CC: [email protected] CC: Linux Memory Management List <[email protected]> TO: James Bottomley <[email protected]> CC: Jarkko Sakkinen <[email protected]>
tree: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git master head: dcf1b51d6b2ac5da234ae6883ed0e9422c339588 commit: 14676f1eb79660b6ee262644fa788a5c42ac19e4 [10444/12404] security: keys: trusted: use ASN.1 TPM2 key format for the blobs :::::: branch date: 18 hours ago :::::: commit date: 5 days ago compiler: hppa64-linux-gcc (GCC) 9.3.0 If you fix the issue, kindly add following tag as appropriate Reported-by: kernel test robot <[email protected]> cppcheck possible warnings: (new ones prefixed by >>, may not real problems) >> security/keys/trusted-keys/trusted_tpm2.c:38:25: warning: Either the >> condition '!scratch' is redundant or there is pointer arithmetic with NULL >> pointer. [nullPointerArithmeticRedundantCheck] u8 *end_work = scratch + SCRATCH_SIZE; ^ security/keys/trusted-keys/trusted_tpm2.c:50:6: note: Assuming that condition '!scratch' is not redundant if (!scratch) ^ security/keys/trusted-keys/trusted_tpm2.c:38:25: note: Null pointer addition u8 *end_work = scratch + SCRATCH_SIZE; ^ vim +38 security/keys/trusted-keys/trusted_tpm2.c 14676f1eb79660 James Bottomley 2021-01-27 30 14676f1eb79660 James Bottomley 2021-01-27 31 static int tpm2_key_encode(struct trusted_key_payload *payload, 14676f1eb79660 James Bottomley 2021-01-27 32 struct trusted_key_options *options, 14676f1eb79660 James Bottomley 2021-01-27 33 u8 *src, u32 len) 14676f1eb79660 James Bottomley 2021-01-27 34 { 14676f1eb79660 James Bottomley 2021-01-27 35 const int SCRATCH_SIZE = PAGE_SIZE; 14676f1eb79660 James Bottomley 2021-01-27 36 u8 *scratch = kmalloc(SCRATCH_SIZE, GFP_KERNEL); 14676f1eb79660 James Bottomley 2021-01-27 37 u8 *work = scratch, *work1; 14676f1eb79660 James Bottomley 2021-01-27 @38 u8 *end_work = scratch + SCRATCH_SIZE; 14676f1eb79660 James Bottomley 2021-01-27 39 u8 *priv, *pub; 14676f1eb79660 James Bottomley 2021-01-27 40 u16 priv_len, pub_len; 14676f1eb79660 James Bottomley 2021-01-27 41 14676f1eb79660 James Bottomley 2021-01-27 42 priv_len = get_unaligned_be16(src) + 2; 14676f1eb79660 James Bottomley 2021-01-27 43 priv = src; 14676f1eb79660 James Bottomley 2021-01-27 44 14676f1eb79660 James Bottomley 2021-01-27 45 src += priv_len; 14676f1eb79660 James Bottomley 2021-01-27 46 14676f1eb79660 James Bottomley 2021-01-27 47 pub_len = get_unaligned_be16(src) + 2; 14676f1eb79660 James Bottomley 2021-01-27 48 pub = src; 14676f1eb79660 James Bottomley 2021-01-27 49 14676f1eb79660 James Bottomley 2021-01-27 50 if (!scratch) 14676f1eb79660 James Bottomley 2021-01-27 51 return -ENOMEM; 14676f1eb79660 James Bottomley 2021-01-27 52 14676f1eb79660 James Bottomley 2021-01-27 53 work = asn1_encode_oid(work, end_work, tpm2key_oid, 14676f1eb79660 James Bottomley 2021-01-27 54 asn1_oid_len(tpm2key_oid)); 14676f1eb79660 James Bottomley 2021-01-27 55 14676f1eb79660 James Bottomley 2021-01-27 56 if (options->blobauth_len == 0) { 14676f1eb79660 James Bottomley 2021-01-27 57 unsigned char bool[3], *w = bool; 14676f1eb79660 James Bottomley 2021-01-27 58 /* tag 0 is emptyAuth */ 14676f1eb79660 James Bottomley 2021-01-27 59 w = asn1_encode_boolean(w, w + sizeof(bool), true); 14676f1eb79660 James Bottomley 2021-01-27 60 if (WARN(IS_ERR(w), "BUG: Boolean failed to encode")) 14676f1eb79660 James Bottomley 2021-01-27 61 return PTR_ERR(w); 14676f1eb79660 James Bottomley 2021-01-27 62 work = asn1_encode_tag(work, end_work, 0, bool, w - bool); 14676f1eb79660 James Bottomley 2021-01-27 63 } 14676f1eb79660 James Bottomley 2021-01-27 64 14676f1eb79660 James Bottomley 2021-01-27 65 /* 14676f1eb79660 James Bottomley 2021-01-27 66 * Assume both octet strings will encode to a 2 byte definite length 14676f1eb79660 James Bottomley 2021-01-27 67 * 14676f1eb79660 James Bottomley 2021-01-27 68 * Note: For a well behaved TPM, this warning should never 14676f1eb79660 James Bottomley 2021-01-27 69 * trigger, so if it does there's something nefarious going on 14676f1eb79660 James Bottomley 2021-01-27 70 */ 14676f1eb79660 James Bottomley 2021-01-27 71 if (WARN(work - scratch + pub_len + priv_len + 14 > SCRATCH_SIZE, 14676f1eb79660 James Bottomley 2021-01-27 72 "BUG: scratch buffer is too small")) 14676f1eb79660 James Bottomley 2021-01-27 73 return -EINVAL; 14676f1eb79660 James Bottomley 2021-01-27 74 14676f1eb79660 James Bottomley 2021-01-27 75 work = asn1_encode_integer(work, end_work, options->keyhandle); 14676f1eb79660 James Bottomley 2021-01-27 76 work = asn1_encode_octet_string(work, end_work, pub, pub_len); 14676f1eb79660 James Bottomley 2021-01-27 77 work = asn1_encode_octet_string(work, end_work, priv, priv_len); 14676f1eb79660 James Bottomley 2021-01-27 78 14676f1eb79660 James Bottomley 2021-01-27 79 work1 = payload->blob; 14676f1eb79660 James Bottomley 2021-01-27 80 work1 = asn1_encode_sequence(work1, work1 + sizeof(payload->blob), 14676f1eb79660 James Bottomley 2021-01-27 81 scratch, work - scratch); 14676f1eb79660 James Bottomley 2021-01-27 82 if (WARN(IS_ERR(work1), "BUG: ASN.1 encoder failed")) 14676f1eb79660 James Bottomley 2021-01-27 83 return PTR_ERR(work1); 14676f1eb79660 James Bottomley 2021-01-27 84 14676f1eb79660 James Bottomley 2021-01-27 85 return work1 - payload->blob; 14676f1eb79660 James Bottomley 2021-01-27 86 } 14676f1eb79660 James Bottomley 2021-01-27 87 --- 0-DAY CI Kernel Test Service, Intel Corporation https://lists.01.org/hyperkitty/list/[email protected] _______________________________________________ kbuild mailing list -- [email protected] To unsubscribe send an email to [email protected]
