tablet/grub
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

tss2: Always init out buffer before calling tpm2_submit_command_real()

Browse Source 
When tpm2_submit_command_real() is called for a retry, the content of
out buffer can already be set with previous tpm2_submit_command_real()
call's reply. Add a call to grub_tpm2_buffer_init() before tpm2_submit_command_real().

This solves the issues occurring during TPM_CC_Load command on the
integrated TPM 2.0 in Intel Elkhart Lake chip.

Signed-off-by: Yann Diorcet <diorcet.yann@gmail.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
This commit is contained in:
Yann Diorcet 2025-10-23 14:02:50 +02:00 committed by Daniel Kiper
parent 000e48b42c
commit 4129e9ad6f
1 changed files with 1 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
grub-core/lib/tss2/tpm2_cmd.c
View File

@ -89,6 +89,7 @@ tpm2_submit_command (const TPMI_ST_COMMAND_TAG_t tag,
/* Catch TPM_RC_RETRY and send the command again */ /* Catch TPM_RC_RETRY and send the command again */
do { do {
grub_tpm2_buffer_init (out);
err = tpm2_submit_command_real (tag, commandCode, responseCode, in, out); err = tpm2_submit_command_real (tag, commandCode, responseCode, in, out);
if (*responseCode != TPM_RC_RETRY) if (*responseCode != TPM_RC_RETRY)
break; break;
@ -167,7 +168,6 @@ grub_tpm2_createprimary (const TPMI_RH_HIERARCHY_t primaryHandle,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_CreatePrimary, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_CreatePrimary, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -250,7 +250,6 @@ grub_tpm2_startauthsession (const TPMI_DH_OBJECT_t tpmKey,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_StartAuthSession, &responseCode, rc = tpm2_submit_command (tag, TPM_CC_StartAuthSession, &responseCode,
&in, &out); &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
@ -308,7 +307,6 @@ grub_tpm2_policypcr (const TPMI_SH_POLICY_t policySessions,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_PolicyPCR, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_PolicyPCR, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -347,7 +345,6 @@ grub_tpm2_readpublic (const TPMI_DH_OBJECT_t objectHandle,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_ReadPublic, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_ReadPublic, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -408,7 +405,6 @@ grub_tpm2_load (const TPMI_DH_OBJECT_t parent_handle,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_Load, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_Load, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -475,7 +471,6 @@ grub_tpm2_loadexternal (const TPMS_AUTH_COMMAND_t *authCommand,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_LoadExternal, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_LoadExternal, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -527,7 +522,6 @@ grub_tpm2_unseal (const TPMI_DH_OBJECT_t itemHandle,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_Unseal, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_Unseal, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -561,7 +555,6 @@ grub_tpm2_flushcontext (const TPMI_DH_CONTEXT_t handle)
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (TPM_ST_NO_SESSIONS, TPM_CC_FlushContext, &responseCode, &in, &out); rc = tpm2_submit_command (TPM_ST_NO_SESSIONS, TPM_CC_FlushContext, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -609,7 +602,6 @@ grub_tpm2_pcr_event (const TPMI_DH_PCR_t pcrHandle,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (TPM_ST_SESSIONS, TPM_CC_PCR_Event, &responseCode, &in, &out); rc = tpm2_submit_command (TPM_ST_SESSIONS, TPM_CC_PCR_Event, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -666,7 +658,6 @@ grub_tpm2_pcr_read (const TPMS_AUTH_COMMAND_t *authCommand,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_PCR_Read, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_PCR_Read, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -719,7 +710,6 @@ grub_tpm2_policygetdigest (const TPMI_SH_POLICY_t policySession,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_PolicyGetDigest, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_PolicyGetDigest, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -802,7 +792,6 @@ grub_tpm2_create (const TPMI_DH_OBJECT_t parentHandle,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_Create, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_Create, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -856,7 +845,6 @@ grub_tpm2_evictcontrol (const TPMI_RH_PROVISION_t auth,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_EvictControl, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_EvictControl, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -922,7 +910,6 @@ grub_tpm2_hash (const TPMS_AUTH_COMMAND_t *authCommand,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_Hash, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_Hash, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -981,7 +968,6 @@ grub_tpm2_verifysignature (const TPMI_DH_OBJECT_t keyHandle,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_VerifySignature, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_VerifySignature, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -1041,7 +1027,6 @@ grub_tpm2_policyauthorize (const TPMI_SH_POLICY_t policySession,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_PolicyAuthorize, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_PolicyAuthorize, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -1082,7 +1067,6 @@ grub_tpm2_testparms (const TPMT_PUBLIC_PARMS_t *parms,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_TestParms, &responseCode, &in, rc = tpm2_submit_command (tag, TPM_CC_TestParms, &responseCode, &in,
&out); &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
@ -1126,7 +1110,6 @@ grub_tpm2_nv_definespace (const TPMI_RH_PROVISION_t authHandle,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_NV_DefineSpace, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_NV_DefineSpace, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -1161,7 +1144,6 @@ grub_tpm2_nv_undefinespace (const TPMI_RH_PROVISION_t authHandle,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_NV_UndefineSpace, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_NV_UndefineSpace, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -1197,7 +1179,6 @@ grub_tpm2_nv_readpublic (const TPMI_RH_NV_INDEX_t nvIndex,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_NV_ReadPublic, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_NV_ReadPublic, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -1242,7 +1223,6 @@ grub_tpm2_nv_read (const TPMI_RH_NV_AUTH_t authHandle,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_NV_Read, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_NV_Read, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;
@ -1284,7 +1264,6 @@ grub_tpm2_nv_write (const TPMI_RH_NV_AUTH_t authHandle,
return TPM_RC_FAILURE; return TPM_RC_FAILURE;
/* Submit */ /* Submit */
grub_tpm2_buffer_init (&out);
rc = tpm2_submit_command (tag, TPM_CC_NV_Write, &responseCode, &in, &out); rc = tpm2_submit_command (tag, TPM_CC_NV_Write, &responseCode, &in, &out);
if (rc != TPM_RC_SUCCESS) if (rc != TPM_RC_SUCCESS)
return rc; return rc;