diff options
| author | Stefan Berger <stefanb@linux.vnet.ibm.com> | 2016-02-02 13:09:19 -0500 |
|---|---|---|
| committer | Kevin O'Connor <kevin@koconnor.net> | 2016-02-05 20:49:15 -0500 |
| commit | 7092de319399d0e2c60b1c5e681e7e923cbcd814 (patch) | |
| tree | fa6407733c99ce430d27d793e47d2a8f80e47ee3 | |
| parent | e444dce9361f079c77c1e25e61d3f5864de41e93 (diff) | |
| download | seabios-hppa-7092de319399d0e2c60b1c5e681e7e923cbcd814.zip seabios-hppa-7092de319399d0e2c60b1c5e681e7e923cbcd814.tar.gz seabios-hppa-7092de319399d0e2c60b1c5e681e7e923cbcd814.tar.bz2 | |
tpm: Filter TPM commands in passthrough API
Filter TPM commands in the passthrough API call by matching the
type of tag in the header with the version of the underlying TPM.
Return an error code if the tag indicates that the command is
for the wrong TPM version.
Fix a size check on the way.
Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
| -rw-r--r-- | src/std/tcg.h | 2 | ||||
| -rw-r--r-- | src/tcgbios.c | 19 |
2 files changed, 20 insertions, 1 deletions
diff --git a/src/std/tcg.h b/src/std/tcg.h index 8466b14..dbb3a60 100644 --- a/src/std/tcg.h +++ b/src/std/tcg.h @@ -74,6 +74,8 @@ /* TPM command tags */ #define TPM_TAG_RQU_CMD 0x00c1 +#define TPM_TAG_RQU_AUTH1_CMD 0x00c2 +#define TPM_TAG_RQU_AUTH2_CMD 0x00c3 /* interrupt identifiers (al register) */ enum irq_ids { diff --git a/src/tcgbios.c b/src/tcgbios.c index da457a4..d6010c1 100644 --- a/src/tcgbios.c +++ b/src/tcgbios.c @@ -1065,13 +1065,30 @@ pass_through_to_tpm_int(struct pttti *pttti, struct pttto *pttto) u32 rc = 0; struct tpm_req_header *trh = (void*)pttti->tpmopin; - if (pttti->ipblength < sizeof(struct pttti) + sizeof(trh) + if (pttti->ipblength < sizeof(struct pttti) + sizeof(*trh) || pttti->ipblength != sizeof(struct pttti) + be32_to_cpu(trh->totlen) || pttti->opblength < sizeof(struct pttto)) { rc = TCG_INVALID_INPUT_PARA; goto err_exit; } + u16 tag = be16_to_cpu(trh->tag); + + switch (TPM_version) { + case TPM_VERSION_1_2: + if (tag != TPM_TAG_RQU_CMD && tag != TPM_TAG_RQU_AUTH1_CMD + && tag != TPM_TAG_RQU_AUTH2_CMD) { + rc = TCG_INVALID_INPUT_PARA; + goto err_exit; + } + break; + case TPM_VERSION_2: + if (tag != TPM2_ST_NO_SESSIONS && tag != TPM2_ST_SESSIONS) { + rc = TCG_INVALID_INPUT_PARA; + goto err_exit; + } + } + u32 resbuflen = pttti->opblength - offsetof(struct pttto, tpmopout); int ret = tpmhw_transmit(0, trh, pttto->tpmopout, &resbuflen, TPM_DURATION_TYPE_LONG /* worst case */); |