On Fri, Nov 16, 2018 at 05:06:48PM +0100, Roberto Sassu wrote:
On 11/16/2018 2:41 PM, Jarkko Sakkinen wrote:
On Wed, Nov 14, 2018 at 04:31:07PM +0100, Roberto Sassu wrote:
This patch protects against data corruption that could happen in the bus, by checking that that the digest size returned by the TPM during a PCR read matches the size of the algorithm passed to tpm2_pcr_read().
This check is performed after information about the PCR banks has been retrieved.
Signed-off-by: Roberto Sassu roberto.sassu@huawei.com Reviewed-by: Jarkko Sakkinen jarkko.sakkinen@linux.intel.com Cc: stable@vger.kernel.org
Missing fixes tag.
Before this patch set, tpm2_pcr_extend() always copied 20 bytes from the output sent by the TPM.
Roberto
Aah, right, of course. Well the patch set is ATM somewhat broken because this would require a fixes tag that points to a patch insdie the patch set.
Probably good way to fix the issue is to just merge this with the earlier commit.
/Jarkko