Re: [GIT PULL] TPM driver robustness fixes
From: James Morris
Date: Mon Mar 21 2011 - 19:01:09 EST
On Wed, 16 Mar 2011, Rajiv Andrade wrote:
> Hi James,
>
>
> The following changes since commit 2e270d84223262a38d4755c61d55f5c73ea89e56:
>
> Merge branch 'for-linus' of
> git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 (2011-03-16
> 13:26:17 -0700)
>
> are available in the git repository at:
>
> git://tpmdd.git.sourceforge.net/gitroot/tpmdd/tpmdd/ for-james
>
> Peter Huewe (3):
>
> This patch changes the call of tpm_transmit by supplying the size of the
> userspace buffer instead of TPM_BUFSIZE
>
> This patch fixes information leakage to the userspace by initializing
> the data buffer to zero
>
> Since the buffer might contain security related data it might be a good
> idea to zero the buffer after we have copied it to userspace.
These patches don't have proper subjects.
Also:
if (copy_to_user(buf, chip->data_buffer, ret_size))
ret_size = -EFAULT;
+ memset(chip->data_buffer, 0, ret_size);
Consider what happens in memset if copy_to_user fails.
One of the patches is flagged with "Discussion needed ...", without any
evidence of that the discussion happened.
- James
--
James Morris
<jmorris@xxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/