Re: [PATCH v3 5/6] tpm: Add tpm_buf_read_{u8,u16,u32}

From: James Bottomley
Date: Fri Oct 27 2023 - 08:25:08 EST

Next message: Shuai Xue: "Re: [PATCH v9 3/4] drivers/perf: add DesignWare PCIe PMU driver"
Previous message: Oleg Nesterov: "Re: [PATCH] Fixing directly deferencing a __rcu pointer warning"
In reply to: Jarkko Sakkinen: "Re: [PATCH v3 5/6] tpm: Add tpm_buf_read_{u8,u16,u32}"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2023-10-24 at 04:15 +0300, Jarkko Sakkinen wrote:
> +++ b/drivers/char/tpm/tpm-buf.c
> @@ -124,3 +124,72 @@ void tpm_buf_append_u32(struct tpm_buf *buf,
> const u32 value)
>         tpm_buf_append(buf, (u8 *)&value2, 4);
> }
> EXPORT_SYMBOL_GPL(tpm_buf_append_u32);
> +
> +/**
> + * tpm_buf_read() - Read from a TPM buffer
> + * @buf:       &tpm_buf instance
> + * @offset:    offset within the buffer
> + * @count:     the number of bytes to read
> + * @output:    the output buffer
> + */
> +static void tpm_buf_read(const struct tpm_buf *buf, off_t *offset,
> size_t count, void *output)
> +{
> +       if (*(offset + count) >= buf->length) {

I don't think you mean that; it's dereferencing a random location in
the stack, which is why I see this check trip randomly when testing. I
think you mean

if (*offset + count >= buf->length) {

James

Next message: Shuai Xue: "Re: [PATCH v9 3/4] drivers/perf: add DesignWare PCIe PMU driver"
Previous message: Oleg Nesterov: "Re: [PATCH] Fixing directly deferencing a __rcu pointer warning"
In reply to: Jarkko Sakkinen: "Re: [PATCH v3 5/6] tpm: Add tpm_buf_read_{u8,u16,u32}"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]