vtpm: offline mitigation for vtpm corruption #1539
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mayank-microsoft
force-pushed
the
vtpm-offline-mitigation
branch
from
d5c979a to
b5aefae
Compare
mayank-microsoft
changed the title
mayank-microsoft
force-pushed
the
vtpm-offline-mitigation
branch
from
b5aefae to
ce114e6
Compare
chris-oo
reviewed
Jun 18, 2025
vm/vtpm-mitigation/Cargo.toml
Outdated
| @@ -0,0 +1,19 @@ | |||
| [package] | |||
| name = "vtpm-mitigation" | |||
| version = "0.1.0" | |||
There was a problem hiding this comment.
remove the version - we explicitly don't allow versions here since we don't publish any crates externally
vm/vtpm-mitigation/Cargo.toml
Outdated
| [package] | ||
| name = "vtpm-mitigation" | ||
| version = "0.1.0" | ||
| edition = "2021" |
There was a problem hiding this comment.
remove edition - should be inherited
vm/vtpm-mitigation/src/lib.rs
Outdated
| use ms_tpm_20_ref::MsTpm20RefPlatform; | ||
| use parking_lot::Mutex; | ||
| use core::fmt; | ||
| use std::{borrow::Cow, sync::Arc, time::Instant}; |
There was a problem hiding this comment.
these need to be split on different lines
vm/vtpm-mitigation/src/lib.rs
Outdated
|
|
||
| /// status codes for tpm state blob validation | ||
| /// STATUS_VALID_TPM_STATE: The input blob is a valid TPM state blob | ||
| pub const STATUS_VALID_TPM_STATE: u64 = 0x0; |
There was a problem hiding this comment.
Make this status code an enum, or something?
vm/vtpm-mitigation/src/lib.rs
Outdated
| } | ||
|
|
||
| /// Recover the given blob and return the recovered blob | ||
| fn recover_vtpm_blob(original_blob: &[u8]) -> Result<Vec<u8>, bool> { |
There was a problem hiding this comment.
don't use bool as an error type, make an explicit error type that is clear about what kind of error is being represented here.
vm/vtpm-mitigation/src/lib.rs
Outdated
| #[test] | ||
| fn test_corrupted_tpm_state_is_revovered() { | ||
| setup_logging(); | ||
| let path: &'static str ="./test-data/corrupted_blob.bin"; |
There was a problem hiding this comment.
I don't think you want to do fs reads in tests like this, should we use include_bytes! instead? @smalis-msft thoughts?
mayank-microsoft
force-pushed
the
vtpm-offline-mitigation
branch
2 times, most recently
from
dbe7f42 to
a3c2bee
Compare
mayank-microsoft
force-pushed
the
vtpm-offline-mitigation
branch
from
a3c2bee to
ab9f9e2
Compare
mayank-microsoft
force-pushed
the
vtpm-offline-mitigation
branch
from
ab9f9e2 to
1624128
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adding an offline mitigation library for recovering from vtpm state corruption.