Re: [tpmdd-devel] [RFC] tpm2-space: add handling for global session exhaustion

From: Jason Gunthorpe
Date: Fri Jan 27 2017 - 18:57:00 EST

Next message: Jonathan Corbet: "[PATCH] docs: Convert the regulator docbook to RST"
Previous message: James Bottomley: "Re: [tpmdd-devel] [RFC] tpm2-space: add handling for global session exhaustion"
In reply to: James Bottomley: "Re: [tpmdd-devel] [RFC] tpm2-space: add handling for global session exhaustion"
Next in thread: James Bottomley: "Re: [tpmdd-devel] [RFC] tpm2-space: add handling for global session exhaustion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jan 27, 2017 at 02:04:59PM -0800, James Bottomley wrote:

> if I look at the code I've written, I don't know what the session
> number is, I just save sessionHandle in a variable for later use (lets
> say to v1). If I got the same session number returned at a later time
> and placed it in v2, all I'd notice is that an authorization using v1
> would fail.

Is there any way that could be used to cause an op thinking it is
using v1 to authorize something it shouldn't?

Jason

Next message: Jonathan Corbet: "[PATCH] docs: Convert the regulator docbook to RST"
Previous message: James Bottomley: "Re: [tpmdd-devel] [RFC] tpm2-space: add handling for global session exhaustion"
In reply to: James Bottomley: "Re: [tpmdd-devel] [RFC] tpm2-space: add handling for global session exhaustion"
Next in thread: James Bottomley: "Re: [tpmdd-devel] [RFC] tpm2-space: add handling for global session exhaustion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]