On Sat, 2018-03-10 at 10:24 +0200, Tomas Winkler wrote:
> + rlength = be32_to_cpu(tpm_cmd.header.out.length);
> + if (rlength < offsetof(struct tpm_getrandom_out, rng_data) +
> + recd) {
> + total = -EFAULT;
> + break;
> + }
> + memcpy(dest, tpm_cmd.params.getrandom_out.rng_data, recd);This rlength stuff can be handled with tpm_buf_length() as I do in my pendig-for-review patch set: https://patchwork.kernel.org/patch/10259331/ /Jarkko
