From cc1b6c5533b77eac7caea269897b03a940797a8c Mon Sep 17 00:00:00 2001 From: Marc-André Lureau Date: Mon, 29 Jan 2018 19:33:03 +0100 Subject: tpm: fix alignment issues The new tpm-crb-test fails on sparc host: TEST: tests/tpm-crb-test... (pid=230409) /i386/tpm-crb/test: Broken pipe FAIL GTester: last random seed: R02S29cea50247fe1efa59ee885a26d51a85 (pid=230423) FAIL: tests/tpm-crb-test and generates a new clang sanitizer runtime warning: /home/petmay01/linaro/qemu-for-merges/hw/tpm/tpm_util.h:36:24: runtime error: load of misaligned address 0x7fdc24c00002 for type 'const uint32_t' (aka 'const unsigned int'), which requires 4 byte alignment 0x7fdc24c00002: note: pointer points here The sparc architecture does not allow misaligned loads and will segfault if you try them. For example, this function: static inline uint32_t tpm_cmd_get_size(const void *b) { return be32_to_cpu(*(const uint32_t *)(b + 2)); } Should read, return ldl_be_p(b + 2); As a general rule you can't take an arbitrary pointer into a byte buffer and try to interpret it as a structure or a pointer to a larger-than-bytesize-data simply by casting the pointer. Use this clean up as an opportunity to remove unnecessary temporary buffers and casts. Reported-by: Peter Maydell Signed-off-by: Marc-André Lureau Reviewed-by: Stefan Berger Signed-off-by: Stefan Berger --- hw/tpm/tpm_passthrough.c | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) (limited to 'hw/tpm/tpm_passthrough.c') diff --git a/hw/tpm/tpm_passthrough.c b/hw/tpm/tpm_passthrough.c index 29142f38bb..537e11a3f9 100644 --- a/hw/tpm/tpm_passthrough.c +++ b/hw/tpm/tpm_passthrough.c @@ -87,7 +87,6 @@ static int tpm_passthrough_unix_tx_bufs(TPMPassthruState *tpm_pt, { ssize_t ret; bool is_selftest; - const struct tpm_resp_hdr *hdr; /* FIXME: protect shared variables or use other sync mechanism */ tpm_pt->tpm_op_canceled = false; @@ -116,15 +115,14 @@ static int tpm_passthrough_unix_tx_bufs(TPMPassthruState *tpm_pt, strerror(errno), errno); } } else if (ret < sizeof(struct tpm_resp_hdr) || - be32_to_cpu(((struct tpm_resp_hdr *)out)->len) != ret) { + tpm_cmd_get_size(out) != ret) { ret = -1; error_report("tpm_passthrough: received invalid response " "packet from TPM"); } if (is_selftest && (ret >= sizeof(struct tpm_resp_hdr))) { - hdr = (struct tpm_resp_hdr *)out; - *selftest_done = (be32_to_cpu(hdr->errcode) == 0); + *selftest_done = tpm_cmd_get_errcode(out) == 0; } err_exit: -- cgit v1.2.3-55-g7522