Blame SOURCES/0001-tpm2-When-writing-state-initialize-s_ContextSlotMask.patch

1b023f
From b662e6fd7169f31ef664ecd0b0b45547462e1e31 Mon Sep 17 00:00:00 2001
1b023f
From: Stefan Berger <stefanb@linux.ibm.com>
1b023f
Date: Tue, 4 Jan 2022 14:45:31 -0500
1b023f
Subject: [PATCH] tpm2: When writing state initialize s_ContextSlotMask if not
1b023f
 set
1b023f
1b023f
If s_ContextSlotMask was not set since the TPM 2 was not initialized
1b023f
by a call to TPM_Manufacture() or the state was not resumed, then
1b023f
initialize the s_ContextSlotMask to 0xffff.
1b023f
1b023f
This situation can occur if a VM with an attached swtpm was started
1b023f
and the VM's firmware either doesn't support TPM or didn't get to
1b023f
initialize the vTPM.
1b023f
1b023f
The following commands recreated the issue with a SeaBIOS-only VM that
1b023f
had no attached hard disk but an attached TPM 2:
1b023f
1b023f
virsh start BIOS-only-VM ; virsh save BIOS-only-VM save.bin ; \
1b023f
 virsh restore save.bin
1b023f
1b023f
Error: Failed to restore domain from save.bin
1b023f
error: internal error: qemu unexpectedly closed the monitor: \
1b023f
2022-01-04T19:26:18.835851Z qemu-system-x86_64: tpm-emulator: Setting the stateblob (type 2) failed with a TPM error 0x3 a parameter is bad
1b023f
2022-01-04T19:26:18.835899Z qemu-system-x86_64: error while loading state for instance 0x0 of device 'tpm-emulator'
1b023f
2022-01-04T19:26:18.835929Z qemu-system-x86_64: load of migration failed: Input/output error
1b023f
1b023f
Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2035731
1b023f
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
1b023f
---
1b023f
 src/tpm2/NVMarshal.c | 5 +++++
1b023f
 1 file changed, 5 insertions(+)
1b023f
1b023f
diff --git a/src/tpm2/NVMarshal.c b/src/tpm2/NVMarshal.c
1b023f
index 996c73c..c7cd1e0 100644
1b023f
--- a/src/tpm2/NVMarshal.c
1b023f
+++ b/src/tpm2/NVMarshal.c
1b023f
@@ -1422,6 +1422,11 @@ STATE_RESET_DATA_Marshal(STATE_RESET_DATA *data, BYTE **buffer, INT32 *size)
1b023f
     written += UINT16_Marshal(&array_size, buffer, size);
1b023f
     for (i = 0; i < array_size; i++)
1b023f
         written += UINT16_Marshal(&data->contextArray[i], buffer, size);
1b023f
+
1b023f
+    if (s_ContextSlotMask != 0x00ff && s_ContextSlotMask != 0xffff) {
1b023f
+        /* TPM wasn't initialized, so s_ContextSlotMask wasn't set */
1b023f
+        s_ContextSlotMask = 0xffff;
1b023f
+    }
1b023f
     written += UINT16_Marshal(&s_ContextSlotMask, buffer, size);
1b023f
 
1b023f
     written += UINT64_Marshal(&data->contextCounter, buffer, size);
1b023f
-- 
1b023f
2.36.1
1b023f