On Mon, 2024-07-15 at 14:25 +0300, Jarkko Sakkinen wrote: > On Tue Jul 9, 2024 at 5:33 AM EEST, Hao Ge wrote: > > From: Hao Ge <[email protected]> > > > > We shouldn't dereference "auth" until after we have checked that it > > is > > non-NULL. > > > > Fixes: 7ca110f2679b ("tpm: Address !chip->auth in > > tpm_buf_append_hmac_session*()") > > Signed-off-by: Hao Ge <[email protected]> > > Also lacking: > > Reported-by: Dan Carpenter <[email protected]> > Closes: > https://lore.kernel.org/linux-integrity/[email protected]/T/#u > > What is happening here is that my commit exposed pre-existing bug to > static analysis but it did not introduce a new regression.
Actually, it didn't. The previous design was sessions were config determined and either auth would be non-NULL or attach would fail. You chose with this series to make auth the indicator of whether sessions should be used, and before this auth could not be NULL so no bug existed. Consider also the fidelity of the Fixes tag for stable: this commit needs backporting with 7ca110f2679b and Fixes should identify that James
