tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

Merge branch 'for-linus' of git://git.selinuxproject.org/~jmorris/linux-security

* 'for-linus' of git://git.selinuxproject.org/~jmorris/linux-security:
TPM: Zero buffer after copying to userspace
TPM: Call tpm_transmit with correct size
TPM: tpm_nsc: Fix a double free of pdev in cleanup_nsc
TPM: TCG_ATMEL should depend on HAS_IOPORT

Linus Torvalds d942e43b e369fde1

+9 -3
+1
drivers/char/tpm/Kconfig
··· 43 43 44 44 config TCG_ATMEL 45 45 tristate "Atmel TPM Interface" 46 + depends on PPC64 || HAS_IOPORT 46 47 ---help--- 47 48 If you have a TPM security chip from Atmel say Yes and it 48 49 will be accessible from within Linux. To compile this driver
+8 -1
drivers/char/tpm/tpm.c
··· 383 383 u32 count, ordinal; 384 384 unsigned long stop; 385 385 386 + if (bufsiz > TPM_BUFSIZE) 387 + bufsiz = TPM_BUFSIZE; 388 + 386 389 count = be32_to_cpu(*((__be32 *) (buf + 2))); 387 390 ordinal = be32_to_cpu(*((__be32 *) (buf + 6))); 388 391 if (count == 0) ··· 1105 1102 { 1106 1103 struct tpm_chip *chip = file->private_data; 1107 1104 ssize_t ret_size; 1105 + int rc; 1108 1106 1109 1107 del_singleshot_timer_sync(&chip->user_read_timer); 1110 1108 flush_work_sync(&chip->work); ··· 1116 1112 ret_size = size; 1117 1113 1118 1114 mutex_lock(&chip->buffer_mutex); 1119 - if (copy_to_user(buf, chip->data_buffer, ret_size)) 1115 + rc = copy_to_user(buf, chip->data_buffer, ret_size); 1116 + memset(chip->data_buffer, 0, ret_size); 1117 + if (rc) 1120 1118 ret_size = -EFAULT; 1119 + 1121 1120 mutex_unlock(&chip->buffer_mutex); 1122 1121 } 1123 1122
-2
drivers/char/tpm/tpm_nsc.c
··· 396 396 if (pdev) { 397 397 tpm_nsc_remove(&pdev->dev); 398 398 platform_device_unregister(pdev); 399 - kfree(pdev); 400 - pdev = NULL; 401 399 } 402 400 403 401 platform_driver_unregister(&nsc_drv);