esys: simplify resubmit path

Recent System API spec (v1.1 rev 24) simplifies command re-submission in case of TPM RC_RETRY, RC_TESTING or RC_YIELDED by storing the command header and parameters at the SAPI layer and allowing the ESAPI invoke TSS_Sys_ExecuteAsync multiple times. Change the re-submission logic in ESAPI to leverage this new feature. By doing that, many of the <TYPE>_IN data structures are no longer needed and can be removed. Only the input parameters that are used in _Finish() functions for purposes other than re-submission need to be stored. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
author: Tadeusz Struk <tadeusz.struk@intel.com> 2019-04-17 14:04:12 -0700
committer: Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de> 2019-04-23 10:05:53 +0200
commit: 511e6d3cea483bd880fba72a8b01be2fb1fc7259 (patch)
tree: 83c112e7c9cd4a4782d52d70139e2cd4b1d91c79 /src/tss2-esys/api/Esys_NV_ChangeAuth.c
parent: 393b7eff5d8ea8a65c9ed5a9e6b23703acf8a67e (diff)
download: tpm2-tss-511e6d3cea483bd880fba72a8b01be2fb1fc7259.tar.gz
1 files changed, 14 insertions, 17 deletions
diff --git a/src/tss2-esys/api/Esys_NV_ChangeAuth.c b/src/tss2-esys/api/Esys_NV_ChangeAuth.c
index 9d969950..e922a2e8 100644
--- a/src/tss2-esys/api/Esys_NV_ChangeAuth.c
+++ b/src/tss2-esys/api/Esys_NV_ChangeAuth.c
@@ -21,13 +21,13 @@ static void store_input_parameters (
     ESYS_TR nvIndex,
     const TPM2B_AUTH *newAuth)
 {
-    esysContext->in.NV_ChangeAuth.nvIndex = nvIndex;
+    esysContext->in.NV.nvIndex = nvIndex;
     if (newAuth == NULL) {
-        esysContext->in.NV_ChangeAuth.newAuth = NULL;
+        esysContext->in.NV.auth = NULL;
     } else {
-        esysContext->in.NV_ChangeAuth.newAuthData = *newAuth;
-        esysContext->in.NV_ChangeAuth.newAuth =
-            &esysContext->in.NV_ChangeAuth.newAuthData;
+        esysContext->in.NV.authData = *newAuth;
+        esysContext->in.NV.auth =
+            &esysContext->in.NV.authData;
     }
 }
 
@@ -168,7 +168,7 @@ Esys_NV_ChangeAuth_Async(
         return r;
     esysContext->state = _ESYS_STATE_INTERNALERROR;
 
-    /* Check and store input parameters */
+    /* Check input parameters */
     r = check_session_feasibility(shandle1, shandle2, shandle3, 1);
     return_state_if_error(r, _ESYS_STATE_INIT, "Check session usage");
     store_input_parameters(esysContext, nvIndex, newAuth);
@@ -256,7 +256,8 @@ Esys_NV_ChangeAuth_Finish(
     }
 
     /* Check for correct sequence and set sequence to irregular for now */
-    if (esysContext->state != _ESYS_STATE_SENT) {
+    if (esysContext->state != _ESYS_STATE_SENT &&
+        esysContext->state != _ESYS_STATE_RESUBMISSION) {
         LOG_ERROR("Esys called in bad sequence.");
         return TSS2_ESYS_RC_BAD_SEQUENCE;
     }
@@ -274,18 +275,13 @@ Esys_NV_ChangeAuth_Finish(
     if (r == TPM2_RC_RETRY || r == TPM2_RC_TESTING || r == TPM2_RC_YIELDED) {
         LOG_DEBUG("TPM returned RETRY, TESTING or YIELDED, which triggers a "
             "resubmission: %" PRIx32, r);
-        if (esysContext->submissionCount >= _ESYS_MAX_SUBMISSIONS) {
+        if (esysContext->submissionCount++ >= _ESYS_MAX_SUBMISSIONS) {
             LOG_WARNING("Maximum number of (re)submissions has been reached.");
             esysContext->state = _ESYS_STATE_INIT;
             return r;
         }
         esysContext->state = _ESYS_STATE_RESUBMISSION;
-        r = Esys_NV_ChangeAuth_Async(esysContext,
-                                     esysContext->in.NV_ChangeAuth.nvIndex,
-                                     esysContext->session_type[0],
-                                     esysContext->session_type[1],
-                                     esysContext->session_type[2],
-                                     esysContext->in.NV_ChangeAuth.newAuth);
+        r = Tss2_Sys_ExecuteAsync(esysContext->sys);
         if (r != TSS2_RC_SUCCESS) {
             LOG_WARNING("Error attempting to resubmit");
             /* We do not set esysContext->state here but inherit the most recent
@@ -310,14 +306,15 @@ Esys_NV_ChangeAuth_Finish(
      * Session value has to be updated before checking the response to ensure
      * correct computation of hmac with new auth value.
      */
-    nvIndex = esysContext->in.NV_ChangeAuth.nvIndex;
+    nvIndex = esysContext->in.NV.nvIndex;
     r = esys_GetResourceObject(esysContext, nvIndex, &nvIndexNode);
     return_if_error(r, "get resource");
 
-    if (esysContext->in.NV_ChangeAuth.newAuth == NULL)
+    if (esysContext->in.NV.auth == NULL)
         nvIndexNode->auth.size = 0;
     else
-        nvIndexNode->auth = *esysContext->in.NV_ChangeAuth.newAuth;
+        nvIndexNode->auth = *esysContext->in.NV.auth;
+
     iesys_compute_session_value(esysContext->session_tab[0],
                                 &nvIndexNode->rsrc.name, &nvIndexNode->auth);
author	Tadeusz Struk <tadeusz.struk@intel.com>	2019-04-17 14:04:12 -0700
committer	Andreas Fuchs <andreas.fuchs@sit.fraunhofer.de>	2019-04-23 10:05:53 +0200
commit	511e6d3cea483bd880fba72a8b01be2fb1fc7259 (patch)
tree	83c112e7c9cd4a4782d52d70139e2cd4b1d91c79 /src/tss2-esys/api/Esys_NV_ChangeAuth.c
parent	393b7eff5d8ea8a65c9ed5a9e6b23703acf8a67e (diff)
download	tpm2-tss-511e6d3cea483bd880fba72a8b01be2fb1fc7259.tar.gz