[tpm2] Tss2_Tcti_Device_Init context not zeroed

[tpm2] Tss2_Tcti_Device_Init context not zeroed

[Antonio]

[-- Attachment #1: Type: text/plain, Size: 1386 bytes --]

Hi all,

  I noticed when performing subsequent tpm2 calls over a not zeroed tcti context  passed to Tss2_Tcti_Device_Init I have errors such as:

"WARNING:tcti:src/tss2-tcti/tcti-device.c:321:tcti_device_receive() TPM2 response size disagrees with number of bytes read from fd 3. Header says 0 but we read 29 bytes.
ERROR:sys:src/tss2-sys/api/Tss2_Sys_Execute.c:118:Tss2_Sys_ExecuteFinish() Malformed response: Invalid tag in response header: 0"

I made some experiments:  If I put some content different than 0x00 at offset 89 in memory block passed to RC Tss2_Tcti_Device_Init it fails. That is also true for some other offsets.



TSS2_RC Tss2_Tcti_Device_Init (TSS2_TCTI_CONTEXT *tctiContext, size_t *size, const char *conf);

I check the description of Tss2_Tcti_Device_Init and didn't find any observation that tctiContext parameter must point an zeroed memory block, although in the usage examples the allocated memory is zeroed , calling calloc( 1, <needed size>).

Regarding tctiContext memory block passed to Tss2_Tcti_Device_Init:
1 - Is mandatory zeroing it before calling  Tss2_Tcti_Device_Init? If so,  is it a case of missing specification?
2 - No, it isn't, so is there a bug?

My environment:
TCTI shared library: libtss2-tcti-device.so.0
OS: Enterprise Suse Linux


Thanks in advance,

Marcos A. de Moraes
HPE Security Software Engineer


[-- Attachment #2: attachment.htm --]
[-- Type: text/html, Size: 4071 bytes --]