redonkable
/
remarkable-linux
1
0
Fork 0
Code Releases Activity
remarkable-linux/drivers/char/tpm
History
Alexander Steffen a371abb25a tpm-dev-common: Reject too short writes 
commit ee70bc1e7b upstream.

tpm_transmit() does not offer an explicit interface to indicate the number
of valid bytes in the communication buffer. Instead, it relies on the
commandSize field in the TPM header that is encoded within the buffer.
Therefore, ensure that a) enough data has been written to the buffer, so
that the commandSize field is present and b) the commandSize field does not
announce more data than has been written to the buffer.

This should have been fixed with CVE-2011-1161 long ago, but apparently
a correct version of that patch never made it into the kernel.

Signed-off-by: Alexander Steffen <Alexander.Steffen@infineon.com>
Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2017-11-24 08:37:04 +01:00
..
st33zp24 License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
Kconfig tpm/tpm_crb: Enable TPM CRB interface for ARM64 2017-04-03 22:46:03 +03:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tpm-chip.c Do not disable driver and bus shutdown hook when class shutdown hook is set. 2017-08-28 18:02:46 +02:00
tpm-dev-common.c tpm-dev-common: Reject too short writes 2017-11-24 08:37:04 +01:00
tpm-dev.c tpm: split out tpm-dev.c into tpm-dev.c and tpm-common-dev.c 2017-04-03 22:46:01 +03:00
tpm-dev.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tpm-interface.c tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers 2017-09-23 21:51:00 -07:00
tpm-sysfs.c tpm: fix a kernel memory leak in tpm-sysfs.c 2017-07-07 09:49:24 +10:00
tpm.h tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers 2017-09-23 21:51:00 -07:00
tpm1_eventlog.c tpm: add securityfs support for TPM 2.0 firmware event log 2017-02-03 22:03:14 +02:00
tpm2-cmd.c tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers 2017-09-23 21:51:00 -07:00
tpm2-space.c tpm2: add session handle context saving and restoring to the space code 2017-04-03 22:46:02 +03:00
tpm2_eventlog.c tpm: fix handling of the TPM 2.0 event logs 2017-04-25 00:27:18 +03:00
tpm_acpi.c tpm: add securityfs support for TPM 2.0 firmware event log 2017-02-03 22:03:14 +02:00
tpm_atmel.c tpm/tpm_atmel: remove unnecessary NULL check 2017-06-19 02:36:04 +02:00
tpm_atmel.h tpm: remove tpm_read_index and tpm_write_index from tpm.h 2017-02-03 22:03:14 +02:00
tpm_crb.c tpm: tpm_crb: constify acpi_device_id. 2017-09-23 21:49:52 -07:00
tpm_eventlog.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tpm_i2c_atmel.c tpm: Factor out common startup code 2016-07-19 17:43:38 +03:00
tpm_i2c_infineon.c tpm: Apply a sane minimum adapterlimit value for retransmission. 2017-06-13 22:02:08 +03:00
tpm_i2c_nuvoton.c tpm: add sleep only for retry in i2c_nuvoton_write_status() 2017-04-03 22:46:02 +03:00
tpm_ibmvtpm.c tpm: ibmvtpm: simplify crq initialization and document crq format 2017-09-23 21:51:38 -07:00
tpm_ibmvtpm.h tpm_ibmvtpm: properly handle interrupted packet receptions 2015-12-20 15:27:12 +02:00
tpm_infineon.c tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers 2017-09-23 21:51:00 -07:00
tpm_nsc.c tpm: remove tpm_read_index and tpm_write_index from tpm.h 2017-02-03 22:03:14 +02:00
tpm_of.c tpm: do not suspend/resume if power stays on 2017-07-07 09:49:26 +10:00
tpm_ppi.c ACPI: Switch to use generic guid_t in acpi_evaluate_dsm() 2017-06-07 12:20:49 +02:00
tpm_tis.c tpm_tis: make ilb_base_addr static 2017-07-07 09:49:25 +10:00
tpm_tis_core.c tpm: replace msleep() with usleep_range() in TPM 1.2/2.0 generic drivers 2017-09-23 21:51:00 -07:00
tpm_tis_core.h tpm_tis: use default timeout value if chip reports it as zero 2017-01-23 18:28:18 +02:00
tpm_tis_spi.c tpm_tis_spi: Add small delay after last transfer 2017-04-03 22:46:01 +03:00
tpm_vtpm_proxy.c tpm: vtpm_proxy: Prevent userspace from sending driver command 2017-06-13 22:02:09 +03:00
tpmrm-dev.c tpm, tpmrm: Mark tpmrm_write as static 2017-06-13 22:02:08 +03:00
xen-tpmfront.c tpm xen: drop unneeded chip variable 2017-02-14 19:24:33 +02:00