Re: [PATCH v3 1/6] tpm-buf: create new functions for handling TPM buffers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On 3/12/18 10:59 AM, James Bottomley wrote:
On Mon, 2018-03-12 at 09:00 -0700, J Freyensee wrote:
+int tpm_buf_init(struct tpm_buf *buf, u16 tag, u32 ordinal)
+{
+	int rc;
+
+	rc = __tpm_buf_init(buf);

Assuming that functions like tpm_buf_init() are the top-level API
being defined in this patch, shouldn't it check if buf is valid
before passing into the internal functions like __tpm_buf_init(buf)
(maybe WARN()/BUG_ON()?).  Or does __tpm_buf_init(buf) do this check?
These are kernel internal APIs designed for on stack struct tpm_buf
usage,

ok.

so I can't think of a viable threat model that would require
this type of checking ... do you have one?

no, nothing particular in mind.  I just get a little nervous when I see variables being passed unchecked into internal functions starting with '__'.

Regards,
Jay


James





[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux