[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v9 00/22] Automatic Disk Unlock with TPM2
|
From: |
Gary Lin |
|
Subject: |
Re: [PATCH v9 00/22] Automatic Disk Unlock with TPM2 |
|
Date: |
Mon, 8 Apr 2024 10:30:18 +0800 |
On Thu, Apr 04, 2024 at 11:03:47PM +0200, Daniel Kiper wrote:
> On Thu, Mar 07, 2024 at 04:59:05PM +0800, Gary Lin via Grub-devel wrote:
> > On Thu, Feb 08, 2024 at 08:58:43PM +0100, Daniel Kiper wrote:
> > > Hey,
> > >
> > --8<--
> > >
> > > And I have attached the Coverity report. All issues reported there have
> > > to be fixed. If you cannot fix an issue you have to explain why you
> > > cannot do that and what is potential impact on the code stability,
> > > security, etc.
> > >
> > I have went through all the coverity issues. There are 6 issues in the
> > TPM2 stack and the utility:
>
> [...]
>
> Any progress on this? You are blocking another patch set which depends
> on some code which you introduce. If there is no progress here I will
> ask an author of the other patch set to resume the work and queue your
> patch set as a second one to merge.
>
I was waiting for upstream fix for CID 435762(*). It can be fixed by
tweaking an if statement slightly but upstream prefers code refactoring
to remove the loops. Anyway, the only potentially vulnerable call path
is disabled in my patch set, so we can choose to leave the issue for the
later update or just apply a quick fix.
Cheers,
Gary Lin
(*) https://gitlab.com/gnutls/libtasn1/-/issues/49