scottk/OpenCellular
1
0
Fork 0
mirror of https://github.com/Telecominfraproject/OpenCellular.git synced 2026-01-10 17:41:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

gsctool: improve vendor command processing robustness

Browse Source 
With upcoming RMA authentication extensions the size of the vendor
command responses is going to increase. Let's allow 500 bytes per
response (the expected maximum is 80 bytes plus TPM header).

BRANCH=cr50
BUG=b:37952913
TEST=verified that gsctool (aka usb_updater) still allows to retrieve
     Cr59 information and update Cr50 image.

Change-Id: Ic61b6b89ffe20e534029bd12fea4140882a9afc8
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/690442
Reviewed-by: Mary Ruthven <mruthven@chromium.org>
This commit is contained in:
Vadim Bendebury
2017-09-27 12:03:29 -07:00
committed by chrome-bot
parent 474dbe4ded
commit 97c2ae1138
1 changed files with 20 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
extra/usb_updater/usb_updater.c
View File

@@ -193,7 +193,12 @@ struct upgrade_pkt {
};
} __packed;
#define MAX_BUF_SIZE (SIGNED_TRANSFER_SIZE + sizeof(struct upgrade_pkt))
/*
* This by far exceeds the largest vendor command response size we ever
* expect.
*/
#define MAX_BUF_SIZE 500
struct usb_endpoint {
struct libusb_device_handle *devh;
@@ -385,14 +390,12 @@ static int tpm_send_pkt(struct transfer_descriptor *td, unsigned int digest,
/* Used by transfer to /dev/tpm0 */
static uint8_t outbuf[MAX_BUF_SIZE];
struct upgrade_pkt *out = (struct upgrade_pkt *)outbuf;
/* Use the same structure, it will not be filled completely. */
int len, done;
int response_offset = offsetof(struct upgrade_pkt, command.data);
void *payload;
size_t header_size;
uint32_t rv;
size_t rx_size = sizeof(struct upgrade_pkt) +
sizeof(struct first_response_pdu);
const size_t rx_size = sizeof(outbuf);
debug("%s: sending to %#x %d bytes\n", __func__, addr, size);
@@ -450,15 +453,21 @@ static int tpm_send_pkt(struct transfer_descriptor *td, unsigned int digest,
return -1;
}
/*
* Let's reuse the output buffer as the receve buffer; the combined
* size of the two structures below is sure enough for any expected
* response size.
*/
switch (td->ep_type) {
case dev_xfer:
len = read(td->tpm_fd, outbuf, rx_size);
case dev_xfer: {
int read_count;
len = 0;
do {
uint8_t *rx_buf = outbuf + len;
size_t rx_to_go = rx_size - len;
read_count = read(td->tpm_fd, rx_buf, rx_to_go);
len += read_count;
} while (read_count);
break;
}
case ts_xfer:
len = ts_read(outbuf, rx_size);
break;