diff options
author | Linus Torvalds | 2024-07-19 09:35:53 -0700 |
---|---|---|
committer | Linus Torvalds | 2024-07-19 09:35:53 -0700 |
commit | 07e773db19f16f4111795b658c4748da22c927bb (patch) | |
tree | a1aec8be093b0fb5b759d482ac0483c651253ebe | |
parent | c434e25b62f8efcfbb6bf1f7ce55960206c1137e (diff) | |
parent | 7dc357d343f134bf59815ff6098b93503ec8a23b (diff) |
Merge tag 'tpmdd-next-6.11-rc1-roundtwo' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd
Pull tpm fix from Jarkko Sakkinen:
"An additional fix that supplements my earlier fixes for handling auth,
which I unfortunately missed last time"
* tag 'tpmdd-next-6.11-rc1-roundtwo' of git://git.kernel.org/pub/scm/linux/kernel/git/jarkko/linux-tpmdd:
tpm: Use auth only after NULL check in tpm_buf_check_hmac_response()
-rw-r--r-- | drivers/char/tpm/tpm2-sessions.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/drivers/char/tpm/tpm2-sessions.c b/drivers/char/tpm/tpm2-sessions.c index 2281d55df545..d3521aadd43e 100644 --- a/drivers/char/tpm/tpm2-sessions.c +++ b/drivers/char/tpm/tpm2-sessions.c @@ -746,15 +746,16 @@ int tpm_buf_check_hmac_response(struct tpm_chip *chip, struct tpm_buf *buf, struct tpm2_auth *auth = chip->auth; off_t offset_s, offset_p; u8 rphash[SHA256_DIGEST_SIZE]; - u32 attrs; + u32 attrs, cc; struct sha256_state sctx; u16 tag = be16_to_cpu(head->tag); - u32 cc = be32_to_cpu(auth->ordinal); int parm_len, len, i, handles; if (!auth) return rc; + cc = be32_to_cpu(auth->ordinal); + if (auth->session >= TPM_HEADER_SIZE) { WARN(1, "tpm session not filled correctly\n"); goto out; |