[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v3 04/10] tss2: Fix the missing authCommand
|
From: |
Gary Lin |
|
Subject: |
[PATCH v3 04/10] tss2: Fix the missing authCommand |
|
Date: |
Mon, 13 Jan 2025 11:07:07 +0800 |
grub_tpm2_readpublic() and grub_tpm2_testparms() didn't check
'authCommand' when marshaling the input data buffer. Currently, there is
no caller using non-NULL 'authCommand'. However, to avoid the potential
issue, the conditional check is added to insert 'authCommand' into the
input buffer if necessary.
Also fix a few pointer checks.
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
---
grub-core/lib/tss2/tpm2_cmd.c | 10 +++++++---
1 file changed, 7 insertions(+), 3 deletions(-)
diff --git a/grub-core/lib/tss2/tpm2_cmd.c b/grub-core/lib/tss2/tpm2_cmd.c
index cd0c6fd31..211d807d5 100644
--- a/grub-core/lib/tss2/tpm2_cmd.c
+++ b/grub-core/lib/tss2/tpm2_cmd.c
@@ -341,6 +341,8 @@ grub_tpm2_readpublic (const TPMI_DH_OBJECT_t objectHandle,
/* Marshal */
grub_tpm2_buffer_init (&in);
grub_tpm2_buffer_pack_u32 (&in, objectHandle);
+ if (authCommand != NULL)
+ grub_Tss2_MU_TPMS_AUTH_COMMAND_Marshal (&in, authCommand);
if (in.error != 0)
return TPM_RC_FAILURE;
@@ -398,7 +400,7 @@ grub_tpm2_load (const TPMI_DH_OBJECT_t parent_handle,
/* Marshal */
grub_tpm2_buffer_init (&in);
grub_tpm2_buffer_pack_u32 (&in, parent_handle);
- if (authCommand)
+ if (authCommand != NULL)
grub_Tss2_MU_TPMS_AUTH_COMMAND_Marshal (&in, authCommand);
grub_Tss2_MU_TPM2B_Marshal (&in, inPrivate->size, inPrivate->buffer);
grub_Tss2_MU_TPM2B_PUBLIC_Marshal (&in, inPublic);
@@ -461,9 +463,9 @@ grub_tpm2_loadexternal (const TPMS_AUTH_COMMAND_t
*authCommand,
/* Marshal */
grub_tpm2_buffer_init (&in);
- if (authCommand)
+ if (authCommand != NULL)
grub_Tss2_MU_TPMS_AUTH_COMMAND_Marshal (&in, authCommand);
- if (inPrivate)
+ if (inPrivate != NULL)
grub_Tss2_MU_TPM2B_SENSITIVE_Marshal (&in, inPrivate);
else
grub_tpm2_buffer_pack_u16 (&in, 0);
@@ -1023,6 +1025,8 @@ grub_tpm2_testparms (const TPMT_PUBLIC_PARMS_t *parms,
/* Marshal */
grub_tpm2_buffer_init (&in);
grub_Tss2_MU_TPMT_PUBLIC_PARMS_Marshal (&in, parms);
+ if (authCommand != NULL)
+ grub_Tss2_MU_TPMS_AUTH_COMMAND_Marshal (&in, authCommand);
if (in.error != 0)
return TPM_RC_FAILURE;
--
2.43.0
- [PATCH v3 00/10] TPM2 key protector follow-up patches, Gary Lin, 2025/01/12
- [PATCH v3 01/10] tpm2_key_protector: dump PCRs on policy fail, Gary Lin, 2025/01/12
- [PATCH v3 02/10] tpm2_key_protector: Add 'tpm2_dump_pcr' command, Gary Lin, 2025/01/12
- [PATCH v3 03/10] docs: Document tpm2_dump_pcr, Gary Lin, 2025/01/12
- [PATCH v3 04/10] tss2: Fix the missing authCommand,
Gary Lin <=
- [PATCH v3 05/10] tss2: Add TPM 2.0 NV index commands, Gary Lin, 2025/01/12
- [PATCH v3 06/10] tpm2_key_protector: Unseal key from a buffer, Gary Lin, 2025/01/12
- [PATCH v3 07/10] tpm2_key_protector: Support NV index handles, Gary Lin, 2025/01/12
- [PATCH v3 08/10] util/grub-protect: Support NV index mode, Gary Lin, 2025/01/12
- [PATCH v3 09/10] tests/tpm2_key_protector_test: Amend the NV index mode test, Gary Lin, 2025/01/12
- [PATCH v3 10/10] docs: Update NV index mode of TPM2 key protector, Gary Lin, 2025/01/12