[PATCH v3 1/6] tpm-buf: create new functions for handling TPM buffers

J Freyensee why2jjj.linux at gmail.com
Tue Mar 13 16:00:48 UTC 2018



On 3/12/18 10:59 AM, James Bottomley wrote:
> On Mon, 2018-03-12 at 09:00 -0700, J Freyensee wrote:
>>> +int tpm_buf_init(struct tpm_buf *buf, u16 tag, u32 ordinal)
>>> +{
>>> +	int rc;
>>> +
>>> +	rc = __tpm_buf_init(buf);
>>
>> Assuming that functions like tpm_buf_init() are the top-level API
>> being defined in this patch, shouldn't it check if buf is valid
>> before passing into the internal functions like __tpm_buf_init(buf)
>> (maybe WARN()/BUG_ON()?).  Or does __tpm_buf_init(buf) do this check?
> These are kernel internal APIs designed for on stack struct tpm_buf
> usage,

ok.

> so I can't think of a viable threat model that would require
> this type of checking ... do you have one?

no, nothing particular in mind.  I just get a little nervous when I see 
variables being passed unchecked into internal functions starting with '__'.

Regards,
Jay

>
> James
>

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html



More information about the Linux-security-module-archive mailing list