Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp2369151imu; Sat, 5 Jan 2019 23:25:55 -0800 (PST) X-Google-Smtp-Source: ALg8bN6vu7Izj02QUXN5kE59d7Mf6NaBGvrQArMU5mHntd64A2lwHnDJDjhEh1Xj4xT8ps4MUS73 X-Received: by 2002:a17:902:714c:: with SMTP id u12mr56254718plm.234.1546759555319; Sat, 05 Jan 2019 23:25:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1546759555; cv=none; d=google.com; s=arc-20160816; b=nRW6nlOooLl7EkvCnxPNAZlLlaiyV+IVWQv4K8uZDD9NBIg8zCRZg/7IDts3C/FR35 WJLZXOsPC6oMRf5WGjJibUKiMujWvudnnVpYpuERWydFwo7FxvYlAtzxCAYnWkDjxpAN Xh0KAfe9/EbRW3+SeRA/mNCCg6LSo4ao4hHZQs28i20WzNPcHEQ4tFPeoD3OegcjY7kg YtBC2fiWuTr8JoomILwuepvxHncFSYQmnIVJn1grdfvnF8JEzoHNKmfrKWl6m7XY2b4j Ta9+9R1Uyo/WwjQRoLgOXRZgEs+W+SPUqgEqZNceVn/fmZtGB+6v7ZKBYLOtCJIg0fil kuZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from; bh=/M3+uRfkI6ZWgPNFRVFU4zgnC8kfRj9T8w4d4lgAVj0=; b=LvwP+/9t/ybQpBxtdg1ZAiIhNO9/xzORvDvratW2s9zOAnPdIvNNkompYbaKEbn8qF 0KHPnGgXTYVtFGcNRqtAyJL6g8RddkwnP096mSiq8Fn54euOReY/dOdSypZphWTAt/uW tJlIeEG1XQRRfZls7Tx2DhDdvRz/C29kq9pyEUQAtjYBJ6ZueSaMErJdHTRY9JyjKoE8 knKbh1YcSrhpTVOY/GGN2X121DrqARFY0ZpERQk5PPShSrJB6zXBrq28dqY6/L/mF1Ou lNpexNjVE5tU3iDYpGWAsuy6hTBacZ+9sDYIZjjqAJKQxAZEzDZH2ZKVtwEtO2/Oz8hH mlTw== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c10si16255530pla.173.2019.01.05.23.25.40; Sat, 05 Jan 2019 23:25:55 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726427AbfAFHYe (ORCPT + 99 others); Sun, 6 Jan 2019 02:24:34 -0500 Received: from out30-133.freemail.mail.aliyun.com ([115.124.30.133]:38025 "EHLO out30-133.freemail.mail.aliyun.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726199AbfAFHYe (ORCPT ); Sun, 6 Jan 2019 02:24:34 -0500 X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R151e4;CH=green;FP=0|-1|-1|-1|0|-1|-1|-1;HT=e01e01406;MF=zhang.jia@linux.alibaba.com;NM=1;PH=DS;RN=7;SR=0;TI=SMTPD_---0THdglfx_1546759400; Received: from localhost(mailfrom:zhang.jia@linux.alibaba.com fp:SMTPD_---0THdglfx_1546759400) by smtp.aliyun-inc.com(127.0.0.1); Sun, 06 Jan 2019 15:23:20 +0800 From: Jia Zhang To: jarkko.sakkinen@linux.intel.com, peterhuewe@gmx.de, jgg@ziepe.ca, tweek@google.com Cc: linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, zhang.jia@linux.alibaba.com Subject: [PATCH 2/2] tpm/eventlog/tpm1: Fix off-by-1 when reading binary_bios_measurements Date: Sun, 6 Jan 2019 15:23:19 +0800 Message-Id: <1546759399-45360-2-git-send-email-zhang.jia@linux.alibaba.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1546759399-45360-1-git-send-email-zhang.jia@linux.alibaba.com> References: <1546759399-45360-1-git-send-email-zhang.jia@linux.alibaba.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org It is unable to read the entry when it is the only one in binary_bios_measurements: 00000000 00 00 00 00 08 00 00 00 c4 2f ed ad 26 82 00 cb 00000010 1d 15 f9 78 41 c3 44 e7 9d ae 33 20 00 00 00 00 00000020 This is obviously a firmware problem on my linux machine: Manufacturer: Inspur Product Name: SA5212M4 Version: 01 However, binary_bios_measurements should return it any way, rather than nothing, after all its content is completely valid. Fix: 55a82ab("tpm: add bios measurement log") Signed-off-by: Jia Zhang --- drivers/char/tpm/eventlog/tpm1.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/char/tpm/eventlog/tpm1.c b/drivers/char/tpm/eventlog/tpm1.c index 4cf8303..bfdff92 100644 --- a/drivers/char/tpm/eventlog/tpm1.c +++ b/drivers/char/tpm/eventlog/tpm1.c @@ -88,7 +88,7 @@ static void *tpm1_bios_measurements_start(struct seq_file *m, loff_t *pos) event = addr; /* check if current entry is valid */ - if (addr + sizeof(struct tcpa_event) >= limit) + if (addr + sizeof(struct tcpa_event) > limit) return NULL; converted_event_size = @@ -98,7 +98,7 @@ static void *tpm1_bios_measurements_start(struct seq_file *m, loff_t *pos) if (((converted_event_type == 0) && (converted_event_size == 0)) || ((addr + sizeof(struct tcpa_event) + converted_event_size) - >= limit)) + > limit)) return NULL; if (i++ == *pos) @@ -125,7 +125,7 @@ static void *tpm1_bios_measurements_next(struct seq_file *m, void *v, v += sizeof(struct tcpa_event) + converted_event_size; /* now check if current entry is valid */ - if ((v + sizeof(struct tcpa_event)) >= limit) + if ((v + sizeof(struct tcpa_event)) > limit) return NULL; event = v; @@ -134,7 +134,7 @@ static void *tpm1_bios_measurements_next(struct seq_file *m, void *v, converted_event_type = do_endian_conversion(event->event_type); if (((converted_event_type == 0) && (converted_event_size == 0)) || - ((v + sizeof(struct tcpa_event) + converted_event_size) >= limit)) + ((v + sizeof(struct tcpa_event) + converted_event_size) > limit)) return NULL; (*pos)++; -- 1.8.3.1