| Message ID | 20190910142437.20889-1-jarkko.sakkinen@linux.intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | tpm: Call tpm_put_ops() when the validation for @digests fails | expand |
On Tue Sep 10 19, Jarkko Sakkinen wrote: >The chip is not released when the validation for @digests fails. Add >tpm_put_ops() to the failure path. > >Cc: stable@vger.kernel.org >Reported-by: Roberto Sassu <roberto.sassu@huawei.com> >Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> >--- > drivers/char/tpm/tpm-interface.c | 14 +++++++++----- > 1 file changed, 9 insertions(+), 5 deletions(-) > >diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c >index 208e5ba40e6e..c7eeb40feac8 100644 >--- a/drivers/char/tpm/tpm-interface.c >+++ b/drivers/char/tpm/tpm-interface.c >@@ -320,18 +320,22 @@ int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, > if (!chip) > return -ENODEV; > >- for (i = 0; i < chip->nr_allocated_banks; i++) >- if (digests[i].alg_id != chip->allocated_banks[i].alg_id) >- return -EINVAL; >+ for (i = 0; i < chip->nr_allocated_banks; i++) { >+ if (digests[i].alg_id != chip->allocated_banks[i].alg_id) { >+ rc = EINVAL; >+ goto out; >+ } >+ } > > if (chip->flags & TPM_CHIP_FLAG_TPM2) { > rc = tpm2_pcr_extend(chip, pcr_idx, digests); >- tpm_put_ops(chip); >- return rc; >+ goto out; > } > > rc = tpm1_pcr_extend(chip, pcr_idx, digests[0].digest, > "attempting extend a PCR value"); >+ >+out: > tpm_put_ops(chip); > return rc; > } >-- >2.20.1 >
On Tue, Sep 10, 2019 at 08:11:21AM -0700, Jerry Snitselaar wrote: > On Tue Sep 10 19, Jarkko Sakkinen wrote: > > The chip is not released when the validation for @digests fails. Add > > tpm_put_ops() to the failure path. > > > > Cc: stable@vger.kernel.org > > Reported-by: Roberto Sassu <roberto.sassu@huawei.com> > > Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> > > Reviewed-by: Jerry Snitselaar <jsnitsel@redhat.com> Roberto, can you just squash this fix with yours to a single patch and send a new patch version? You can add suggested-by tag from me to v4. /Jarkko
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index 208e5ba40e6e..c7eeb40feac8 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -320,18 +320,22 @@ int tpm_pcr_extend(struct tpm_chip *chip, u32 pcr_idx, if (!chip) return -ENODEV; - for (i = 0; i < chip->nr_allocated_banks; i++) - if (digests[i].alg_id != chip->allocated_banks[i].alg_id) - return -EINVAL; + for (i = 0; i < chip->nr_allocated_banks; i++) { + if (digests[i].alg_id != chip->allocated_banks[i].alg_id) { + rc = EINVAL; + goto out; + } + } if (chip->flags & TPM_CHIP_FLAG_TPM2) { rc = tpm2_pcr_extend(chip, pcr_idx, digests); - tpm_put_ops(chip); - return rc; + goto out; } rc = tpm1_pcr_extend(chip, pcr_idx, digests[0].digest, "attempting extend a PCR value"); + +out: tpm_put_ops(chip); return rc; }
The chip is not released when the validation for @digests fails. Add tpm_put_ops() to the failure path. Cc: stable@vger.kernel.org Reported-by: Roberto Sassu <roberto.sassu@huawei.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> --- drivers/char/tpm/tpm-interface.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-)