On Mon, May 09, 2022 at 01:48:09PM +0200, Stefan Mahnke-Hartmann wrote:
> On 07.05.22 21:43, Jarkko Sakkinen wrote:
> > On Fri, May 06, 2022 at 02:31:46PM +0200, Stefan Mahnke-Hartmann wrote:
> >> Under certain conditions uninitialized memory will be accessed.
> >> As described by TCG Trusted Platform Module Library Specification,
> >> rev. 1.59 (Part 3: Commands), if a TPM2_GetCapability is received,
> >> requesting a capability, the TPM in Field Upgrade mode may return a
> > ~~~~~~~~~~~~~~~~~~
> >
> > Looks like random picks for casing: two words with upper case letter and
> > one with lowe case.
>
> In the TCG specification it is unfortunately also inconsistent.
> I will change it to lower case then.
>
> >
> >> zero length list.
> >> Check the property count in tpm2_get_tpm_pt().
> >>
> >> Fixes: 2ab3241161b3 ("tpm: migrate tpm2_get_tpm_pt() to use struct tpm_buf")
> >> Cc: stable@xxxxxxxxxxxxxxx
> >> Signed-off-by: Stefan Mahnke-Hartmann <stefan.mahnke-hartmann@xxxxxxxxxxxx>
> >
> > Which section is this in that specification documented?
>
> It is described in the TCG Trusted Platform Module Library Specification,
> rev. 1.59 (Part 3: Commands) in Chapter 30.2.1, Example 3. This example
> describes the behavior in failure mode, but it may occur in other
> circumstances, such as field upgrade mode.
>
> >
> > I looked into section 30.2 but could not find the part that documents this
> > behaviour, i.e. returning success in FW upgrade mode. Why it wouldn't just
> > return TPM_RC_UPGRADE?
>
> Since some computer system failed booting up in case the TPM returned
> anything else than SUCCESS, therefore Infineon decided to return SUCCESS
> when TPM is in field upgrade mode.
OK, fair enough. This would be a place for inline comment though, given
that it is not obvious by intuition.
BR, Jarkko
