Re: [Qemu-devel] [PATCH 5/5] tpm: tpm_passthrough: Fail startup if FE buffer size < BE buffer size

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Marc-André Lureau" <marcandre.lureau@redhat.com>
To: Stefan Berger <stefanb@linux.vnet.ibm.com>
Cc: qemu-devel@nongnu.org, marcandre.lureau@redhat.com,
	amarnath.valluri@intel.com
Subject: Re: [Qemu-devel] [PATCH 5/5] tpm: tpm_passthrough: Fail startup if FE buffer size < BE buffer size
Date: Wed, 8 Nov 2017 17:22:56 +0100	[thread overview]
Message-ID: <20171108162256.GF13150@boraha> (raw)
In-Reply-To: <1510016336-4086-6-git-send-email-stefanb@linux.vnet.ibm.com>

Hi Stefan,

On Mon, Nov 06, 2017 at 07:58:56PM -0500, Stefan Berger wrote:
> If the requested buffer size of the frontend is smaller than the fixed
> buffer size of the host's TPM, fail the startup_tpm() interface function,
> which will make the device unusable. We fail it because the backend TPM
> could produce larger packets than what the frontend could pass to the OS.
> 
> The current combination of TIS frontend and either passthrough or emulator
> backend will not lead to this case since the TIS can support any size of
> buffer.
> 
> Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
> ---
>  hw/tpm/tpm_passthrough.c | 15 +++++++++++++++
>  1 file changed, 15 insertions(+)
> 
> diff --git a/hw/tpm/tpm_passthrough.c b/hw/tpm/tpm_passthrough.c
> index ec755fe..66d5098 100644
> --- a/hw/tpm/tpm_passthrough.c
> +++ b/hw/tpm/tpm_passthrough.c
> @@ -304,6 +304,20 @@ static TPMBackend *tpm_passthrough_create(QemuOpts *opts)
>      return TPM_BACKEND(obj);
>  }
>  
> +static int tpm_passthrough_startup_tpm(TPMBackend *tb, uint32_t buffersize)
> +{
> +    TPMPassthruState *tpm_pt = TPM_PASSTHROUGH(tb);
> +
> +    if (buffersize && buffersize < tpm_pt->tpm_buffersize) {
> +        error_report("Requested buffer size of %u is smaller than host TPM's "
> +                     "fixed buffer size of %u",
> +                     buffersize, tpm_pt->tpm_buffersize);

Looks ok

> +        return -1;
> +    }
> +
> +    return 0;
> +}
> +
>  static TpmTypeOptions *tpm_passthrough_get_tpm_options(TPMBackend *tb)
>  {
>      TpmTypeOptions *options = g_new0(TpmTypeOptions, 1);
> @@ -362,6 +376,7 @@ static void tpm_passthrough_class_init(ObjectClass *klass, void *data)
>      tbc->opts = tpm_passthrough_cmdline_opts;
>      tbc->desc = "Passthrough TPM backend driver";
>      tbc->create = tpm_passthrough_create;
> +    tbc->startup_tpm = tpm_passthrough_startup_tpm;
>      tbc->reset = tpm_passthrough_reset;
>      tbc->cancel_cmd = tpm_passthrough_cancel_cmd;
>      tbc->get_tpm_established_flag = tpm_passthrough_get_tpm_established_flag;
> -- 
> 2.5.5

Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>

next prev parent reply	other threads:[~2017-11-08 16:23 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-11-07  0:58 [Qemu-devel] [PATCH 0/5] tpm: Match frontend and backend buffer sizes (not 2.11) Stefan Berger
2017-11-07  0:58 ` [Qemu-devel] [PATCH 1/5] tpm: Move getting TPM buffer size to backends Stefan Berger
2017-11-08 16:21   ` Marc-André Lureau
2017-11-08 18:19     ` Stefan Berger
2017-11-07  0:58 ` [Qemu-devel] [PATCH 2/5] tpm: pull tpm_util_send() out of tpm_util_test() Stefan Berger
2017-11-08 16:22   ` Marc-André Lureau
2017-11-07  0:58 ` [Qemu-devel] [PATCH 3/5] tpm: tpm_passthrough: Read the buffer size from the host device Stefan Berger
2017-11-07 12:28   ` Stefan Berger
2017-11-08 16:18   ` Marc-André Lureau
2017-11-07  0:58 ` [Qemu-devel] [PATCH 4/5] tpm: tpm_emulator: get and set buffer size of device Stefan Berger
2017-11-08 16:22   ` Marc-André Lureau
2017-11-08 17:50     ` Stefan Berger
2017-11-07  0:58 ` [Qemu-devel] [PATCH 5/5] tpm: tpm_passthrough: Fail startup if FE buffer size < BE buffer size Stefan Berger
2017-11-08 16:22   ` Marc-André Lureau [this message]
2017-11-08 18:20     ` Stefan Berger
2017-11-08 16:20 ` [Qemu-devel] [PATCH 0/5] tpm: Match frontend and backend buffer sizes (not 2.11) Marc-André Lureau

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20171108162256.GF13150@boraha \
    --to=marcandre.lureau@redhat.com \
    --cc=amarnath.valluri@intel.com \
    --cc=qemu-devel@nongnu.org \
    --cc=stefanb@linux.vnet.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.