tpm: use u32 instead of int for PCR index

The TPM specs defines PCR index as a positive number, and there is no reason to use a signed number. It is also a possible security issue as currently no functions check for a negative index, which may become a large number when converted to u32. Adjust the API to use u32 instead of int in all PCR related functions. Signed-off-by: Tomas Winkler <tomas.winkler@intel.com> Reviewed-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Tested-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
author: Tomas Winkler <tomas.winkler@intel.com> 2018-10-19 21:23:07 +0300
committer: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> 2018-11-13 13:46:31 +0200
commit: 95adc6b410b7aa895dcf5ed9cb7dc4a20a3d5c5a (patch)
tree: 0062d5eafaa2653c41a74382f6f77cb8f4f54334 /security/integrity
parent: c82e59541a226504a3fe45eb4efca70836548da6 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index d9e7728027c6..acf2c7df7145 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c
@@ -643,7 +643,7 @@ int ima_calc_buffer_hash(const void *buf, loff_t len,
 	return calc_buffer_shash(buf, len, hash);
 }
 
-static void __init ima_pcrread(int idx, u8 *pcr)
+static void __init ima_pcrread(u32 idx, u8 *pcr)
 {
 	if (!ima_tpm_chip)
 		return;
@@ -659,7 +659,8 @@ static int __init ima_calc_boot_aggregate_tfm(char *digest,
 					      struct crypto_shash *tfm)
 {
 	u8 pcr_i[TPM_DIGEST_SIZE];
-	int rc, i;
+	int rc;
+	u32 i;
 	SHASH_DESC_ON_STACK(shash, tfm);
 
 	shash->tfm = tfm;
author	Tomas Winkler <tomas.winkler@intel.com>	2018-10-19 21:23:07 +0300
committer	Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>	2018-11-13 13:46:31 +0200
commit	95adc6b410b7aa895dcf5ed9cb7dc4a20a3d5c5a (patch)
tree	0062d5eafaa2653c41a74382f6f77cb8f4f54334 /security/integrity
parent	c82e59541a226504a3fe45eb4efca70836548da6 (diff)