diff mbox

[4/6] tpm: apci: cleanup TCPA table initialization

Message ID 1457363948-71300-5-git-send-email-imammedo@redhat.com (mailing list archive)
State New, archived
Headers show

Commit Message

Igor Mammedov March 7, 2016, 3:19 p.m. UTC
At the time build_tpm_tcpa() is called the tcpalog size is
always 0, so log_area_start_address which is actually offset
from the start of ACPI_BUILD_TPMLOG_FILE is always 0.
More over if tcpalog would be not 0 sized at build_tpm_tcpa()
calling time it would make tcpa->log_area_start_address
point to ACPI_BUILD_TPMLOG_FILE+log_area_start_address causing
guest to write beyound ACPI_BUILD_TPMLOG_FILE which
would resulted to memory corruption.

As 'TCPA' is allocated 0 filled, there is not point
to calculate constant 0 log_area_start_address and set
tcpa->log_area_start_address to it since the field should
always point to start of ACPI_BUILD_TPMLOG_FILE.
Make code easier to read dropping misleading at best offset
calculations and making it impossible to silently backfire
if tcpalog size becomes non 0 at the time build_tpm_tcpa()
is called in future.

While at that move tcpalog allocation closer to the code
that defines its size.

Signed-off-by: Igor Mammedov <imammedo@redhat.com>
---
 hw/i386/acpi-build.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)
diff mbox

Patch

diff --git a/hw/i386/acpi-build.c b/hw/i386/acpi-build.c
index e13f96d..3540815 100644
--- a/hw/i386/acpi-build.c
+++ b/hw/i386/acpi-build.c
@@ -2310,11 +2310,10 @@  static void
 build_tpm_tcpa(GArray *table_data, BIOSLinker *linker, GArray *tcpalog)
 {
     Acpi20Tcpa *tcpa = acpi_data_push(table_data, sizeof *tcpa);
-    uint64_t log_area_start_address = acpi_data_len(tcpalog);
 
     tcpa->platform_class = cpu_to_le16(TPM_TCPA_ACPI_CLASS_CLIENT);
     tcpa->log_area_minimum_length = cpu_to_le32(TPM_LOG_AREA_MINIMUM_SIZE);
-    tcpa->log_area_start_address = cpu_to_le64(log_area_start_address);
+    acpi_data_push(tcpalog, tcpa->log_area_minimum_length);
 
     bios_linker_loader_alloc(linker, ACPI_BUILD_TPMLOG_FILE, tcpalog, 1,
                              false /* high memory */);
@@ -2327,8 +2326,6 @@  build_tpm_tcpa(GArray *table_data, BIOSLinker *linker, GArray *tcpalog)
 
     build_header(linker, table_data,
                  (void *)tcpa, "TCPA", sizeof(*tcpa), 2, NULL, NULL);
-
-    acpi_data_push(tcpalog, TPM_LOG_AREA_MINIMUM_SIZE);
 }
 
 static void