Vadim Bendebury has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/41100 )
Change subject: security: tcg-2.0: Ignore data payload for errors, fix Cr50 boot mode ......................................................................
Patch Set 3:
(2 comments)
https://review.coreboot.org/c/coreboot/+/41100/2/src/security/tpm/tss/tcg-2.... File src/security/tpm/tss/tcg-2.0/tss_marshaling.c:
https://review.coreboot.org/c/coreboot/+/41100/2/src/security/tpm/tss/tcg-2.... PS2, Line 590: - 10 I would still rather avoid using bare numbers, what is wrong with comparing the size of the packet with the header size field value?
https://review.coreboot.org/c/coreboot/+/41100/2/src/security/tpm/tss/tcg-2.... PS2, Line 597: On errors, we're not sure what the TPM is returning. None of the : commands we use actually expect useful data payloads for errors, so : just ignore any data after the header. sure, this is fine with me too, the policy could be applied across the board.
I was not sure if coreboot cared about error details for other commands, but come to think of it all we report in the log is the error code from the header.