| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2cuk33wgfakjzzjtm2qhr4i34v4qst46pe5zk3n2szq534sggj@qvmj53emcg76>
Date: Wed, 24 May 2023 11:19:59 -0700
From: Jerry Snitselaar <jsnitsel@...hat.com>
To: "A. Sverdlin" <alexander.sverdlin@...mens.com>
Cc: linux-integrity@...r.kernel.org, Peter Huewe <peterhuewe@....de>,
Jarkko Sakkinen <jarkko@...nel.org>,
Jason Gunthorpe <jgg@...pe.ca>, linux-kernel@...r.kernel.org,
Alexander Steffen <Alexander.Steffen@...ineon.com>,
Michael Haener <michael.haener@...mens.com>
Subject: Re: [PATCH 1/2] tpm: tis_i2c: Limit read bursts to
I2C_SMBUS_BLOCK_MAX (32) bytes
On Wed, May 24, 2023 at 05:40:39PM +0200, A. Sverdlin wrote:
> From: Alexander Sverdlin <alexander.sverdlin@...mens.com>
>
> Underlying I2C bus drivers not always support longer transfers and
> imx-lpi2c for instance doesn't. SLB 9673 offers 427-bytes packets.
>
> Visible symptoms are:
>
> tpm tpm0: Error left over data
> tpm tpm0: tpm_transmit: tpm_recv: error -5
> tpm_tis_i2c: probe of 1-002e failed with error -5
>
> Fixes: bbc23a07b072 ("tpm: Add tpm_tis_i2c backend for tpm_tis_core")
> Tested-by: Michael Haener <michael.haener@...mens.com>
> Signed-off-by: Alexander Sverdlin <alexander.sverdlin@...mens.com>
Reviewed-by: Jerry Snitselaar <jsnitsel@...hat.com>
> ---
> drivers/char/tpm/tpm_tis_i2c.c | 37 ++++++++++++++++++++--------------
> 1 file changed, 22 insertions(+), 15 deletions(-)
>
> diff --git a/drivers/char/tpm/tpm_tis_i2c.c b/drivers/char/tpm/tpm_tis_i2c.c
> index c8c34adc14c0..106fd20d94e4 100644
> --- a/drivers/char/tpm/tpm_tis_i2c.c
> +++ b/drivers/char/tpm/tpm_tis_i2c.c
> @@ -189,21 +189,28 @@ static int tpm_tis_i2c_read_bytes(struct tpm_tis_data *data, u32 addr, u16 len,
> int ret;
>
> for (i = 0; i < TPM_RETRY; i++) {
> - /* write register */
> - msg.len = sizeof(reg);
> - msg.buf = ®
> - msg.flags = 0;
> - ret = tpm_tis_i2c_retry_transfer_until_ack(data, &msg);
> - if (ret < 0)
> - return ret;
> -
> - /* read data */
> - msg.buf = result;
> - msg.len = len;
> - msg.flags = I2C_M_RD;
> - ret = tpm_tis_i2c_retry_transfer_until_ack(data, &msg);
> - if (ret < 0)
> - return ret;
> + u16 read = 0;
> +
> + while (read < len) {
> + /* write register */
> + msg.len = sizeof(reg);
> + msg.buf = ®
> + msg.flags = 0;
> + ret = tpm_tis_i2c_retry_transfer_until_ack(data, &msg);
> + if (ret < 0)
> + return ret;
> +
> + /* read data */
> + msg.buf = result + read;
> + msg.len = len - read;
> + msg.flags = I2C_M_RD;
> + if (msg.len > I2C_SMBUS_BLOCK_MAX)
> + msg.len = I2C_SMBUS_BLOCK_MAX;
> + ret = tpm_tis_i2c_retry_transfer_until_ack(data, &msg);
> + if (ret < 0)
> + return ret;
> + read += msg.len;
> + }
>
> ret = tpm_tis_i2c_sanity_check_read(reg, len, result);
> if (ret == 0)
> --
> 2.40.1
>
Powered by blists - more mailing lists