git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Jarkko Sakkinen <jarkko@kernel.org>
	Fri, 2 Jan 2026 02:45:19 +0000 (21:45 -0500)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 8 Jan 2026 09:14:58 +0000 (10:14 +0100)
commit	a3b7eb67225c486a2da357c5db3e386f4e64bcde
tree	a53a0c70a942ac94998ca63e7372111b7840dd13	tree \| snapshot
parent	aa85f48dfc55b50ffffefa0a7125bfbe6b7224be	commit \| diff

tpm2-sessions: Fix tpm2_read_public range checks

[ Upstream commit bda1cbf73c6e241267c286427f2ed52b5735d872 ]

tpm2_read_public() has some rudimentary range checks but the function does
not ensure that the response buffer has enough bytes for the full TPMT_HA
payload.

Re-implement the function with necessary checks and validation, and return
name and name size for all handle types back to the caller.

Cc: stable@vger.kernel.org # v6.10+
Fixes: d0a25bb961e6 ("tpm: Add HMAC session name/handle append")
Signed-off-by: Jarkko Sakkinen <jarkko@kernel.org>
Reviewed-by: Jonathan McDowell <noodles@meta.com>
[ different semantics around u8 name_size() ]
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

drivers/char/tpm/tpm2-cmd.c		diff \| blob \| blame \| history
drivers/char/tpm/tpm2-sessions.c		diff \| blob \| blame \| history