diff options
author | Mattias Nissler <mnissler@chromium.org> | 2019-02-21 10:25:02 +0100 |
---|---|---|
committer | chrome-bot <chrome-bot@chromium.org> | 2019-02-27 04:59:14 -0800 |
commit | 0e9bab362524168cea66476cd418322b9587a5f0 (patch) | |
tree | 9de3fd5fb10dbc886b01e9f7a3508223f41b074c | |
parent | 348132bf4746058d87ec6d6c6cc7bd90c8ca3738 (diff) | |
download | vboot-0e9bab362524168cea66476cd418322b9587a5f0.tar.gz |
tpm_lite: Fix delegation table parsing
The computation to determine the number of table entries was incorrect
due to sizeof(TPM_FAMILY_TABLE_ENTRY) producing a wrong value for the
size of a single entry. TPM_FAMILY_TABLE_ENTRY actually doesn't match
the encoding of the entries in the TPM's response due to alignment.
Fix this by using a constant that reflects the correct entry size.
Relatedly, I found that ReadDelegationFamilyTableTest would have
caught the bug, but was actually not being invoked. Fix this as well.
BUG=chromium:934193
TEST=Unit tests, manual per instructions in bug.
BRANCH=none
Change-Id: Ic72ad110dc0dbf15cc3cc25b438c4bc2bd2d6015
Reviewed-on: https://chromium-review.googlesource.com/1480519
Commit-Ready: Mattias Nissler <mnissler@chromium.org>
Tested-by: Mattias Nissler <mnissler@chromium.org>
Tested-by: Andreea-Elena Costinas <acostinas@google.com>
Reviewed-by: Andrey Pronin <apronin@chromium.org>
-rw-r--r-- | firmware/lib/tpm_lite/tlcl.c | 4 | ||||
-rw-r--r-- | tests/tlcl_tests.c | 1 |
2 files changed, 4 insertions, 1 deletions
diff --git a/firmware/lib/tpm_lite/tlcl.c b/firmware/lib/tpm_lite/tlcl.c index b8d83335..c03e8695 100644 --- a/firmware/lib/tpm_lite/tlcl.c +++ b/firmware/lib/tpm_lite/tlcl.c @@ -1355,7 +1355,9 @@ uint32_t TlclReadDelegationFamilyTable(TPM_FAMILY_TABLE_ENTRY *table, return TPM_E_INVALID_RESPONSE; } - uint32_t table_entries = table_bytes / sizeof(TPM_FAMILY_TABLE_ENTRY); + const uint32_t table_entry_size = + sizeof(uint16_t) + sizeof(uint8_t) + 3 * sizeof(uint32_t); + uint32_t table_entries = table_bytes / table_entry_size; int i; for (i = 0; i < table_entries; ++i) { if (i >= *table_size || !table) { diff --git a/tests/tlcl_tests.c b/tests/tlcl_tests.c index 385350dd..00eae615 100644 --- a/tests/tlcl_tests.c +++ b/tests/tlcl_tests.c @@ -1168,6 +1168,7 @@ int main(void) IFXFieldUpgradeInfoTest(); ReadPubekTest(); TakeOwnershipTest(); + ReadDelegationFamilyTableTest(); return gTestSuccess ? 0 : 255; } |