[SeaBIOS] [PATCH 3/8] tpm: Don't call tpm_set_failure() from tpm_log_extend_event()
Kevin O'Connor
kevin at koconnor.net
Wed Dec 30 20:31:57 CET 2015
The 16bit BIOS interface shouldn't be able to shutdown the TPM. Move
the check for tpm_is_working() and tpm_set_failure() to the only
caller of tpm_log_extend_event() that may shutdown the TPM.
Signed-off-by: Kevin O'Connor <kevin at koconnor.net>
---
src/tcgbios.c | 21 +++++++++------------
1 file changed, 9 insertions(+), 12 deletions(-)
diff --git a/src/tcgbios.c b/src/tcgbios.c
index ca2ada0..dd30593 100644
--- a/src/tcgbios.c
+++ b/src/tcgbios.c
@@ -288,9 +288,6 @@ determine_timeouts(void)
static u32
tpm_log_extend_event(struct pcpes *pcpes, const void *event)
{
- if (!tpm_is_working())
- return TCG_GENERAL_ERROR;
-
if (pcpes->pcrindex >= 24)
return TCG_INVALID_INPUT_PARA;
@@ -306,15 +303,10 @@ tpm_log_extend_event(struct pcpes *pcpes, const void *event)
u32 resp_length = sizeof(rsp);
u32 rc = tpmhw_transmit(0, &tre.hdr, &rsp, &resp_length,
TPM_DURATION_TYPE_SHORT);
- if (rc || resp_length != sizeof(rsp)) {
- tpm_set_failure();
- return rc;
- }
+ if (rc || resp_length != sizeof(rsp) || rsp.hdr.errcode)
+ return rc ?: TCG_TCG_COMMAND_ERROR;
- rc = tpm_log_event(pcpes, event);
- if (rc)
- tpm_set_failure();
- return rc;
+ return tpm_log_event(pcpes, event);
}
static void
@@ -341,13 +333,18 @@ tpm_add_measurement_to_log(u32 pcrindex, u32 event_type,
const char *event, u32 event_length,
const u8 *hashdata, u32 hashdata_length)
{
+ if (!tpm_is_working())
+ return;
+
struct pcpes pcpes = {
.pcrindex = pcrindex,
.eventtype = event_type,
.eventdatasize = event_length,
};
tpm_fill_hash(&pcpes, hashdata, hashdata_length);
- tpm_log_extend_event(&pcpes, event);
+ u32 rc = tpm_log_extend_event(&pcpes, event);
+ if (rc)
+ tpm_set_failure();
}
--
2.5.0
More information about the SeaBIOS
mailing list