From patchwork Sat Apr  5 02:15:06 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Stefan Berger <stefanb@linux.ibm.com>
X-Patchwork-Id: 2068792
Return-Path: <slof-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256
 header.s=pp1 header.b=PdlZO5J6;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org
 (client-ip=2404:9400:2:0:216:3eff:fee1:b9f1; helo=lists.ozlabs.org;
 envelope-from=slof-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org;
 receiver=patchwork.ozlabs.org)
Received: from lists.ozlabs.org (lists.ozlabs.org
 [IPv6:2404:9400:2:0:216:3eff:fee1:b9f1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4ZTzZW44pqz1yJ0
	for <incoming@patchwork.ozlabs.org>; Sat,  5 Apr 2025 13:14:59 +1100 (AEDT)
Received: from boromir.ozlabs.org (localhost [IPv6:::1])
	by lists.ozlabs.org (Postfix) with ESMTP id 4ZTzZr3hB6z2yyJ
	for <incoming@patchwork.ozlabs.org>; Sat,  5 Apr 2025 13:15:16 +1100 (AEDT)
X-Original-To: slof@lists.ozlabs.org
Delivered-To: slof@lists.ozlabs.org
Authentication-Results: lists.ozlabs.org;
 arc=none smtp.remote-ip=148.163.156.1
ARC-Seal: i=1; a=rsa-sha256; d=lists.ozlabs.org; s=201707; t=1743819315;
	cv=none;
 b=gUYEd6O+SEoBfRYQQaZJgdxTGfvfuoH26Qd9a6NwmmAwR2FEGr1AlhEtXug7wM8/g/syXjXD/sRxq4RtAhYDN3qTMGyVo2BxZrXfCvl+ePNWyCwncdtqC+g7kDM013jVQ5Z8BlgaLfET3s55husiDUIGJ6u4gZtJt7pBwOuhJoSWfEhYk7R2rf2MO2Xk0f9oTuXuhVt69KskFgh5vTPiWws//60EgYCYw75od/bkeXtA2RV42Xhrj8YTxj86QRcBn/tGkCdiRPGfTYSJ3E6bR506dIPF3qrwFMJS2XgngjHDf6FZD9FuL0e9oNYWjqpNXecE3DnAJKLYfwCknEdehg==
ARC-Message-Signature: i=1; a=rsa-sha256; d=lists.ozlabs.org; s=201707;
	t=1743819315; c=relaxed/relaxed;
	bh=CaZpe8U280XS6KiqzzW9/1ljuGMa6Tz8DFdSi/URvaE=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=U4Ff2Oz/wxD8HzAsJtdLUUGgK3zGSYOtOnMq5xbnqU4rZvoaztkMW/ipPoY6/Ye+bc/5gI/WjSQFybBQsucW39yDBm6qoZqqtKRsZINaVgItcGQvqr0/OWRmbpc1JQeN1fckaqhkyl0FWif4xEFcGyFc9vO7E6ZmxOoR5gjCooMq8A+L08crtFfCNwSrNhlY9orYxuNQH1/K+x7ngbTOMV7SZMyClIWPMk9KtUCfsBVa/SN2dsL4WkwaHuTY63cGkpyBLuBD33pMzcFAhYRYDONtr6x1UpGbw4wBIWyhXvW5IEBIVnoVnFXYxDuID0u6htoAjU2ZvPGOTPucGcG6mw==
ARC-Authentication-Results: i=1; lists.ozlabs.org;
 dmarc=pass (p=none dis=none) header.from=linux.ibm.com;
 dkim=pass (2048-bit key;
 unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256
 header.s=pp1 header.b=PdlZO5J6; dkim-atps=neutral;
 spf=pass (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com;
 envelope-from=stefanb@linux.ibm.com;
 receiver=lists.ozlabs.org) smtp.mailfrom=linux.ibm.com
Authentication-Results: lists.ozlabs.org;
 dmarc=pass (p=none dis=none) header.from=linux.ibm.com
Authentication-Results: lists.ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256
 header.s=pp1 header.b=PdlZO5J6;
	dkim-atps=neutral
Authentication-Results: lists.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=linux.ibm.com
 (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com;
 envelope-from=stefanb@linux.ibm.com; receiver=lists.ozlabs.org)
Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com
 [148.163.156.1])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by lists.ozlabs.org (Postfix) with ESMTPS id 4ZTzZp249Yz2yFJ
	for <slof@lists.ozlabs.org>; Sat,  5 Apr 2025 13:15:13 +1100 (AEDT)
Received: from pps.filterd (m0360083.ppops.net [127.0.0.1])
	by mx0a-001b2d01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id
 534EfPsR031772;
	Sat, 5 Apr 2025 02:15:12 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc
	:content-transfer-encoding:date:from:in-reply-to:message-id
	:mime-version:references:subject:to; s=pp1; bh=CaZpe8U280XS6Kiqz
	zW9/1ljuGMa6Tz8DFdSi/URvaE=; b=PdlZO5J6Y0C7/5WyZQPi3mD9bB/ucwwB+
	Oimq5amAwm7AUzLIfQSpFcHLDTWSaVfh7Z/aXjQi4fsq3QVg3l5KPWorLtxWoK3v
	XY9XvQauXsrhNLSdjgHfcPdC+fdT9Ie8b2MwHRdbM9+NWSE9aQoNfOr54Tl750Ed
	rSwGY9ttwAKmJpxSv0TkBjBWN7jbVx9wgQHhmjXLKexj4tbYWF0mOzgeZMvFl1qb
	teNGEJLbBECDNW4tBk3pwpKkkQM8YDMGADYOLAry/lc2cNae5Jhtn8lArfYA41ii
	3YnzEX0LLwhT27SFC2W9lQnD+yJqrE1nt0vFv2zQqslwlLLMqSCRA==
Received: from ppma13.dal12v.mail.ibm.com
 (dd.9e.1632.ip4.static.sl-reverse.com [50.22.158.221])
	by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 45t7t9njwv-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Sat, 05 Apr 2025 02:15:11 +0000 (GMT)
Received: from pps.filterd (ppma13.dal12v.mail.ibm.com [127.0.0.1])
	by ppma13.dal12v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id
 534NDvOt003240;
	Sat, 5 Apr 2025 02:15:11 GMT
Received: from smtprelay07.wdc07v.mail.ibm.com ([172.16.1.74])
	by ppma13.dal12v.mail.ibm.com (PPS) with ESMTPS id 45t2cdwsk6-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Sat, 05 Apr 2025 02:15:11 +0000
Received: from smtpav04.wdc07v.mail.ibm.com (smtpav04.wdc07v.mail.ibm.com
 [10.39.53.231])
	by smtprelay07.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id
 5352FAq64981448
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
	Sat, 5 Apr 2025 02:15:10 GMT
Received: from smtpav04.wdc07v.mail.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 6649758050;
	Sat,  5 Apr 2025 02:15:10 +0000 (GMT)
Received: from smtpav04.wdc07v.mail.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id DC2C058054;
	Sat,  5 Apr 2025 02:15:09 +0000 (GMT)
Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153])
	by smtpav04.wdc07v.mail.ibm.com (Postfix) with ESMTP;
	Sat,  5 Apr 2025 02:15:09 +0000 (GMT)
From: Stefan Berger <stefanb@linux.ibm.com>
To: slof@lists.ozlabs.org, aik@ozlabs.ru
Date: Fri,  4 Apr 2025 22:15:06 -0400
Message-ID: <20250405021507.2707113-2-stefanb@linux.ibm.com>
X-Mailer: git-send-email 2.49.0
In-Reply-To: <20250405021507.2707113-1-stefanb@linux.ibm.com>
References: <20250405021507.2707113-1-stefanb@linux.ibm.com>
MIME-Version: 1.0
X-TM-AS-GCONF: 00
X-Proofpoint-GUID: rF19JME2C_67OD_q1UNpp9OQxtEfIstN
X-Proofpoint-ORIG-GUID: rF19JME2C_67OD_q1UNpp9OQxtEfIstN
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.293,Aquarius:18.0.1095,Hydra:6.0.680,FMLib:17.12.68.34
 definitions=2025-04-05_01,2025-04-03_03,2024-11-22_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0
 adultscore=0 spamscore=0
 malwarescore=0 mlxscore=0 clxscore=1015 suspectscore=0 priorityscore=1501
 lowpriorityscore=0 impostorscore=0 mlxlogscore=801 bulkscore=0
 phishscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.19.0-2502280000 definitions=main-2504050011
X-Spam-Status: No, score=-1.7 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,
	SPF_PASS autolearn=disabled version=4.0.1
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on lists.ozlabs.org
Subject: [SLOF] [PATCH v2 1/2] tcgbios: Fix endianess of NumberOfPartitions
X-BeenThere: slof@lists.ozlabs.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Patches for https://github.com/aik/SLOF" <slof.lists.ozlabs.org>
List-Unsubscribe: <https://lists.ozlabs.org/options/slof>,
 <mailto:slof-request@lists.ozlabs.org?subject=unsubscribe>
List-Archive: <http://lists.ozlabs.org/pipermail/slof/>
List-Post: <mailto:slof@lists.ozlabs.org>
List-Help: <mailto:slof-request@lists.ozlabs.org?subject=help>
List-Subscribe: <https://lists.ozlabs.org/listinfo/slof>,
 <mailto:slof-request@lists.ozlabs.org?subject=subscribe>
Cc: thuth@redhat.com, Stefan Berger <stefanb@linux.ibm.com>
Errors-To: slof-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org
Sender: "SLOF" <slof-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>

Write the 64bit integer 'NumberOfPartitions' in little endian format into
the uefi_gpt_data so that they end up in little endian format in the
measurement log.

Fixes: 16a1867425ee ("tcgbios: Measure the GPT table")
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 lib/libtpm/tcgbios.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/lib/libtpm/tcgbios.c b/lib/libtpm/tcgbios.c
index 03443f9..5e657bd 100644
--- a/lib/libtpm/tcgbios.c
+++ b/lib/libtpm/tcgbios.c
@@ -1092,7 +1092,7 @@ void tpm_gpt_set_lba1(const uint8_t *addr, uint32_t length)
 
 	memcpy(&uefi_gpt_data->EfiPartitionHeader,
 	       addr, MIN(sizeof(uefi_gpt_data->EfiPartitionHeader), length));
-	uefi_gpt_data->NumberOfPartitions = 0;
+	uefi_gpt_data->NumberOfPartitions = cpu_to_le64(0);
 }
 
 /*
@@ -1104,6 +1104,7 @@ void tpm_gpt_add_entry(const uint8_t *addr, uint32_t length)
 	size_t sz;
 	UEFI_PARTITION_ENTRY *upe = (void *)addr;
 	void *tmp;
+	uint64_t numberOfPartitions;
 
 	if (!tpm_is_working() ||
 	    !uefi_gpt_data ||
@@ -1111,8 +1112,9 @@ void tpm_gpt_add_entry(const uint8_t *addr, uint32_t length)
 	    !memcmp(upe->partTypeGuid, ZeroGuid, sizeof(ZeroGuid)))
 		return;
 
+	numberOfPartitions = le64_to_cpu(uefi_gpt_data->NumberOfPartitions);
 	sz = offset_of(UEFI_GPT_DATA, Partitions) +
-	       (uefi_gpt_data->NumberOfPartitions + 1)
+	       (numberOfPartitions + 1)
 	       * sizeof(UEFI_PARTITION_ENTRY);
 	if (sz > uefi_gpt_data_size) {
 		tmp = SLOF_alloc_mem(sz);
@@ -1125,10 +1127,12 @@ void tpm_gpt_add_entry(const uint8_t *addr, uint32_t length)
 		uefi_gpt_data_size = sz;
 	}
 
-	memcpy(&uefi_gpt_data->Partitions[uefi_gpt_data->NumberOfPartitions],
+	memcpy(&uefi_gpt_data->Partitions[numberOfPartitions],
 	       addr,
 	       sizeof(UEFI_PARTITION_ENTRY));
-	uefi_gpt_data->NumberOfPartitions++;
+
+	numberOfPartitions++;
+	uefi_gpt_data->NumberOfPartitions = cpu_to_le64(numberOfPartitions);
 
 	return;
 
@@ -1150,7 +1154,8 @@ uint32_t tpm_measure_gpt(void)
 		return TCGBIOS_GENERAL_ERROR;
 
 	sz = offset_of(UEFI_GPT_DATA, Partitions) +
-	     uefi_gpt_data->NumberOfPartitions * sizeof(UEFI_PARTITION_ENTRY);
+	       le64_to_cpu(uefi_gpt_data->NumberOfPartitions)
+	       * sizeof(UEFI_PARTITION_ENTRY);
 
 	return tpm_add_measurement_to_log(5, EV_EFI_GPT_EVENT,
 					  (const char *)uefi_gpt_data, sz,

From patchwork Sat Apr  5 02:15:07 2025
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Stefan Berger <stefanb@linux.ibm.com>
X-Patchwork-Id: 2068793
Return-Path: <slof-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256
 header.s=pp1 header.b=E61pqf11;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=lists.ozlabs.org
 (client-ip=2404:9400:2:0:216:3eff:fee1:b9f1; helo=lists.ozlabs.org;
 envelope-from=slof-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org;
 receiver=patchwork.ozlabs.org)
Received: from lists.ozlabs.org (lists.ozlabs.org
 [IPv6:2404:9400:2:0:216:3eff:fee1:b9f1])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4ZTzZW3lFDz1yHw
	for <incoming@patchwork.ozlabs.org>; Sat,  5 Apr 2025 13:14:59 +1100 (AEDT)
Received: from boromir.ozlabs.org (localhost [IPv6:::1])
	by lists.ozlabs.org (Postfix) with ESMTP id 4ZTzZs5WGnz30T3
	for <incoming@patchwork.ozlabs.org>; Sat,  5 Apr 2025 13:15:17 +1100 (AEDT)
X-Original-To: slof@lists.ozlabs.org
Delivered-To: slof@lists.ozlabs.org
Authentication-Results: lists.ozlabs.org;
 arc=none smtp.remote-ip=148.163.158.5
ARC-Seal: i=1; a=rsa-sha256; d=lists.ozlabs.org; s=201707; t=1743819316;
	cv=none;
 b=TIscioga7KTGNmLQliu5BguVzUMdkXRFP13jcusv5zsSmJeZEfNT9PuW3f0vOfiVPFuPKbv1/5bEhGkzmXtcOOb7s1lPDqFf2DBpkwSFq+MylINdfyirj4dn84r/lIpFIpNJH9+IHFUWJXGmOcW2NKiYZc4cGOK+FUz2LT5VAwHTxFPGP2VZKuL2l+F4aUw+dVqdDq2eguOduefV42I7bkim98lQSJq0xTXA88LBJ17ZT6h7CjLDlU3T8o4Tyc1vWAg6G3Y+6Dg43qImVXr7gWPevBL6eNI96Y9Vf7DxCH/b7XHnWxEXL6Ju8HImsqlNZs+GSc7pMGmYW6fREvnK6g==
ARC-Message-Signature: i=1; a=rsa-sha256; d=lists.ozlabs.org; s=201707;
	t=1743819316; c=relaxed/relaxed;
	bh=vY1oCjv3xIjypByV93yt7RuTwlNbdkUwHVF/h2OQKGQ=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=DjD00HWowX8150sRV44tIrz17SyjIKSmRyYnQ1GfSest6MfM9WGJk6VetaJrfDJP9l5TLe+fEhF37rVgYDO11HhvGIygo6LOZ8lXelNtBIvGh0eGOC1C9ses6eGM7Snx6lg05Y1D0OyDx2iO4/jekjEo/JWbN16g/9G7HImwqM5c+sJx2ihlaUn3l3drvMt4emtIAOcpKUkGL/QXHDhBpyZ5JSieUA7B0NBSfnkGkDzqD8R0YJC60Ji0O2QRh1vAjFfury58Z9DpVzZ53pGHB8dwJA9Ja3GSz6DIG/NjLLjCeU/7EN8HmP9JpDaCV1f1nqT7T2Sh6+dFvW2U8A2vsA==
ARC-Authentication-Results: i=1; lists.ozlabs.org;
 dmarc=pass (p=none dis=none) header.from=linux.ibm.com;
 dkim=pass (2048-bit key;
 unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256
 header.s=pp1 header.b=E61pqf11; dkim-atps=neutral;
 spf=pass (client-ip=148.163.158.5; helo=mx0b-001b2d01.pphosted.com;
 envelope-from=stefanb@linux.ibm.com;
 receiver=lists.ozlabs.org) smtp.mailfrom=linux.ibm.com
Authentication-Results: lists.ozlabs.org;
 dmarc=pass (p=none dis=none) header.from=linux.ibm.com
Authentication-Results: lists.ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256
 header.s=pp1 header.b=E61pqf11;
	dkim-atps=neutral
Authentication-Results: lists.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=linux.ibm.com
 (client-ip=148.163.158.5; helo=mx0b-001b2d01.pphosted.com;
 envelope-from=stefanb@linux.ibm.com; receiver=lists.ozlabs.org)
Received: from mx0b-001b2d01.pphosted.com (mx0b-001b2d01.pphosted.com
 [148.163.158.5])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by lists.ozlabs.org (Postfix) with ESMTPS id 4ZTzZq3Nv7z2yFJ
	for <slof@lists.ozlabs.org>; Sat,  5 Apr 2025 13:15:15 +1100 (AEDT)
Received: from pps.filterd (m0356516.ppops.net [127.0.0.1])
	by mx0a-001b2d01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id
 5350PDlP012456;
	Sat, 5 Apr 2025 02:15:12 GMT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc
	:content-transfer-encoding:date:from:in-reply-to:message-id
	:mime-version:references:subject:to; s=pp1; bh=vY1oCjv3xIjypByV9
	3yt7RuTwlNbdkUwHVF/h2OQKGQ=; b=E61pqf11+Q75NAQDnDbgXDsyctEGiKbhh
	x9si9xeGpLsfTLo/SPSwKSh+zYDbx6rcOCoJgd3VMF2gKOeMOZ5BIpU7ErpxQHzC
	dWw10smWAkYSe8IiNdQDyzZ71BNHOOt3kCzs1O5wa0ckR9mtgSKq7phUKt1SwqAt
	ATzbF4Y1gqaQCSA1+2/28i1nWMICa7nHVQ1zKdEWxrnOWjCA+4n7QTotLam7GhZz
	3arVjs48Lfnh79iGpBwAQf5WvqhP0z5XrEpjrENqtO2mJwBqyYPWKRK3mZQ8B/Rn
	eRRT489dE/UlmhOak5RPWbx4jSMqz0VAuZoYJYag55e9RSa5MYqSA==
Received: from ppma12.dal12v.mail.ibm.com
 (dc.9e.1632.ip4.static.sl-reverse.com [50.22.158.220])
	by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 45tsxp09v6-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Sat, 05 Apr 2025 02:15:12 +0000 (GMT)
Received: from pps.filterd (ppma12.dal12v.mail.ibm.com [127.0.0.1])
	by ppma12.dal12v.mail.ibm.com (8.18.1.2/8.18.1.2) with ESMTP id
 534NtPDD030618;
	Sat, 5 Apr 2025 02:15:11 GMT
Received: from smtprelay02.dal12v.mail.ibm.com ([172.16.1.4])
	by ppma12.dal12v.mail.ibm.com (PPS) with ESMTPS id 45t2e4wr89-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
	Sat, 05 Apr 2025 02:15:11 +0000
Received: from smtpav04.wdc07v.mail.ibm.com (smtpav04.wdc07v.mail.ibm.com
 [10.39.53.231])
	by smtprelay02.dal12v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id
 5352FBBo18154062
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
	Sat, 5 Apr 2025 02:15:11 GMT
Received: from smtpav04.wdc07v.mail.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 12E7358050;
	Sat,  5 Apr 2025 02:15:11 +0000 (GMT)
Received: from smtpav04.wdc07v.mail.ibm.com (unknown [127.0.0.1])
	by IMSVA (Postfix) with ESMTP id 88A9058045;
	Sat,  5 Apr 2025 02:15:10 +0000 (GMT)
Received: from sbct-3.pok.ibm.com (unknown [9.47.158.153])
	by smtpav04.wdc07v.mail.ibm.com (Postfix) with ESMTP;
	Sat,  5 Apr 2025 02:15:10 +0000 (GMT)
From: Stefan Berger <stefanb@linux.ibm.com>
To: slof@lists.ozlabs.org, aik@ozlabs.ru
Date: Fri,  4 Apr 2025 22:15:07 -0400
Message-ID: <20250405021507.2707113-3-stefanb@linux.ibm.com>
X-Mailer: git-send-email 2.49.0
In-Reply-To: <20250405021507.2707113-1-stefanb@linux.ibm.com>
References: <20250405021507.2707113-1-stefanb@linux.ibm.com>
MIME-Version: 1.0
X-TM-AS-GCONF: 00
X-Proofpoint-GUID: VEYbDeDQdAu5jBS6qo30KPF8H5lA6Xz4
X-Proofpoint-ORIG-GUID: VEYbDeDQdAu5jBS6qo30KPF8H5lA6Xz4
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.293,Aquarius:18.0.1095,Hydra:6.0.680,FMLib:17.12.68.34
 definitions=2025-04-05_01,2025-04-03_03,2024-11-22_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0
 lowpriorityscore=0
 phishscore=0 mlxscore=0 suspectscore=0 mlxlogscore=949 bulkscore=0
 malwarescore=0 clxscore=1015 adultscore=0 spamscore=0 priorityscore=1501
 impostorscore=0 classifier=spam adjust=0 reason=mlx scancount=1
 engine=8.19.0-2502280000 definitions=main-2504050011
X-Spam-Status: No, score=-1.7 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,
	SPF_PASS autolearn=disabled version=4.0.1
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-25) on lists.ozlabs.org
Subject: [SLOF] [PATCH v2 2/2] tcgbios: Only measure size indicated in UEFI
 partition table header
X-BeenThere: slof@lists.ozlabs.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Patches for https://github.com/aik/SLOF" <slof.lists.ozlabs.org>
List-Unsubscribe: <https://lists.ozlabs.org/options/slof>,
 <mailto:slof-request@lists.ozlabs.org?subject=unsubscribe>
List-Archive: <http://lists.ozlabs.org/pipermail/slof/>
List-Post: <mailto:slof@lists.ozlabs.org>
List-Help: <mailto:slof-request@lists.ozlabs.org?subject=help>
List-Subscribe: <https://lists.ozlabs.org/listinfo/slof>,
 <mailto:slof-request@lists.ozlabs.org?subject=subscribe>
Cc: thuth@redhat.com, Stefan Berger <stefanb@linux.ibm.com>
Errors-To: slof-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org
Sender: "SLOF" <slof-bounces+incoming=patchwork.ozlabs.org@lists.ozlabs.org>

Remove the reserved byte array from the UEFI_PARTITION_TABLE_HEADER
to avoid measuring zero bytes. Only log and measure the header as
indicated by its size. This size is expected to be exactly the size
of UEFI_PARTITION_TABLE_HEADER (= 92 bytes).

Fixes: 16a1867425ee ("tcgbios: Measure the GPT table")
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 lib/libtpm/tcgbios.c     | 12 ++++++++++--
 lib/libtpm/tcgbios_int.h |  1 -
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/lib/libtpm/tcgbios.c b/lib/libtpm/tcgbios.c
index 5e657bd..30fd921 100644
--- a/lib/libtpm/tcgbios.c
+++ b/lib/libtpm/tcgbios.c
@@ -1080,6 +1080,8 @@ uint32_t tpm_measure_bcv_mbr(uint32_t bootdrv, const uint8_t *addr,
  */
 void tpm_gpt_set_lba1(const uint8_t *addr, uint32_t length)
 {
+	UEFI_PARTITION_TABLE_HEADER *upth = (UEFI_PARTITION_TABLE_HEADER *)addr;
+
 	if (!tpm_is_working())
 		return;
 
@@ -1090,8 +1092,14 @@ void tpm_gpt_set_lba1(const uint8_t *addr, uint32_t length)
 	if (!uefi_gpt_data)
 		return;
 
-	memcpy(&uefi_gpt_data->EfiPartitionHeader,
-	       addr, MIN(sizeof(uefi_gpt_data->EfiPartitionHeader), length));
+	/* Length must be at least the size of EfiPartitionHeader (92bytes) */
+	if (length < sizeof(uefi_gpt_data->EfiPartitionHeader) ||
+	    le32_to_cpu(upth->header.size) !=
+	      sizeof(uefi_gpt_data->EfiPartitionHeader))
+		return;
+
+	memcpy(&uefi_gpt_data->EfiPartitionHeader, addr,
+	       sizeof(uefi_gpt_data->EfiPartitionHeader));
 	uefi_gpt_data->NumberOfPartitions = cpu_to_le64(0);
 }
 
diff --git a/lib/libtpm/tcgbios_int.h b/lib/libtpm/tcgbios_int.h
index cc38455..5bbd9d5 100644
--- a/lib/libtpm/tcgbios_int.h
+++ b/lib/libtpm/tcgbios_int.h
@@ -116,7 +116,6 @@ typedef struct {
 	uint32_t numPartEntry;
 	uint32_t partEntrySize;
 	uint32_t partArrayCrc32;
-	uint8_t reserved[420];
 } __attribute__((packed)) UEFI_PARTITION_TABLE_HEADER;
 
 typedef struct {