|
|
ec8dc5 |
From e607f78a054acfdbe119499c3608bdb2a44423d9 Mon Sep 17 00:00:00 2001
|
|
|
ec8dc5 |
From: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
|
ec8dc5 |
Date: Thu, 7 May 2020 11:51:17 +0200
|
|
|
ec8dc5 |
Subject: [PATCH] Fix ESYS_TR hierarchy transition
|
|
|
ec8dc5 |
|
|
|
ec8dc5 |
Fix those cases of TPM2_RH_ to ESYS_TR_RH_ translations that were missed in
|
|
|
ec8dc5 |
780800c0be69a49b9097f8eae653cdb0623d2100
|
|
|
ec8dc5 |
|
|
|
ec8dc5 |
Signed-off-by: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>
|
|
|
ec8dc5 |
---
|
|
|
ec8dc5 |
lib/tpm2.c | 20 ++++++++++++++------
|
|
|
ec8dc5 |
1 file changed, 14 insertions(+), 6 deletions(-)
|
|
|
ec8dc5 |
|
|
|
ec8dc5 |
diff --git a/lib/tpm2.c b/lib/tpm2.c
|
|
|
ec8dc5 |
index e7ff77047bef..909a4422339d 100644
|
|
|
ec8dc5 |
--- a/lib/tpm2.c
|
|
|
ec8dc5 |
+++ b/lib/tpm2.c
|
|
|
ec8dc5 |
@@ -656,6 +656,12 @@ uint32_t fix_esys_hierarchy(TPMI_RH_HIERARCHY hierarchy)
|
|
|
ec8dc5 |
{
|
|
|
ec8dc5 |
#if defined(ESYS_3_0)
|
|
|
ec8dc5 |
switch (hierarchy) {
|
|
|
ec8dc5 |
+ case ESYS_TR_RH_NULL:
|
|
|
ec8dc5 |
+ case ESYS_TR_RH_OWNER:
|
|
|
ec8dc5 |
+ case ESYS_TR_RH_ENDORSEMENT:
|
|
|
ec8dc5 |
+ case ESYS_TR_RH_PLATFORM:
|
|
|
ec8dc5 |
+ case ESYS_TR_RH_PLATFORM_NV:
|
|
|
ec8dc5 |
+ return hierarchy;
|
|
|
ec8dc5 |
case TPM2_RH_NULL:
|
|
|
ec8dc5 |
return ESYS_TR_RH_NULL;
|
|
|
ec8dc5 |
case TPM2_RH_OWNER:
|
|
|
ec8dc5 |
@@ -664,14 +670,16 @@ uint32_t fix_esys_hierarchy(TPMI_RH_HIERARCHY hierarchy)
|
|
|
ec8dc5 |
return ESYS_TR_RH_ENDORSEMENT;
|
|
|
ec8dc5 |
case TPM2_RH_PLATFORM:
|
|
|
ec8dc5 |
return ESYS_TR_RH_PLATFORM;
|
|
|
ec8dc5 |
+ case TPM2_RH_PLATFORM_NV:
|
|
|
ec8dc5 |
+ return ESYS_TR_RH_PLATFORM_NV;
|
|
|
ec8dc5 |
default:
|
|
|
ec8dc5 |
- return TSS2_ESYS_RC_BAD_VALUE;
|
|
|
ec8dc5 |
+ LOG_ERR("An unknown hierarchy handle was passed: 0x%08x", hierarchy);
|
|
|
ec8dc5 |
+ return 0xffffffff;
|
|
|
ec8dc5 |
}
|
|
|
ec8dc5 |
#elif defined(ESYS_2_3)
|
|
|
ec8dc5 |
return hierarchy;
|
|
|
ec8dc5 |
#else
|
|
|
ec8dc5 |
- UNUSED(hierarchy);
|
|
|
ec8dc5 |
- return TSS2_ESYS_RC_BAD_VALUE;
|
|
|
ec8dc5 |
+#error "Need to define either ESYS_3_0 or ESYS_2_3"
|
|
|
ec8dc5 |
#endif
|
|
|
ec8dc5 |
}
|
|
|
ec8dc5 |
|
|
|
ec8dc5 |
@@ -1154,7 +1162,7 @@ tool_rc tpm2_hierarchycontrol(ESYS_CONTEXT *esys_context,
|
|
|
ec8dc5 |
}
|
|
|
ec8dc5 |
|
|
|
ec8dc5 |
TSS2_RC rval = Esys_HierarchyControl(esys_context, auth_hierarchy->tr_handle,
|
|
|
ec8dc5 |
- shandle, ESYS_TR_NONE, ESYS_TR_NONE, enable, state);
|
|
|
ec8dc5 |
+ shandle, ESYS_TR_NONE, ESYS_TR_NONE, fix_esys_hierarchy(enable), state);
|
|
|
ec8dc5 |
if (rval != TPM2_RC_SUCCESS && rval != TPM2_RC_INITIALIZE) {
|
|
|
ec8dc5 |
LOG_PERR(Esys_HierarchyControl, rval);
|
|
|
ec8dc5 |
return tool_rc_from_tpm(rval);
|
|
|
ec8dc5 |
@@ -1251,7 +1259,7 @@ tool_rc tpm2_hmac_sequencecomplete(ESYS_CONTEXT *esys_context,
|
|
|
ec8dc5 |
|
|
|
ec8dc5 |
TPM2_RC rval = Esys_SequenceComplete(esys_context, sequence_handle,
|
|
|
ec8dc5 |
hmac_key_obj_shandle, ESYS_TR_NONE, ESYS_TR_NONE, input_buffer,
|
|
|
ec8dc5 |
- TPM2_RH_NULL, result, validation);
|
|
|
ec8dc5 |
+ fix_esys_hierarchy(TPM2_RH_NULL), result, validation);
|
|
|
ec8dc5 |
if (rval != TSS2_RC_SUCCESS) {
|
|
|
ec8dc5 |
LOG_PERR(Esys_HMAC, rval);
|
|
|
ec8dc5 |
return tool_rc_from_tpm(rval);
|
|
|
ec8dc5 |
@@ -1907,7 +1915,7 @@ tool_rc tpm2_loadexternal(ESYS_CONTEXT *ectx, const TPM2B_SENSITIVE *private,
|
|
|
ec8dc5 |
|
|
|
ec8dc5 |
TSS2_RC rval = Esys_LoadExternal(ectx,
|
|
|
ec8dc5 |
ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
|
|
|
ec8dc5 |
- private, public, hierarchy,
|
|
|
ec8dc5 |
+ private, public, fix_esys_hierarchy(hierarchy),
|
|
|
ec8dc5 |
object_handle);
|
|
|
ec8dc5 |
if (rval != TSS2_RC_SUCCESS) {
|
|
|
ec8dc5 |
LOG_PERR(Esys_LoadExternal, rval);
|
|
|
ec8dc5 |
--
|
|
|
ec8dc5 |
2.27.0
|
|
|
ec8dc5 |
|