On Thu, Mar 06, 2025 at 08:46:52PM +0100, Yann Diorcet wrote:
> When tpm2_submit_command_real is called for a retry, the content of
> out buffer can already be set with previous grub_tcg2_submit_command
> call's reply. Restore previous offset allowing the next
> tpm2_submit_command_real calls to succeed.
>
> This solves the issues occurring during TPM_CC_Load command on the integrated
> TPM 2.0 in Intel Elkhart Lake chip.
>
Thanks for catching this issue!
> Signed-off-by: Diorcet Yann <diorcet.y...@gmail.com>
> ---
> grub-core/lib/tss2/tpm2_cmd.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/grub-core/lib/tss2/tpm2_cmd.c b/grub-core/lib/tss2/tpm2_cmd.c
> index 6d25db1ab..6be6c8fc5 100644
> --- a/grub-core/lib/tss2/tpm2_cmd.c
> +++ b/grub-core/lib/tss2/tpm2_cmd.c
> @@ -85,6 +85,7 @@ tpm2_submit_command (const TPMI_ST_COMMAND_TAG_t tag,
> struct grub_tpm2_buffer *out)
> {
> TPM_RC_t err;
> + grub_size_t offset = out->offset;
> int retry_cnt = 0;
>
> /* Catch TPM_RC_RETRY and send the command again */
Since we always need a clean output buffer, maybe we can call
'grub_tpm2_buffer_init(out)' right before 'tpm2_submit_command_real()'
to make sure the output buffer is always initialized. Besides, with this
change, we can remove all 'grub_tpm2_buffer_init (&out)' in the TPM2
command functions.
Gary Lin
> @@ -93,6 +94,9 @@ tpm2_submit_command (const TPMI_ST_COMMAND_TAG_t tag,
> if (*responseCode != TPM_RC_RETRY)
> break;
>
> + /* May be already filled with previous tpm2_submit_command_real call:
> + restore initial offset */
> + out->offset = offset;
> retry_cnt++;
> } while (retry_cnt < 3);
>
> --
> 2.39.5
>
> _______________________________________________
> Grub-devel mailing list
> Grub-devel@gnu.org
> https://lists.gnu.org/mailman/listinfo/grub-devel
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
