diff options
| author | Ilya Smirnov <ismirno@us.ibm.com> | 2019-02-20 15:16:28 -0600 |
|---|---|---|
| committer | Daniel M. Crowell <dcrowell@us.ibm.com> | 2019-02-22 10:03:00 -0600 |
| commit | 09e13a7563a3e0dd6ed69100137d2ea4a7d7ee80 (patch) | |
| tree | d648fc07c4803c075437857dbb04bf0a7c24fffa /src/usr/secureboot | |
| parent | eba5c2ffe5ffb1f50966b7990e2f5f71f09105ce (diff) | |
| download | talos-hostboot-09e13a7563a3e0dd6ed69100137d2ea4a7d7ee80.tar.gz talos-hostboot-09e13a7563a3e0dd6ed69100137d2ea4a7d7ee80.zip | |
Secureboot: Enhanced Multinode Comm: Quote Size Fix
It was discovered that the quote and signature data returned
from TPM as part of the new multinode comm contained an extra
uint32 size field that should not be inlcuded into the slave
quote blob. This commit removes that size field from the quote.
Change-Id: Ia40eeee67567d08b1c1982f964dab1db411ff81b
RTC: 203645
Reviewed-on: http://rchgit01.rchland.ibm.com/gerrit1/72216
Tested-by: Jenkins Server <pfd-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP Build CI <op-jenkins+hostboot@us.ibm.com>
Tested-by: FSP CI Jenkins <fsp-CI-jenkins+hostboot@us.ibm.com>
Tested-by: Jenkins OP HW <op-hw-jenkins+hostboot@us.ibm.com>
Reviewed-by: Christopher J. Engel <cjengel@us.ibm.com>
Reviewed-by: Nicholas E. Bofferding <bofferdn@us.ibm.com>
Reviewed-by: Daniel M. Crowell <dcrowell@us.ibm.com>
Diffstat (limited to 'src/usr/secureboot')
| -rw-r--r-- | src/usr/secureboot/trusted/trustedTypes.H | 1 | ||||
| -rw-r--r-- | src/usr/secureboot/trusted/trustedbootCmds.C | 5 |
2 files changed, 5 insertions, 1 deletions
diff --git a/src/usr/secureboot/trusted/trustedTypes.H b/src/usr/secureboot/trusted/trustedTypes.H index fee966520..947669701 100644 --- a/src/usr/secureboot/trusted/trustedTypes.H +++ b/src/usr/secureboot/trusted/trustedTypes.H @@ -598,6 +598,7 @@ namespace TRUSTEDBOOT struct _TPM2_QuoteOut { TPM2_BaseOut base; + uint32_t authSessionSize; uint8_t quoteData[MAX_TRANSMIT_SIZE]; } PACKED; typedef struct _TPM2_QuoteOut TPM2_QuoteOut; diff --git a/src/usr/secureboot/trusted/trustedbootCmds.C b/src/usr/secureboot/trusted/trustedbootCmds.C index 12ce871b6..5040cadab 100644 --- a/src/usr/secureboot/trusted/trustedbootCmds.C +++ b/src/usr/secureboot/trusted/trustedbootCmds.C @@ -426,6 +426,7 @@ errlHndl_t tpmUnmarshalResponseData(uint32_t i_commandCode, reinterpret_cast<TPM2_QuoteOut*>(o_outBuf); TPM2_QuoteOut* l_tpmRespData = reinterpret_cast<TPM2_QuoteOut*>(i_respBuf); + l_respPtr->authSessionSize = l_tpmRespData->authSessionSize; memcpy(l_respPtr->quoteData, l_tpmRespData->quoteData, sizeof(l_tpmRespData->base.responseSize)); @@ -1520,7 +1521,9 @@ errlHndl_t tpmCmdGenerateQuote(TpmTarget* i_target, // The response size contains the size of the base response structure too, // so subtract that size from the size of the actual quote data. - o_data->size = l_read->base.responseSize-sizeof(l_read->base); + o_data->size = l_read->base.responseSize - + sizeof(l_read->base) - + sizeof(l_read->authSessionSize); memcpy(o_data->data, l_quoteDataPtr, o_data->size); } while(0); |
