[PATCH v4 1/6] tpm: dynamically allocate active_banks array

Ken Goldman kgold at linux.ibm.com
Thu Nov 8 15:54:38 UTC 2018


On 11/8/2018 10:21 AM, Jarkko Sakkinen wrote:

> I would just allocate array of the size of possible banks and grow
> nr_active_banks for active algorithms to keep the code simple because
> we are talking about insignificant amount of wasted space (might be
> even zero bytes given how kernel allocators works)>

Just beware that "possible banks" is tricky.  While 2 is typical, 
getcapability will return a bitmap for each digest algorithm.  This is
also currently 2, but will be 3 in the next TPM, is 4 in the SW TPM,
and is potentially even higher.

Also, account for a TPM that is malicious and can return a count
as high as 0xffffffff.  Range check count.





More information about the Linux-security-module-archive mailing list