TPM CVE and race patches
Seth Forshee
seth.forshee at canonical.com
Mon Dec 5 21:22:00 UTC 2011
On Mon, Dec 05, 2011 at 01:05:48PM -0700, Tim Gardner wrote:
> Seth - would you give this a quick review before I send it upstream:
>
> The following changes since commit b6acbb61eb4296c2a25e47e851208bab843ac112:
> Leann Ogasawara (1):
> UBUNTU: [Config] updateconfigs after dropping i386 generic
>
> are available in the git repository at:
>
> git://kernel.ubuntu.com/rtg/ubuntu-precise.git master-next
>
> Tim Gardner (2):
> TPM: Zero whole buffer after copying to userspace
That looks like it ought to do the job.
> TPM: Close data_pending and data_buffer races
That looks like it should work too, but if you're going to go the route
of protecting data_pending with the mutex then you've effectively
eliminated the need for it to be atomic. Seems like you might as well
take it to the logical conclusion and change data_pending to a plain
integer type (looks like size_t would be the appropriate choice).
>
> drivers/char/tpm/tpm.c | 20 +++++++++++---------
> 1 files changed, 11 insertions(+), 9 deletions(-)
> --
> Tim Gardner tim.gardner at canonical.com
More information about the kernel-team
mailing list