]> git.dujemihanovic.xyz Git - u-boot.git/commitdiff
tpm: Correct the define-space command in TPMv2
authorSimon Glass <sjg@chromium.org>
Wed, 31 Aug 2022 03:05:34 +0000 (21:05 -0600)
committerIlias Apalodimas <ilias.apalodimas@linaro.org>
Sat, 3 Sep 2022 13:54:04 +0000 (16:54 +0300)
The message format is incorrect. Fix it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
lib/tpm-v2.c

index 6058f2e1e4f4292916105fad1fe48f54acab5e7a..3e240bb4c67eca6d33098385de447b8b65b66036 100644 (file)
@@ -89,14 +89,18 @@ u32 tpm2_nv_define_space(struct udevice *dev, u32 space_index,
         * Calculate the offset of the nv_policy piece by adding each of the
         * chunks below.
         */
-       uint offset = 10 + 8 + 13 + 14;
+       const int platform_len = sizeof(u32);
+       const int session_hdr_len = 13;
+       const int message_len = 14;
+       uint offset = TPM2_HDR_LEN + platform_len + session_hdr_len +
+               message_len;
        u8 command_v2[COMMAND_BUFFER_SIZE] = {
                /* header 10 bytes */
                tpm_u16(TPM2_ST_SESSIONS),      /* TAG */
-               tpm_u32(offset + nv_policy_size),/* Length */
+               tpm_u32(offset + nv_policy_size + 2),/* Length */
                tpm_u32(TPM2_CC_NV_DEFINE_SPACE),/* Command code */
 
-               /* handles 8 bytes */
+               /* handles 4 bytes */
                tpm_u32(TPM2_RH_PLATFORM),      /* Primary platform seed */
 
                /* session header 13 bytes */
@@ -107,12 +111,15 @@ u32 tpm2_nv_define_space(struct udevice *dev, u32 space_index,
                tpm_u16(0),                     /* auth_size */
 
                /* message 14 bytes + policy */
-               tpm_u16(12 + nv_policy_size),   /* size */
+               tpm_u16(message_len + nv_policy_size),  /* size */
                tpm_u32(space_index),
                tpm_u16(TPM2_ALG_SHA256),
                tpm_u32(nv_attributes),
                tpm_u16(nv_policy_size),
-               /* nv_policy */
+               /*
+                * nv_policy
+                * space_size
+                */
        };
        int ret;
 
@@ -120,8 +127,9 @@ u32 tpm2_nv_define_space(struct udevice *dev, u32 space_index,
         * Fill the command structure starting from the first buffer:
         *     - the password (if any)
         */
-       ret = pack_byte_string(command_v2, sizeof(command_v2), "s",
-                              offset, nv_policy, nv_policy_size);
+       ret = pack_byte_string(command_v2, sizeof(command_v2), "sw",
+                              offset, nv_policy, nv_policy_size,
+                              offset + nv_policy_size, space_size);
        if (ret)
                return TPM_LIB_ERROR;