From e6cf3c6f78149b4c11c7a53f27e684bd560c0ac2 Mon Sep 17 00:00:00 2001 From: Julius Werner Date: Fri, 19 Dec 2014 14:38:51 -0800 Subject: [PATCH] TPM: Reduce buffer size to fix stack overflow The TPM driver by default allocates a 4K transfer buffer on the stack, which leads to lots of fun on boards with 2K or 3K stack sizes. On RK3288 this ends up writing over random memory sections which dependent on the memlayout of the day might contain timestamp data (no big deal) or page tables (-> bad time). This patch fixes the problem by reducing the buffer size to slightly above 1K, which still seems to work as far as I can tell. There was already some really odd code that #undef'ed this value and redefined it with the lower number in one .c file (unfortunately not the one with the buffer declaration), with no explanation whatsoever... I'm removing that and just assume the smaller value will be fine for everything. BRANCH=veyron BUG=None TEST=Booted Pinky and Falco. Change-Id: I440a5662b41cbd8b7becab3113262e1140b7f763 Signed-off-by: Stefan Reinauer Original-Commit-Id: 3d3288041b6629b7623b9d58816e782e72836b81 Original-Change-Id: Idf80f44cbfb9617c56b64a5c88ebedf7fcb4ec71 Original-Signed-off-by: Julius Werner Original-Reviewed-on: https://chromium-review.googlesource.com/236976 Original-Reviewed-by: David Hendricks Reviewed-on: http://review.coreboot.org/9481 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi --- src/drivers/i2c/tpm/tpm.c | 6 ------ src/drivers/i2c/tpm/tpm.h | 4 ++-- 2 files changed, 2 insertions(+), 8 deletions(-) diff --git a/src/drivers/i2c/tpm/tpm.c b/src/drivers/i2c/tpm/tpm.c index dc4ab78149..63ef29547f 100644 --- a/src/drivers/i2c/tpm/tpm.c +++ b/src/drivers/i2c/tpm/tpm.c @@ -45,12 +45,6 @@ #include #include "tpm.h" -/* max. buffer size supported by our TPM */ -#ifdef TPM_BUFSIZE -#undef TPM_BUFSIZE -#endif -#define TPM_BUFSIZE 1260 - /* Address of the TPM on the I2C bus */ #define TPM_I2C_ADDR 0x20 diff --git a/src/drivers/i2c/tpm/tpm.h b/src/drivers/i2c/tpm/tpm.h index 6d195a1985..de88a661a3 100644 --- a/src/drivers/i2c/tpm/tpm.h +++ b/src/drivers/i2c/tpm/tpm.h @@ -42,8 +42,8 @@ enum tpm_timeout { TPM_TIMEOUT = 1, /* msecs */ }; -/* Size of external transmit buffer (used in tpm_transmit)*/ -#define TPM_BUFSIZE 4096 +/* Size of external transmit buffer (used for stack buffer in tpm_sendrecv) */ +#define TPM_BUFSIZE 1260 /* Index of fields in TPM command buffer */ #define TPM_CMD_SIZE_BYTE 2