diff options
author | Tadeusz Struk <tadeusz.struk@intel.com> | 2019-04-17 14:04:12 -0700 |
---|---|---|
committer | Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de> | 2019-04-23 10:05:53 +0200 |
commit | 511e6d3cea483bd880fba72a8b01be2fb1fc7259 (patch) | |
tree | 83c112e7c9cd4a4782d52d70139e2cd4b1d91c79 /src/tss2-esys/api/Esys_NV_ChangeAuth.c | |
parent | 393b7eff5d8ea8a65c9ed5a9e6b23703acf8a67e (diff) | |
download | tpm2-tss-511e6d3cea483bd880fba72a8b01be2fb1fc7259.tar.gz |
esys: simplify resubmit path
Recent System API spec (v1.1 rev 24) simplifies command
re-submission in case of TPM RC_RETRY, RC_TESTING or RC_YIELDED
by storing the command header and parameters at the SAPI layer
and allowing the ESAPI invoke TSS_Sys_ExecuteAsync multiple times.
Change the re-submission logic in ESAPI to leverage this new feature.
By doing that, many of the <TYPE>_IN data structures are no longer
needed and can be removed.
Only the input parameters that are used in _Finish() functions
for purposes other than re-submission need to be stored.
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Diffstat (limited to 'src/tss2-esys/api/Esys_NV_ChangeAuth.c')
-rw-r--r-- | src/tss2-esys/api/Esys_NV_ChangeAuth.c | 31 |
1 files changed, 14 insertions, 17 deletions
diff --git a/src/tss2-esys/api/Esys_NV_ChangeAuth.c b/src/tss2-esys/api/Esys_NV_ChangeAuth.c index 9d969950..e922a2e8 100644 --- a/src/tss2-esys/api/Esys_NV_ChangeAuth.c +++ b/src/tss2-esys/api/Esys_NV_ChangeAuth.c @@ -21,13 +21,13 @@ static void store_input_parameters ( ESYS_TR nvIndex, const TPM2B_AUTH *newAuth) { - esysContext->in.NV_ChangeAuth.nvIndex = nvIndex; + esysContext->in.NV.nvIndex = nvIndex; if (newAuth == NULL) { - esysContext->in.NV_ChangeAuth.newAuth = NULL; + esysContext->in.NV.auth = NULL; } else { - esysContext->in.NV_ChangeAuth.newAuthData = *newAuth; - esysContext->in.NV_ChangeAuth.newAuth = - &esysContext->in.NV_ChangeAuth.newAuthData; + esysContext->in.NV.authData = *newAuth; + esysContext->in.NV.auth = + &esysContext->in.NV.authData; } } @@ -168,7 +168,7 @@ Esys_NV_ChangeAuth_Async( return r; esysContext->state = _ESYS_STATE_INTERNALERROR; - /* Check and store input parameters */ + /* Check input parameters */ r = check_session_feasibility(shandle1, shandle2, shandle3, 1); return_state_if_error(r, _ESYS_STATE_INIT, "Check session usage"); store_input_parameters(esysContext, nvIndex, newAuth); @@ -256,7 +256,8 @@ Esys_NV_ChangeAuth_Finish( } /* Check for correct sequence and set sequence to irregular for now */ - if (esysContext->state != _ESYS_STATE_SENT) { + if (esysContext->state != _ESYS_STATE_SENT && + esysContext->state != _ESYS_STATE_RESUBMISSION) { LOG_ERROR("Esys called in bad sequence."); return TSS2_ESYS_RC_BAD_SEQUENCE; } @@ -274,18 +275,13 @@ Esys_NV_ChangeAuth_Finish( if (r == TPM2_RC_RETRY || r == TPM2_RC_TESTING || r == TPM2_RC_YIELDED) { LOG_DEBUG("TPM returned RETRY, TESTING or YIELDED, which triggers a " "resubmission: %" PRIx32, r); - if (esysContext->submissionCount >= _ESYS_MAX_SUBMISSIONS) { + if (esysContext->submissionCount++ >= _ESYS_MAX_SUBMISSIONS) { LOG_WARNING("Maximum number of (re)submissions has been reached."); esysContext->state = _ESYS_STATE_INIT; return r; } esysContext->state = _ESYS_STATE_RESUBMISSION; - r = Esys_NV_ChangeAuth_Async(esysContext, - esysContext->in.NV_ChangeAuth.nvIndex, - esysContext->session_type[0], - esysContext->session_type[1], - esysContext->session_type[2], - esysContext->in.NV_ChangeAuth.newAuth); + r = Tss2_Sys_ExecuteAsync(esysContext->sys); if (r != TSS2_RC_SUCCESS) { LOG_WARNING("Error attempting to resubmit"); /* We do not set esysContext->state here but inherit the most recent @@ -310,14 +306,15 @@ Esys_NV_ChangeAuth_Finish( * Session value has to be updated before checking the response to ensure * correct computation of hmac with new auth value. */ - nvIndex = esysContext->in.NV_ChangeAuth.nvIndex; + nvIndex = esysContext->in.NV.nvIndex; r = esys_GetResourceObject(esysContext, nvIndex, &nvIndexNode); return_if_error(r, "get resource"); - if (esysContext->in.NV_ChangeAuth.newAuth == NULL) + if (esysContext->in.NV.auth == NULL) nvIndexNode->auth.size = 0; else - nvIndexNode->auth = *esysContext->in.NV_ChangeAuth.newAuth; + nvIndexNode->auth = *esysContext->in.NV.auth; + iesys_compute_session_value(esysContext->session_tab[0], &nvIndexNode->rsrc.name, &nvIndexNode->auth); |