leandrof/linux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6b07d30aca
linux/drivers/char
History
Peter Huewe 6b07d30aca TPM: Call tpm_transmit with correct size 
This patch changes the call of tpm_transmit by supplying the size of the
userspace buffer instead of TPM_BUFSIZE.

This got assigned CVE-2011-1161.

[The first hunk didn't make sense given one could expect
 way less data than TPM_BUFSIZE, so added tpm_transmit boundary
 check over bufsiz instead
 The last parameter of tpm_transmit() reflects the amount
 of data expected from the device, and not the buffer size
 being supplied to it. It isn't ideal to parse it directly,
 so we just set it to the maximum the input buffer can handle
 and let the userspace API to do such job.]

Signed-off-by: Rajiv Andrade <srajiv@linux.vnet.ibm.com>
Cc: Stable Kernel <stable@kernel.org>
Signed-off-by: James Morris <jmorris@namei.org>
2011-09-23 09:46:29 +10:00
..
agp agp/intel: Fix typo in G4x_GMCH_SIZE_VT_2M 2011-07-13 07:44:27 +01:00
hw_random n2rng: Attach on Niagara-T3. 2011-07-28 01:26:30 -07:00
ipmi atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
mwave Fix common misspellings 2011-03-31 11:26:23 -03:00
pcmcia pcmcia: Convert pcmcia_device_id declarations to const 2011-05-06 07:46:22 +02:00
tpm TPM: Call tpm_transmit with correct size 2011-09-23 09:46:29 +10:00
xilinx_hwicap treewide: Convert uses of struct resource to resource_size(ptr) 2011-06-10 14:55:36 +02:00
apm-emulation.c PM: Improve error code of pm_notifier_call_chain() 2011-07-15 23:58:20 +02:00
applicom.c drivers/char/applicom.c: fix information leak to userland 2010-10-27 18:03:14 -07:00
applicom.h
bfin-otp.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
briq_panel.c BKL: remove extraneous #include <smp_lock.h> 2010-11-17 08:59:32 -08:00
bsr.c treewide: Convert uses of struct resource to resource_size(ptr) 2011-06-10 14:55:36 +02:00
ds1302.c Merge branch 'llseek' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/bkl 2010-10-22 10:52:56 -07:00
ds1620.c Merge branch 'llseek' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/bkl 2010-10-22 10:52:56 -07:00
dsp56k.c Merge branch 'llseek' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/bkl 2010-10-22 10:52:56 -07:00
dtlk.c Merge branch 'llseek' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/bkl 2010-10-22 10:52:56 -07:00
efirtc.c efirtc: explicitly set llseek to no_llseek 2009-12-16 07:19:59 -08:00
generic_nvram.c drivers: fix up various ->llseek() implementations 2011-07-20 20:47:58 -04:00
genrtc.c Merge branch 'llseek' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/bkl 2010-10-22 10:52:56 -07:00
hangcheck-timer.c Input: sysrq - drop tty argument form handle_sysrq() 2010-08-21 00:34:45 -07:00
hpet.c Merge branch 'x86-vdso-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/linux-2.6-tip 2011-07-22 17:05:15 -07:00
i8k.c i8k: Integrate with the hwmon subsystem 2011-05-25 20:43:33 +02:00
Kconfig arch/tile: add hypervisor-based character driver for SPI flash ROM 2011-06-10 13:07:48 -04:00
lp.c Merge branch 'llseek' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/bkl 2010-10-22 10:52:56 -07:00
Makefile arch/tile: add hypervisor-based character driver for SPI flash ROM 2011-06-10 13:07:48 -04:00
mbcs.c drivers: autoconvert trivial BKL users to private mutex 2010-10-05 15:01:04 +02:00
mbcs.h Fix common misspellings 2011-03-31 11:26:23 -03:00
mem.c kmsg: properly support writev to avoid interleaved printk lines fix 2011-04-19 17:00:48 -07:00
misc.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
mmtimer.c posix-timers: Cleanup namespace 2011-02-02 15:28:19 +01:00
msm_smd_pkt.c drivers/char/msm_smd_pkt.c: don't use IS_ERR() 2011-08-25 16:25:33 -07:00
mspec.c atomic: use <linux/atomic.h> 2011-07-26 16:49:47 -07:00
nsc_gpio.c
nvram.c drivers: fix up various ->llseek() implementations 2011-07-20 20:47:58 -04:00
nwbutton.c Fix common misspellings 2011-03-31 11:26:23 -03:00
nwbutton.h
nwflash.c drivers: autoconvert trivial BKL users to private mutex 2010-10-05 15:01:04 +02:00
pc8736x_gpio.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
ppdev.c drivers/char/ppdev.c: put gotten port value 2011-05-26 17:12:37 -07:00
ps3flash.c fs: push i_mutex and filemap_write_and_wait down into ->fsync() handlers 2011-07-20 20:47:59 -04:00
ramoops.c ramoops: update module parameters 2011-08-03 14:25:21 -10:00
random.c net: Compute protocol sequence numbers and fragment IDs using MD5. 2011-08-06 18:33:19 -07:00
raw.c RAW driver: Remove call to kobject_put(). 2011-05-06 17:52:32 -07:00
rtc.c of/device: Replace struct of_device with struct platform_device 2010-08-06 09:25:50 -06:00
scc.h
scx200_gpio.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
snsc_event.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
snsc.c Merge branch 'llseek' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/bkl 2010-10-22 10:52:56 -07:00
snsc.h headers: kobject.h redux 2011-01-10 08:51:44 -08:00
sonypi.c Fix common misspellings 2011-03-31 11:26:23 -03:00
tb0219.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
tile-srom.c arch/tile: add hypervisor-based character driver for SPI flash ROM 2011-06-10 13:07:48 -04:00
tlclk.c Merge branch 'llseek' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/bkl 2010-10-22 10:52:56 -07:00
toshiba.c Merge branch 'llseek' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/bkl 2010-10-22 10:52:56 -07:00
ttyprintk.c tty: now phase out the ioctl file pointer for good 2011-02-17 11:59:56 -08:00
uv_mmtimer.c BKL: remove extraneous #include <smp_lock.h> 2010-11-17 08:59:32 -08:00
viotape.c Merge branch 'llseek' of git://git.kernel.org/pub/scm/linux/kernel/git/arnd/bkl 2010-10-22 10:52:56 -07:00
virtio_console.c virtio console: don't manually set or finalize VIRTIO_CONSOLE_F_MULTIPORT. 2011-05-30 11:14:13 +09:30