Frans Hendriks has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/33252 )
Change subject: security/tpm/tss/tcg-2.0: Add multi digits support to tlcl_extend() ......................................................................
Patch Set 8:
(3 comments)
https://review.coreboot.org/c/coreboot/+/33252/8/src/security/tpm/tspi/tspi.... File src/security/tpm/tspi/tspi.c:
https://review.coreboot.org/c/coreboot/+/33252/8/src/security/tpm/tspi/tspi.... PS8, Line 222: sizeof(TPMU_HA)
This was flagged by Coverity, you're using the wrong size. […]
This has been correct in CB:35287
https://review.coreboot.org/c/coreboot/+/33252/8/src/security/tpm/tss/tcg-2.... File src/security/tpm/tss/tcg-2.0/tss.c:
https://review.coreboot.org/c/coreboot/+/33252/8/src/security/tpm/tss/tcg-2.... PS8, Line 151: sizeof(TPMU_HA)
These memcpy()s also use the wrong size.
This has been corrected in CB:35287
https://review.coreboot.org/c/coreboot/+/33252/8/src/security/tpm/tss/tcg-2.... PS8, Line 183: (tpml_digests->digests[0].hashAlg == TPM_ALG_ERROR) &&
I don't understand what this is. […]
To support invalidate of the PCR the hashAlg will be TPM_ALG_ERROR