Re: [PATCH v2 07/10] PM: hibernate: Use TPM-backed keys to encrypt image

From: Kees Cook
Date: Sat Sep 24 2022 - 00:32:04 EST

Next message: Al Viro: "Re: [PATCH 5/7] cifs: Change the I/O paths to use an iterator rather than a page list"
Previous message: Gustavo A. R. Silva: "Re: [PATCH] NFC: hci: Split memcpy() of struct hcp_message flexible array"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Sep 23, 2022 at 03:23:43PM -0700, Evan Green wrote:
> On Tue, Sep 20, 2022 at 4:16 PM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> > On Tue, Aug 23, 2022 at 03:25:23PM -0700, Evan Green wrote:
> > > [...]
> > > + ret = key_instantiate_and_link(key, keyinfo, strlen(keyinfo) + 1, NULL,
> > > + NULL);
> >
> > You want to keep the trailing NUL byte here so it's easier to read back
> > later? Reading it back will need to verify the trailing NUL regardless.
> > (Does this get read back?)
>
> Are you referring to the trailing nul on keyinfo? The keyinfo string
> is only used within this function, as key_instantiate_and_link()
> receives it as a parameter string. I can see that
> trusted_instantiate() also null-terminates the buffer defensively for
> itself, but it still seemed prudent to hand in a terminated string. I
> can remove the + 1 if you think it's better.

No, I like having the trailing NUL byte -- it seems more robust that
way. I just wanted to understand who the consumer was going to be. I'm
clear now; thank you! :)

--
Kees Cook

Next message: Al Viro: "Re: [PATCH 5/7] cifs: Change the I/O paths to use an iterator rather than a page list"
Previous message: Gustavo A. R. Silva: "Re: [PATCH] NFC: hci: Split memcpy() of struct hcp_message flexible array"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]