Vadim Bendebury has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/41100 )
Change subject: security: tcg-2.0: Improve error response handling, fix Cr50 boot mode ......................................................................
Patch Set 1:
(1 comment)
https://review.coreboot.org/c/coreboot/+/41100/1/src/security/tpm/tss/tcg-2.... File src/security/tpm/tss/tcg-2.0/tss_marshaling.c:
https://review.coreboot.org/c/coreboot/+/41100/1/src/security/tpm/tss/tcg-2.... PS1, Line 556: ibuf_nr_read(ib) == resp->hdr.tpm_size
examining it before the function is what I originally had in mind to minimize the patch. […]
but calling unmarshal_vendor_command() is a separate case in the calling routine - I think it is perfectly logical to check the return code there and not proceed.
If and when we start caring about the payload we could change that, for now I'd rather keep the patch cleaner, and keep header and payload unmarshalling separate.