Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp353020imu; Fri, 11 Jan 2019 01:23:51 -0800 (PST) X-Google-Smtp-Source: ALg8bN7yQG3qwNSWi4EQLoqiymy0DfCqDmZhX3jdoz7VTFgdUpz2yiSKkuO+psXOTug29XkkmnP1 X-Received: by 2002:a63:30c8:: with SMTP id w191mr10725007pgw.120.1547198631460; Fri, 11 Jan 2019 01:23:51 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1547198631; cv=none; d=google.com; s=arc-20160816; b=ugXs7+lSWRmiFylpTmAajO53B1T3gtQx7LzF8vFkDGW14vZMLL+7vgZAXpJkMnDx2c 8P33Ek8/pPFI6KvWaILruxIt7zw3nmP98mYVvNMvW+KyKuAHSs7XsKTr6pDUpmEHf6CK DVsUlGxoQZyIsAVrqQauf4dsy2pH4FkEBJE7IVkBFoqdpZjmXb99yGRVyqIbDPrZp2TL hvURYLIchSh1cLCj9fw9tGGMXxX+l54FZOK2W3XnDzarKNIBz8PlTH8XRfGu/UZZHU8z xyOjQtcamKNmmwD6Sy9u925d4fnOJ7U68iE1Zu9BKyjb+6MLS1sHobn8W5sslFHY89vP XFHw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from; bh=wx1dToqbY/PUkXZ0E51qfgz+A2ha1ikgXOlJqwxKdf0=; b=uJbbEqayPOER7ImDeYexXEjDan33h9iQVFaD1nQcg1n/ZSfha6q8QZF8k5e8BT0GCK /HhgL/NkSwTtPGRxi2b+iMr364aaSUQ7X66AlxhTlmmXczKTsBGkUPDgf/50NVx4WJeC Mvz7UwxD7hqAPYmCwtRpOrGU2StzKJDet9leXqzK1pi4bD5yTEj0D4GvCEJsjQo9rkNd VFlkn7j1B2CJAtYKgyqrlbuLMaJIXeerK05DlRIxZ3N/moUv2ccgFSrARMn/MfOgdj5I 4kTEgKa7Iptq5m3OLfdLApznLsGgu1ASO8wBbtb7yhy7CEYjGjd+woLlOMi3Y8ZOpc9b 00PQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a11si21133907pln.78.2019.01.11.01.23.35; Fri, 11 Jan 2019 01:23:51 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731310AbfAKJAZ (ORCPT + 99 others); Fri, 11 Jan 2019 04:00:25 -0500 Received: from out30-131.freemail.mail.aliyun.com ([115.124.30.131]:48029 "EHLO out30-131.freemail.mail.aliyun.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1731298AbfAKJAY (ORCPT ); Fri, 11 Jan 2019 04:00:24 -0500 X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R141e4;CH=green;FP=0|-1|-1|-1|0|-1|-1|-1;HT=e01e01424;MF=zhang.jia@linux.alibaba.com;NM=1;PH=DS;RN=7;SR=0;TI=SMTPD_---0TI.JvuG_1547197175; Received: from localhost(mailfrom:zhang.jia@linux.alibaba.com fp:SMTPD_---0TI.JvuG_1547197175) by smtp.aliyun-inc.com(127.0.0.1); Fri, 11 Jan 2019 16:59:35 +0800 From: Jia Zhang To: jarkko.sakkinen@linux.intel.com, peterhuewe@gmx.de, jgg@ziepe.ca, tweek@google.com Cc: linux-integrity@vger.kernel.org, linux-kernel@vger.kernel.org, zhang.jia@linux.alibaba.com Subject: [PATCH 2/2] tpm/eventlog/tpm1: Fix off-by-1 when reading binary_bios_measurements Date: Fri, 11 Jan 2019 16:59:33 +0800 Message-Id: <1547197173-52826-3-git-send-email-zhang.jia@linux.alibaba.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <1547197173-52826-1-git-send-email-zhang.jia@linux.alibaba.com> References: <1547197173-52826-1-git-send-email-zhang.jia@linux.alibaba.com> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org It is unable to read the entry when it is the only one in binary_bios_measurements: 00000000 00 00 00 00 08 00 00 00 c4 2f ed ad 26 82 00 cb 00000010 1d 15 f9 78 41 c3 44 e7 9d ae 33 20 00 00 00 00 00000020 This is obviously a firmware problem on my linux machine: Manufacturer: Inspur Product Name: SA5212M4 Version: 01 However, binary_bios_measurements should return it any way, rather than nothing, after all its content is completely valid. Fixes: 55a82ab("tpm: add bios measurement log") Signed-off-by: Jia Zhang --- drivers/char/tpm/eventlog/tpm1.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/drivers/char/tpm/eventlog/tpm1.c b/drivers/char/tpm/eventlog/tpm1.c index 4cf8303..bfdff92 100644 --- a/drivers/char/tpm/eventlog/tpm1.c +++ b/drivers/char/tpm/eventlog/tpm1.c @@ -88,7 +88,7 @@ static void *tpm1_bios_measurements_start(struct seq_file *m, loff_t *pos) event = addr; /* check if current entry is valid */ - if (addr + sizeof(struct tcpa_event) >= limit) + if (addr + sizeof(struct tcpa_event) > limit) return NULL; converted_event_size = @@ -98,7 +98,7 @@ static void *tpm1_bios_measurements_start(struct seq_file *m, loff_t *pos) if (((converted_event_type == 0) && (converted_event_size == 0)) || ((addr + sizeof(struct tcpa_event) + converted_event_size) - >= limit)) + > limit)) return NULL; if (i++ == *pos) @@ -125,7 +125,7 @@ static void *tpm1_bios_measurements_next(struct seq_file *m, void *v, v += sizeof(struct tcpa_event) + converted_event_size; /* now check if current entry is valid */ - if ((v + sizeof(struct tcpa_event)) >= limit) + if ((v + sizeof(struct tcpa_event)) > limit) return NULL; event = v; @@ -134,7 +134,7 @@ static void *tpm1_bios_measurements_next(struct seq_file *m, void *v, converted_event_type = do_endian_conversion(event->event_type); if (((converted_event_type == 0) && (converted_event_size == 0)) || - ((v + sizeof(struct tcpa_event) + converted_event_size) >= limit)) + ((v + sizeof(struct tcpa_event) + converted_event_size) > limit)) return NULL; (*pos)++; -- 1.8.3.1