Hello build bot (Jenkins), Vadim Bendebury, Andrey Pronin,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/41100
to look at the new patch set (#4).
Change subject: security: tcg-2.0: Ignore data payload for errors, fix Cr50 boot mode ......................................................................
security: tcg-2.0: Ignore data payload for errors, fix Cr50 boot mode
This patch improves the response buffer handling for TPM 2.0. Previously we would allow any command to return no payload, but if there was a payload we would always try to unmarshal it according to the normal success response. This was sort of relying on the fact that the TPM usually returns no additional data after the header for error responses, but in practice that is not always true. It also means that commands without a response payload accidentally work by default even though we did not explicitly add unmarshallig support for them, which seems undesirable.
This patch changes the behavior to always accept any amount of payload data for error responses but not unmarshal any of it. None of our use cases actually care about payload data for errors, so it seems safer to not even try to interpret it. For success responses, on the other hand, we always require support for the command to be explicitly added.
This fixes a problem with the Cr50 GET_BOOT_MODE command where an error response would only return the subcommand code but no data after that. Also add support for a second, slightly different NO_SUCH_COMMAND error code that was added in Cr50 recently.
Signed-off-by: Julius Werner jwerner@chromium.org Change-Id: Ib85032d85482d5484180be6fd105f2467f393cd2 --- M src/security/tpm/tss/tcg-2.0/tss_marshaling.c M src/security/tpm/tss/vendor/cr50/cr50.c M src/security/tpm/tss/vendor/cr50/cr50.h 3 files changed, 18 insertions(+), 8 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/00/41100/4