Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp11016488imu; Thu, 6 Dec 2018 10:09:14 -0800 (PST) X-Google-Smtp-Source: AFSGD/UY6zn6XbkoRQehwkUOdwR2/Wcm82rDoaZnEe+v/YpN6PhC33uwW/YSYgU46FG8CTPy7/2O X-Received: by 2002:a17:902:27a8:: with SMTP id d37mr29708088plb.182.1544119754772; Thu, 06 Dec 2018 10:09:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1544119754; cv=none; d=google.com; s=arc-20160816; b=pbKL0vXl/MSDY6BDlXi5wYvIOsAjQyzMqWWtuzE36IveLUwRw4K+vfjds5ZnaNv87/ VrYv7lQv8+HbkqGaRuPPrn0TmkBOR/oVdOCBUepnYDkXj1hDkr/dNi2kx1tJxp1SSAVT ydVAnNRa17CpSYuX5DT6/jBmOlGgdFHN97HvJ+M2V0gLka0JKyOQdpfuQzxOpADqkeQn kDvs4ja/XMnm6Ght8QGAsZ/zoC/tC/AH4Fw4VDhNMPgV3tnpMFs5BJpa/Zh1+iMysbP1 BjrEn03J/a63hPJoXOrf2GqWmTdJINWmHcLeZJK7XxfpqaSWzFy/u5iYEOPRDijlKv7t FfQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject; bh=jTGuW82B/KToADSfAc4XXtMSkIcy4/xDqN5EGNqlymw=; b=a7zN5dsaatET5tqcXanwVDn6RkBsXzHCVpYa4wUcOxs+gyGg5bluX8NqsmXodGgk64 c/jPKR/7GrPp0dBRWHgEiT31FNLuVlSQeR8dZ+aIeEXFS161x7ZoH7c59hHUo30OomFA 6ehGTQQvQiRHXDBE/sORr0s5brDBoU0wXC+G9lgrcvL2Tso7xqWxQlKJ5G+ukInf6ZRL NAiJCOOMo1crTFHFEpo62HiL58RjK6pk+wURieEpCx0eoK3Se/SlVs4cug5Om6u1ilVi Gh9NI9fV73tdfedy5HfOzzB8ox1d8KiL46efRc7QVdOUHuoeGZT5NiLx6/51pfCqhiLB An0g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d90si792454pld.148.2018.12.06.10.08.42; Thu, 06 Dec 2018 10:09:14 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725987AbeLFSHn (ORCPT + 99 others); Thu, 6 Dec 2018 13:07:43 -0500 Received: from lhrrgout.huawei.com ([185.176.76.210]:32802 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1725898AbeLFSHn (ORCPT ); Thu, 6 Dec 2018 13:07:43 -0500 Received: from LHREML711-CAH.china.huawei.com (unknown [172.18.7.108]) by Forcepoint Email with ESMTP id A609DD4B967B3; Thu, 6 Dec 2018 18:07:39 +0000 (GMT) Received: from [10.204.65.144] (10.204.65.144) by smtpsuk.huawei.com (10.201.108.34) with Microsoft SMTP Server (TLS) id 14.3.408.0; Thu, 6 Dec 2018 18:07:35 +0000 Subject: Re: [PATCH v6 6/7] tpm: ensure that the output of PCR read contains the correct digest size To: Jarkko Sakkinen CC: , , , , , , References: <20181204082138.24600-1-roberto.sassu@huawei.com> <20181204082138.24600-7-roberto.sassu@huawei.com> <20181205000910.GE1233@linux.intel.com> <20181205004643.GA26578@linux.intel.com> From: Roberto Sassu Message-ID: Date: Thu, 6 Dec 2018 19:07:34 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.3.0 MIME-Version: 1.0 In-Reply-To: <20181205004643.GA26578@linux.intel.com> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [10.204.65.144] X-CFilter-Loop: Reflected Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 12/5/2018 1:46 AM, Jarkko Sakkinen wrote: > On Tue, Dec 04, 2018 at 04:09:10PM -0800, Jarkko Sakkinen wrote: >> On Tue, Dec 04, 2018 at 09:21:37AM +0100, Roberto Sassu wrote: >>> out = (struct tpm2_pcr_read_out *)&buf.data[TPM_HEADER_SIZE]; >>> digest_size = be16_to_cpu(out->digest_size); >>> - if (digest_size > sizeof(digest->digest)) { >>> + if (digest_size > sizeof(digest->digest) || >>> + (!digest_size_ptr && digest_size != expected_digest_size)) { >>> rc = -EINVAL; >>> goto out; >>> } >> >> Just noticed this but you must squash 4-6 because applying only >> previous commits will result a broken tree. It will be much bigger >> commit but won't be broken. >> >> I think you should also feed min_rsp_body_length as you should be >> able to precalculate. >> >> Last time I was asking why this isn't a bug fix. It is even for >> the existing code. The existing code should have a bug fix that >> checks that the received digest size so that it is the expected >> SHA1 size before we can apply this commit. > > My bad. This is not the same deal as the code because in the old code we > always copy a constant block. Here we use the variable as parameter for > memcpy() so it is better to check the size. You can ignore the last > paragraph completely. Sorry, had to double check this one. > > There is no need to do any type of bug fix for the current tree. > > Still 4-6 need to be squashed in order to not put purposely the tree > into broken state. Ok. I keep the description of 5, and add few details from 4 and 6. Roberto > /Jarko > -- HUAWEI TECHNOLOGIES Duesseldorf GmbH, HRB 56063 Managing Director: Bo PENG, Jian LI, Yanli SHI