From nobody Sat May 30 18:34:18 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=reject dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1777559061; cv=none; d=zohomail.com; s=zohoarc; b=igMuetAxKBDQCi3zxv3XLoddEVA3AcM9LwIxyp6HPz/pRQWqxezYxqGE311ATX4z/D0WbKYHs776E1IVU8k4NdOycx11qnjKMfmTjHIGRSziSU4crx4qvum9S5SEx664fPQNqXgQFdcppCcgPs7/oFEFHwHZ00xMMV0uG0qko9E= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1777559061; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=zsWnJH5GgQCFiFn5CudQxKO1XJQhAqeJ98oS2wtcwiM=; b=Z6//vWbTEaRbB1xi1DSDiaO187RvYEGVk8lLmLBzTLwR3LhQESlQI7CTxej84vP0+Q6VPR3ohBE4koYlKU0irv+7wVjEyv1305slAvn158eu3AJC4cK5+XC78QugxyXCBLkGb0hBy3/4fZUIaORRRPttJBkvs/HTC9GpP0Tdppc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists1p.gnu.org (lists1p.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1777559061904833.786119545815; Thu, 30 Apr 2026 07:24:21 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists1p.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1wISJ5-000146-Pn; Thu, 30 Apr 2026 10:23:59 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists1p.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1wISIw-0000j1-68 for qemu-devel@nongnu.org; Thu, 30 Apr 2026 10:23:50 -0400 Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1wISIs-0007El-NA for qemu-devel@nongnu.org; Thu, 30 Apr 2026 10:23:49 -0400 Received: from pps.filterd (m0356516.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 63UCvmXq139212; Thu, 30 Apr 2026 14:23:44 GMT Received: from ppma11.dal12v.mail.ibm.com (db.9e.1632.ip4.static.sl-reverse.com [50.22.158.219]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4drk1jxn2k-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 30 Apr 2026 14:23:44 +0000 (GMT) Received: from pps.filterd (ppma11.dal12v.mail.ibm.com [127.0.0.1]) by ppma11.dal12v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 63UE8p6L031991; Thu, 30 Apr 2026 14:23:43 GMT Received: from smtprelay04.wdc07v.mail.ibm.com ([172.16.1.71]) by ppma11.dal12v.mail.ibm.com (PPS) with ESMTPS id 4dsamyk40p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 30 Apr 2026 14:23:43 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay04.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 63UENghh64618988 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 30 Apr 2026 14:23:42 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 3B2D05805A; Thu, 30 Apr 2026 14:23:42 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id E242C58063; Thu, 30 Apr 2026 14:23:41 +0000 (GMT) Received: from mycroft-2.pok.ibm.com (unknown [9.47.158.222]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Thu, 30 Apr 2026 14:23:41 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=zsWnJH5GgQCFiFn5C udQxKO1XJQhAqeJ98oS2wtcwiM=; b=TuzKhAUVzGr0F2bAeRJkBDREmKC18iGcL 83+dEfIYz5wgXHPGCo2TvFRicwcAYx8yw9bMXsYo7AItqFjNOuXaGg0w576KaITu D5cNs3x5QE7q65ZbJmmZm/VL51Rp2hPM9UyokY72QdvPAi/CTGe6uNVevk6YfDaF UJI/nbYoNX2QLestBJ95cLiWBGOn/gfKP/cT/aFDgBB2EnrfDIkoUYjz5a61kcZ2 YbG5eqK2Ont8953UoIpU+3DnExzzAtD+PEZy6ykrnzbKj++7lr7ndsvWycu29lTd qJN/XqUI87kJsViynX6rk5e0M/9DrecT6G2mO8qHI9pEV5J1YM10Q== From: Stefan Berger To: qemu-devel@nongnu.org Cc: marcandre.lureau@redhat.com, armenon@redhat.com, Stefan Berger Subject: [PATCH v2 1/2] tpm_emulator: Reject a buffer size larger than what was requested Date: Thu, 30 Apr 2026 14:23:36 +0000 Message-ID: <20260430142337.2104726-2-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260430142337.2104726-1-stefanb@linux.ibm.com> References: <20260430142337.2104726-1-stefanb@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNDMwMDE0NyBTYWx0ZWRfX75WoeqzYsUSv G835lwKl0/rf/32WdHF+Z4lL2M0M9qCE7ssn0RqEHO9JdKw2BNlt5irOZawaH0AlvlK69PQ15US zbRG/D42tRSeJPARewkszKYQHxNZvClTz10zlRBMSepDkFQMKtoyFwTjhFS3GGcZ0MOdGsH5pXV uBbZU9UMlsggH+6cmBFLsIk5guTYkWcQ/uk/LJkF+JNdjhVjYQq6pGKI8n3qUEPy1+J38ZA1KSu 9jMlbhuxY472kR+AhWljqag/FeVkMxK5NOI6P23SXgFqe6pzpNoieLvqTnriWWRGmvhxl79kkte T++RKw71DESOoVY3M75oEaqNiBq54fOoqfIPL74wnX6uSPByHxu3VuDAlWZHgZrAUFmecxBmiVG 6GV52hVV7KQfAvvX6KWYUJmM0rH/pYsd4rzCDR+FNLco+xDh5LtSdFNOdbzhXQak2hgb1V1NghB i+3d4DSXIfCCV5ToHMA== X-Proofpoint-GUID: _Vq3QSgZkElKKDzDW2aUjmNAzyWYU3Qy X-Proofpoint-ORIG-GUID: _Vq3QSgZkElKKDzDW2aUjmNAzyWYU3Qy X-Authority-Analysis: v=2.4 cv=MohiLWae c=1 sm=1 tr=0 ts=69f365f0 cx=c_pps a=aDMHemPKRhS1OARIsFnwRA==:117 a=aDMHemPKRhS1OARIsFnwRA==:17 a=A5OVakUREuEA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=Y2IxJ9c9Rs8Kov3niI8_:22 a=VnNF1IyMAAAA:8 a=lp88FLx_Zl_lkmcsHRgA:9 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-04-30_04,2026-04-30_02,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 phishscore=0 adultscore=0 suspectscore=0 bulkscore=0 spamscore=0 priorityscore=1501 malwarescore=0 clxscore=1015 lowpriorityscore=0 impostorscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2604200000 definitions=main-2604300147 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists1p.gnu.org; Received-SPF: pass client-ip=148.163.158.5; envelope-from=stefanb@linux.ibm.com; helo=mx0b-001b2d01.pphosted.com X-Spam_score_int: -26 X-Spam_score: -2.7 X-Spam_bar: -- X-Spam_report: (-2.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @ibm.com) X-ZM-MESSAGEID: 1777559063718158500 Content-Type: text/plain; charset="utf-8" When the TIS, SPAPR, or CRB frontends negotiate a buffer size with the TPM backend, then the tpm_emulator (swtpm) could still adjust this size of the buffer to within bounds supported by swtpm+libtpms if the chosen size was outside the acceptable range. This could theoretically lead to the TPM 2 using a bigger buffer than what was requested and memory allocated for. In practice this would not happend since the requested size of 4096 bytes for TIS and SPAPR and 3968 bytes for CRB are in the (currently) supported range of ~2.5kb to 4096 bytes. With PQC support the range will have an upper bound of 8kb and a lower bound that will support the (pre-PQC) CRB with 3968 bytes. Signed-off-by: Stefan Berger Reviewed-by: Philippe Mathieu-Daud=C3=A9 --- backends/tpm/tpm_emulator.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/backends/tpm/tpm_emulator.c b/backends/tpm/tpm_emulator.c index 75c33d290e..10ab909474 100644 --- a/backends/tpm/tpm_emulator.c +++ b/backends/tpm/tpm_emulator.c @@ -364,6 +364,7 @@ static int tpm_emulator_set_buffer_size(TPMBackend *tb, { TPMEmulator *tpm_emu =3D TPM_EMULATOR(tb); ptm_setbuffersize psbs; + size_t tpm_buffersize; =20 if (tpm_emulator_stop_tpm(tb, errp) < 0) { return -1; @@ -387,8 +388,18 @@ static int tpm_emulator_set_buffer_size(TPMBackend *tb, return -1; } =20 + tpm_buffersize =3D be32_to_cpu(psbs.u.resp.buffersize); + /* Reject a bigger buffer used by the TPM than what was requested. */ + if (wanted_size !=3D 0 && wanted_size < tpm_buffersize) { + error_setg(errp, + "tpm-emulator: TPM did not accept the requested buffer = size " + "of %zu bytes but adjusted it to %zu bytes\n", + wanted_size, tpm_buffersize); + return -1; + } + if (actual_size) { - *actual_size =3D be32_to_cpu(psbs.u.resp.buffersize); + *actual_size =3D tpm_buffersize; } =20 trace_tpm_emulator_set_buffer_size( --=20 2.43.0 From nobody Sat May 30 18:34:18 2026 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=reject dis=none) header.from=linux.ibm.com ARC-Seal: i=1; a=rsa-sha256; t=1777559042; cv=none; d=zohomail.com; s=zohoarc; b=jrpPhJbnBRSns4JAhWsHKeila7wZJoXh8rq+5HIaphIJsPRCxsZGJyS4iYQg2HVtOn2rPCaIFNxt1GY9XbPKG1Dvl84zQjqT5WRorG2ZktBIOlRP1lfhwX9RIsTbzoaLOatzLnggfdCs34/QAEaBqou1iAnXXkucrHRl67YIgbg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1777559042; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:Subject:To:To:Message-Id:Reply-To; bh=NlF9Xl3XWS2Q+YNdjZpzULvMACGRnxL54n6fkPjveCE=; b=NMzqLakBV1UytVmNoEq+rPO+uxJzk58KXqT8q7ZRW6iafiuB9jqPH3PWYN7+4cRUMuUKykpigGsLis2jgQ4Lyd37Cb3GBiHLY85ypcRqhPROp17DLXscEOa+1ryH/3Eyw+OjIeh+k72tkBt9WIa3E3onNpRHAwXAKovbqDno6Wo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=reject dis=none) Return-Path: Received: from lists1p.gnu.org (lists1p.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 17775590426517.693122681461887; Thu, 30 Apr 2026 07:24:02 -0700 (PDT) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists1p.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1wISJ3-0000m4-9D; Thu, 30 Apr 2026 10:23:58 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists1p.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1wISIu-0000Uh-5b for qemu-devel@nongnu.org; Thu, 30 Apr 2026 10:23:48 -0400 Received: from mx0a-001b2d01.pphosted.com ([148.163.156.1]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1wISIs-0007F0-Gu for qemu-devel@nongnu.org; Thu, 30 Apr 2026 10:23:47 -0400 Received: from pps.filterd (m0353729.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 63UDgA9D2886656; Thu, 30 Apr 2026 14:23:44 GMT Received: from ppma22.wdc07v.mail.ibm.com (5c.69.3da9.ip4.static.sl-reverse.com [169.61.105.92]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4drn9rg6cx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 30 Apr 2026 14:23:44 +0000 (GMT) Received: from pps.filterd (ppma22.wdc07v.mail.ibm.com [127.0.0.1]) by ppma22.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 63UE8u6d013406; Thu, 30 Apr 2026 14:23:43 GMT Received: from smtprelay04.wdc07v.mail.ibm.com ([172.16.1.71]) by ppma22.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4ds8aw3dpx-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 30 Apr 2026 14:23:43 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (smtpav04.dal12v.mail.ibm.com [10.241.53.103]) by smtprelay04.wdc07v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 63UENg7T64618990 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 30 Apr 2026 14:23:43 GMT Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 9551D58056; Thu, 30 Apr 2026 14:23:42 +0000 (GMT) Received: from smtpav04.dal12v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 504C05805E; Thu, 30 Apr 2026 14:23:42 +0000 (GMT) Received: from mycroft-2.pok.ibm.com (unknown [9.47.158.222]) by smtpav04.dal12v.mail.ibm.com (Postfix) with ESMTP; Thu, 30 Apr 2026 14:23:42 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:in-reply-to:message-id :mime-version:references:subject:to; s=pp1; bh=NlF9Xl3XWS2Q+YNdj ZpzULvMACGRnxL54n6fkPjveCE=; b=F/dAYpBUes8KTAyhTDTKsqBvhzewySBKj aau+44c1xUrPYRSEuqX8KiZNx/D2oiFz63mbR1sGZDK2kgFrkReDti3NMrD28bLW uhBqRydVGJAhTZMZwWq5toOgjPQNwiB1YTNo4AyqBQwlOp4UaIvafZwrLW5IM+sZ RBKmsalrqOSbFs07mXZ/HcB8/ZBSjWBuPP0yQ2WFgn7A/gjIfTCQ91djT522cUn0 858scOiJhE0U5HvBPMU+mZ5XZaLT9FnKmV+M1yE5hMjkI8bGo56/ijTJqP+Uqs+9 6mml2vwK9ghK8859El5xCAMCH2pbeTuUpagGfdtXhfi+eMTWFtiDQ== From: Stefan Berger To: qemu-devel@nongnu.org Cc: marcandre.lureau@redhat.com, armenon@redhat.com, Stefan Berger Subject: [PATCH v2 2/2] tpm_emulator: Limit number of bytes read to negotiated buffer size Date: Thu, 30 Apr 2026 14:23:37 +0000 Message-ID: <20260430142337.2104726-3-stefanb@linux.ibm.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260430142337.2104726-1-stefanb@linux.ibm.com> References: <20260430142337.2104726-1-stefanb@linux.ibm.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-TM-AS-GCONF: 00 X-Proofpoint-GUID: GiebQoxjPv2-VKsYJk_jtFthG5S3v4FF X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNDMwMDE0NyBTYWx0ZWRfX+ruDYzdRF0Ig just12hHRm02BwAG8cKGB+HF8Ompl1Hpt+1Lxk2hW+ORRuk17U5XZJXi0Qz0Y1gmKerIC4rc19I Zcixq0f2YjKyNve/BFGcDENysQkMBTjBptUp6jNZ+75wEFpFS8eO2hNlclSsaKhdExIqnSn25LL 5+QgiWe2KL/Zxx31rq9YEu2lnTxo6rcT1b3vKr7j6GNg5QdFCPvbo0JWHrKl99hnKCYwzUBPtSI +BwodOJz+zbX2YMj3lldr2E5UmcAY1rHn8iZpE0Mmr5pckwt8hOWISRnpWsShyB0Tb/PqbLCJNV K+fYpDvqtAoGInIXYYa55RjO2HHf4EIEsYPjbXqJaVCwPxTHsuxYOdih/E+jEF9JyOUFwrCwvZe VSsTtvJb4UMeXbsCgHfXArOCZftsCNK2BZRv8NSn5Eg+h9Q/aapy9tLfiPxQX4LnBmvXm7mR4aM YzK2f0DshEjB8BGSq3g== X-Authority-Analysis: v=2.4 cv=Kc7idwYD c=1 sm=1 tr=0 ts=69f365f0 cx=c_pps a=5BHTudwdYE3Te8bg5FgnPg==:117 a=5BHTudwdYE3Te8bg5FgnPg==:17 a=A5OVakUREuEA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=uAbxVGIbfxUO_5tXvNgY:22 a=VnNF1IyMAAAA:8 a=R_BpO4H6iBiOJCEtfBAA:9 X-Proofpoint-ORIG-GUID: GiebQoxjPv2-VKsYJk_jtFthG5S3v4FF X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.51,FMLib:17.12.100.49 definitions=2026-04-30_04,2026-04-30_02,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 phishscore=0 bulkscore=0 adultscore=0 spamscore=0 malwarescore=0 impostorscore=0 priorityscore=1501 lowpriorityscore=0 suspectscore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2604200000 definitions=main-2604300147 Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists1p.gnu.org; Received-SPF: pass client-ip=148.163.156.1; envelope-from=stefanb@linux.ibm.com; helo=mx0a-001b2d01.pphosted.com X-Spam_score_int: -26 X-Spam_score: -2.7 X-Spam_bar: -- X-Spam_report: (-2.7 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: qemu development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: qemu-devel-bounces+importer=patchew.org@nongnu.org X-ZohoMail-DKIM: pass (identity @ibm.com) X-ZM-MESSAGEID: 1777559043737158500 Content-Type: text/plain; charset="utf-8" Limit the number of bytes read from the TPM response to the size of the receiving buffer, which is the same as the size of the buffer negotiated with swtpm. The TPM TIS and SPAPR use 4096 bytes and the CRB 3968 bytes. There are currently no TPM 2 responses using this size of a buffer and therefore no response will be sent that is exceeding this size. Signed-off-by: Stefan Berger --- backends/tpm/tpm_emulator.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/backends/tpm/tpm_emulator.c b/backends/tpm/tpm_emulator.c index 10ab909474..b8ae113774 100644 --- a/backends/tpm/tpm_emulator.c +++ b/backends/tpm/tpm_emulator.c @@ -176,8 +176,9 @@ static int tpm_emulator_unix_tx_bufs(TPMEmulator *tpm_e= mu, bool *selftest_done, Error **errp) { - ssize_t ret; bool is_selftest =3D false; + size_t to_read; + ssize_t ret; =20 if (selftest_done) { *selftest_done =3D false; @@ -195,9 +196,13 @@ static int tpm_emulator_unix_tx_bufs(TPMEmulator *tpm_= emu, return -1; } =20 + /* + * Size of response from swtpm must be <=3D out_len (=3D negotiated bu= ffer size) + */ + to_read =3D MIN(tpm_cmd_get_size(out) - sizeof(struct tpm_resp_hdr), o= ut_len); + ret =3D qio_channel_read_all(tpm_emu->data_ioc, - (char *)out + sizeof(struct tpm_resp_hdr), - tpm_cmd_get_size(out) - sizeof(struct tpm_resp_hdr), errp); + (char *)out + sizeof(struct tpm_resp_hdr), to_read, errp); if (ret !=3D 0) { return -1; } --=20 2.43.0