tpm20: Support partial reads
ClosedPublic
Actions

Authored by jhibbits on May 9 2024, 3:31 PM.

Details

Reviewers

kd
mw

Commits

rG10eea8dc8c4f: tpm20: Support partial reads

Summary

In some cases the TPM utilities may read only a partial block, instead
of a full block. If a new command starts while in the middle of a read
it may cause the TPM to go catatonic and no longer respond to SPI.

Obtained from: Juniper Networks, Inc.

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

jhibbits created this revision.May 9 2024, 3:31 PM

Herald added a subscriber: imp. · View Herald TranscriptMay 9 2024, 3:31 PM

jhibbits requested review of this revision.May 9 2024, 3:31 PM

Harbormaster completed remote builds in B57638: Diff 138302.May 9 2024, 3:31 PM

kd added inline comments.May 9 2024, 5:22 PM

sys/dev/tpm/tpm20.c
87	We need to clear the part of the buffer that we've just read here. Otherwise you could potentially leak the contents to another caller.

jhibbits added inline comments.May 9 2024, 5:29 PM

sys/dev/tpm/tpm20.c
87	I'm fine clearing it out, but I'm confused how that would happen. We're already adjusting the offset for the next read, so nobody should get "stale" data, only the next data.

kd added inline comments.May 9 2024, 5:35 PM

sys/dev/tpm/tpm20.c
87	Oh, good point. And we can't really get stale data after the current reader is done with reading, since the `sc->total_length` is going to be either 0, or the response length of the subsequent command. One last thing then. Could you please also update tpm_crb.c, so that it's not broken with this commit. Just add `sc->total_length = bytes_available;` at the end of tpmcrb_transmit.