthorpe <jgg@ziepe.ca>, Arnd Bergmann <arnd@arndb.de>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        open list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] tpm: fix response size validation in tpm_get_random()
Message-ID: <20180905111256.GA9696@linux.intel.com>
References: <20180903011004.12161-1-jarkko.sakkinen@linux.intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180903011004.12161-1-jarkko.sakkinen@linux.intel.com>
Organization: Intel Finland Oy - BIC 0357606-4 - Westendinkatu 7, 02160 Espoo
User-Agent: Mutt/1.9.4 (2018-02-28)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Sep 03, 2018 at 04:10:04AM +0300, Jarkko Sakkinen wrote:
> When checking whether the response is large enough to be able to contain
> the received random bytes in tpm_get_random() and tpm2_get_random(),
> they fail to take account the header size, which should be added to the
> minimum size. This commit fixes this issue.
> 
> Cc: stable@vger.kernel.org
> Fixes: c659af78eb7b ("tpm: Check size of response before accessing data")
> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>

Stefan, you did the original commit. Does this look right to you?

/Jarkko