| Message ID | 1510016336-4086-6-git-send-email-stefanb@linux.vnet.ibm.com |
|---|---|
| State | New |
| Headers | show |
| Series | tpm: Match frontend and backend buffer sizes (not 2.11) | expand |
Hi Stefan, On Mon, Nov 06, 2017 at 07:58:56PM -0500, Stefan Berger wrote: > If the requested buffer size of the frontend is smaller than the fixed > buffer size of the host's TPM, fail the startup_tpm() interface function, > which will make the device unusable. We fail it because the backend TPM > could produce larger packets than what the frontend could pass to the OS. > > The current combination of TIS frontend and either passthrough or emulator > backend will not lead to this case since the TIS can support any size of > buffer. > > Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> > --- > hw/tpm/tpm_passthrough.c | 15 +++++++++++++++ > 1 file changed, 15 insertions(+) > > diff --git a/hw/tpm/tpm_passthrough.c b/hw/tpm/tpm_passthrough.c > index ec755fe..66d5098 100644 > --- a/hw/tpm/tpm_passthrough.c > +++ b/hw/tpm/tpm_passthrough.c > @@ -304,6 +304,20 @@ static TPMBackend *tpm_passthrough_create(QemuOpts *opts) > return TPM_BACKEND(obj); > } > > +static int tpm_passthrough_startup_tpm(TPMBackend *tb, uint32_t buffersize) > +{ > + TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); > + > + if (buffersize && buffersize < tpm_pt->tpm_buffersize) { > + error_report("Requested buffer size of %u is smaller than host TPM's " > + "fixed buffer size of %u", > + buffersize, tpm_pt->tpm_buffersize); Looks ok > + return -1; > + } > + > + return 0; > +} > + > static TpmTypeOptions *tpm_passthrough_get_tpm_options(TPMBackend *tb) > { > TpmTypeOptions *options = g_new0(TpmTypeOptions, 1); > @@ -362,6 +376,7 @@ static void tpm_passthrough_class_init(ObjectClass *klass, void *data) > tbc->opts = tpm_passthrough_cmdline_opts; > tbc->desc = "Passthrough TPM backend driver"; > tbc->create = tpm_passthrough_create; > + tbc->startup_tpm = tpm_passthrough_startup_tpm; > tbc->reset = tpm_passthrough_reset; > tbc->cancel_cmd = tpm_passthrough_cancel_cmd; > tbc->get_tpm_established_flag = tpm_passthrough_get_tpm_established_flag; > -- > 2.5.5 Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
On 11/08/2017 11:22 AM, Marc-André Lureau wrote: > Hi Stefan, > > On Mon, Nov 06, 2017 at 07:58:56PM -0500, Stefan Berger wrote: >> If the requested buffer size of the frontend is smaller than the fixed >> buffer size of the host's TPM, fail the startup_tpm() interface function, >> which will make the device unusable. We fail it because the backend TPM >> could produce larger packets than what the frontend could pass to the OS. >> >> The current combination of TIS frontend and either passthrough or emulator >> backend will not lead to this case since the TIS can support any size of >> buffer. >> >> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> >> --- >> hw/tpm/tpm_passthrough.c | 15 +++++++++++++++ >> 1 file changed, 15 insertions(+) >> >> diff --git a/hw/tpm/tpm_passthrough.c b/hw/tpm/tpm_passthrough.c >> index ec755fe..66d5098 100644 >> --- a/hw/tpm/tpm_passthrough.c >> +++ b/hw/tpm/tpm_passthrough.c >> @@ -304,6 +304,20 @@ static TPMBackend *tpm_passthrough_create(QemuOpts *opts) >> return TPM_BACKEND(obj); >> } >> >> +static int tpm_passthrough_startup_tpm(TPMBackend *tb, uint32_t buffersize) >> +{ >> + TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); >> + >> + if (buffersize && buffersize < tpm_pt->tpm_buffersize) { >> + error_report("Requested buffer size of %u is smaller than host TPM's " >> + "fixed buffer size of %u", >> + buffersize, tpm_pt->tpm_buffersize); > Looks ok > >> + return -1; >> + } >> + >> + return 0; >> +} >> + >> static TpmTypeOptions *tpm_passthrough_get_tpm_options(TPMBackend *tb) >> { >> TpmTypeOptions *options = g_new0(TpmTypeOptions, 1); >> @@ -362,6 +376,7 @@ static void tpm_passthrough_class_init(ObjectClass *klass, void *data) >> tbc->opts = tpm_passthrough_cmdline_opts; >> tbc->desc = "Passthrough TPM backend driver"; >> tbc->create = tpm_passthrough_create; >> + tbc->startup_tpm = tpm_passthrough_startup_tpm; >> tbc->reset = tpm_passthrough_reset; >> tbc->cancel_cmd = tpm_passthrough_cancel_cmd; >> tbc->get_tpm_established_flag = tpm_passthrough_get_tpm_established_flag; >> -- >> 2.5.5 > Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> > Thanks for the review. I'll post v2 shortly. Stefan
diff --git a/hw/tpm/tpm_passthrough.c b/hw/tpm/tpm_passthrough.c index ec755fe..66d5098 100644 --- a/hw/tpm/tpm_passthrough.c +++ b/hw/tpm/tpm_passthrough.c @@ -304,6 +304,20 @@ static TPMBackend *tpm_passthrough_create(QemuOpts *opts) return TPM_BACKEND(obj); } +static int tpm_passthrough_startup_tpm(TPMBackend *tb, uint32_t buffersize) +{ + TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb); + + if (buffersize && buffersize < tpm_pt->tpm_buffersize) { + error_report("Requested buffer size of %u is smaller than host TPM's " + "fixed buffer size of %u", + buffersize, tpm_pt->tpm_buffersize); + return -1; + } + + return 0; +} + static TpmTypeOptions *tpm_passthrough_get_tpm_options(TPMBackend *tb) { TpmTypeOptions *options = g_new0(TpmTypeOptions, 1); @@ -362,6 +376,7 @@ static void tpm_passthrough_class_init(ObjectClass *klass, void *data) tbc->opts = tpm_passthrough_cmdline_opts; tbc->desc = "Passthrough TPM backend driver"; tbc->create = tpm_passthrough_create; + tbc->startup_tpm = tpm_passthrough_startup_tpm; tbc->reset = tpm_passthrough_reset; tbc->cancel_cmd = tpm_passthrough_cancel_cmd; tbc->get_tpm_established_flag = tpm_passthrough_get_tpm_established_flag;
If the requested buffer size of the frontend is smaller than the fixed buffer size of the host's TPM, fail the startup_tpm() interface function, which will make the device unusable. We fail it because the backend TPM could produce larger packets than what the frontend could pass to the OS. The current combination of TIS frontend and either passthrough or emulator backend will not lead to this case since the TIS can support any size of buffer. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com> --- hw/tpm/tpm_passthrough.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+)