diff options
author | Andrey Pronin <apronin@google.com> | 2023-04-26 20:08:37 -0700 |
---|---|---|
committer | Chromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com> | 2023-04-27 16:40:45 +0000 |
commit | 03328f1087025caa68f410763f87bbb131d377c9 (patch) | |
tree | 3dc5e8edf158cb6ed66771b287eadc80cae5b2d8 | |
parent | dff7e20754e24019a69c7e2f749519f7ee918d1e (diff) | |
download | chrome-ec-03328f1087025caa68f410763f87bbb131d377c9.tar.gz |
cr50: handle unwritten spaces in read_tpm_nvmem
This CL checks if the space was defined but not written, and if so,
returns TPM_READ_NOT_FOUND from read_tpm_nvmem().
BUG=b:276384456
TEST=with crrev.com/c/2494503, verify that calling chkfwmp
prints "read_tpm_nvmem: object at 0x100a not written"
and then the following when the space is not written:
```
FWMP read result: 1
ccd unlock allowed: 1
policy update allowed: 1
```
To create an unwritten space, run
tpm_manager_client define_space --index=0x100a --size=40
Change-Id: I8eff2be8da1e28204216d4dbbd54e57e8a8127b3
Signed-off-by: Andrey Pronin <apronin@google.com>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/4483017
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
Commit-Queue: Mary Ruthven <mruthven@chromium.org>
Auto-Submit: Andrey Pronin <apronin@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
-rw-r--r-- | board/cr50/tpm_nvmem_ops.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/board/cr50/tpm_nvmem_ops.c b/board/cr50/tpm_nvmem_ops.c index 92e8721b0a..634a540239 100644 --- a/board/cr50/tpm_nvmem_ops.c +++ b/board/cr50/tpm_nvmem_ops.c @@ -38,6 +38,16 @@ enum tpm_read_rv read_tpm_nvmem(uint16_t obj_index, NvReadIndexInfo(object_handle, handle_addr, &nvIndex); /* + * Check that the index was written to. Otherwise, behave as if the + * index doesn't exist. + */ + if (nvIndex.publicArea.attributes.TPMA_NV_WRITTEN == 0) { + CPRINTF("%s: object at 0x%x not written\n", + __func__, obj_index); + return TPM_READ_NOT_FOUND; + } + + /* * We presume it is readable and are not checking the access * limitations. */ |