tpm2: ACT: Extend case statements with FOR_EACH_ACT

Since none of the ACTs are enabled, the FOR_EACH_ACT statements will all be no-ops. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2026-01-26 02:16:08 +00:00 · 2019-11-26 16:58:43 -05:00 · 2019-11-26 16:58:43 -05:00 · 46c267da85
commit 46c267da85
parent f4b7a835ee
4 changed files with 54 additions and 6 deletions
--- a/src/tpm2/Entity.c
+++ b/src/tpm2/Entity.c
@ -3,7 +3,7 @@
 /*		Accessing properties for handles of various types		*/
 /*			     Written by Ken Goldman				*/
 /*		       IBM Thomas J. Watson Research Center			*/
-/*            $Id: Entity.c 1490 2019-07-26 21:13:22Z kgoldman $		*/
+/*            $Id: Entity.c 1519 2019-11-15 20:43:51Z kgoldman $		*/
 /*										*/
 /*  Licenses and Notices							*/
 /*										*/
@ -115,7 +115,13 @@ EntityGetLoadStatus(
 			    // for policy checks but not always available when authValue
 			    // is being checked.
 			  case TPM_RH_LOCKOUT:
-			    break;
+	                    // Rather than have #ifdefs all over the code,
+	                    // CASE_ACT_HANDLE is defined in ACT.h. It is 'case TPM_RH_ACT_x:'
+	                    // FOR_EACH_ACT(CASE_ACT_HANDLE) creates a simple
+	                    // case TPM_RH_ACT_x: // for each of the implemented ACT.
+	                    FOR_EACH_ACT(CASE_ACT_HANDLE)
+				break;
+
 			  default:
 			    // If the implementation has a manufacturer-specific value
 			    // then test for it here. Since this implementation does
@ -237,6 +243,8 @@ EntityGetAuthValue(
 			  // endorsementAuth for TPM_RH_ENDORSEMENT
 			  pAuth = &gp.endorsementAuth;
 			  break;
+			  // The ACT use platformAuth for auth
+			  FOR_EACH_ACT(CASE_ACT_HANDLE)
 			case TPM_RH_PLATFORM:
 			  // platformAuth for TPM_RH_PLATFORM
 			  pAuth = &gc.platformAuth;
@ -347,6 +355,14 @@ EntityGetAuthPolicy(
 		    *authPolicy = gp.lockoutPolicy;
 		    hashAlg = gp.lockoutAlg;
 		    break;
+
+#define ACT_GET_POLICY(N)						\
+		    case TPM_RH_ACT_##N:				\
+		      *authPolicy = go.ACT_##N.authPolicy;		\
+		      hashAlg = go.ACT_##N.hashAlg;			\
+		      break;
+		    // Get the policy for each implemented ACT
+		    FOR_EACH_ACT(ACT_GET_POLICY)
 		  default:
 		    hashAlg = TPM_ALG_ERROR;
 		    break;
--- a/src/tpm2/Handle.c
+++ b/src/tpm2/Handle.c
@ -3,7 +3,7 @@
 /*		fUnctions that return the type of a handle.	     		*/
 /*			     Written by Ken Goldman				*/
 /*		       IBM Thomas J. Watson Research Center			*/
-/*            $Id: Handle.c 1490 2019-07-26 21:13:22Z kgoldman $			*/
+/*            $Id: Handle.c 1519 2019-11-15 20:43:51Z kgoldman $		*/
 /*										*/
 /*  Licenses and Notices							*/
 /*										*/
@ -55,7 +55,7 @@
 /*    arising in any way out of use or reliance upon this specification or any 	*/
 /*    information herein.							*/
 /*										*/
-/*  (c) Copyright IBM Corp. and others, 2016, 2017				*/
+/*  (c) Copyright IBM Corp. and others, 2016 - 2019				*/
 /*										*/
 /********************************************************************************/

@ -104,7 +104,13 @@ NextPermanentHandle(
 #ifdef  VENDOR_PERMANENT
 		  case VENDOR_PERMANENT:
 #endif
-		    return inHandle;
+		    // Each of the implemented ACT
+#define ACT_IMPLEMENTED_CASE(N)						\
+	            case TPM_RH_ACT_##N:
+		    
+	            FOR_EACH_ACT(ACT_IMPLEMENTED_CASE)
+			
+	                return inHandle;
 		    break;
 		  default:
 		    break;
--- a/src/tpm2/HierarchyCommands.c
+++ b/src/tpm2/HierarchyCommands.c
@ -3,7 +3,7 @@
 /*			     Hierarchy Commands					*/
 /*			     Written by Ken Goldman				*/
 /*		       IBM Thomas J. Watson Research Center			*/
-/*            $Id: HierarchyCommands.c 1490 2019-07-26 21:13:22Z kgoldman $	*/
+/*            $Id: HierarchyCommands.c 1519 2019-11-15 20:43:51Z kgoldman $	*/
 /*										*/
 /*  Licenses and Notices							*/
 /*										*/
@ -272,6 +272,16 @@ TPM2_SetPrimaryPolicy(
 	    NV_SYNC_PERSISTENT(lockoutAlg);
 	    NV_SYNC_PERSISTENT(lockoutPolicy);
 	    break;
+
+#define SET_ACT_POLICY(N)						\
+	    case TPM_RH_ACT_##N:					\
+	      go.ACT_##N.hashAlg = in->hashAlg;				\
+	      go.ACT_##N.authPolicy = in->authPolicy;			\
+	      g_clearOrderly = TRUE;					\
+	      break;
+	    
+	    FOR_EACH_ACT(SET_ACT_POLICY)
+	    
 	  default:
 	    FAIL(FATAL_ERROR_INTERNAL);
 	    break;
--- a/src/tpm2/SessionProcess.c
+++ b/src/tpm2/SessionProcess.c
@ -297,6 +297,14 @@ IsAuthValueAvailable(
 		  case TPM_RH_NULL:
 		    result = TRUE;
 		    break;
+#ifndef __ACT_DISABLED	// libtpms added begin
+		    FOR_EACH_ACT(CASE_ACT_HANDLE)
+	                {
+	                    // The ACT auth value is not available if the platform is disabled
+			    result = g_phEnable == SET;
+			    break;
+	                }
+#endif			// libtpms added end
 		  default:
 		    // Otherwise authValue is not available.
 		    break;
@ -414,6 +422,14 @@ IsAuthPolicyAvailable(
 		    if(gc.platformPolicy.t.size != 0)
 			result = TRUE;
 		    break;
+#define ACT_GET_POLICY(N)						\
+		    case TPM_RH_ACT_##N:				\
+		      if(go.ACT_##N.authPolicy.t.size != 0)		\
+			  result = TRUE;				\
+		      break;
+		    
+		    FOR_EACH_ACT(ACT_GET_POLICY)
+			
 		  case TPM_RH_LOCKOUT:
 		    if(gp.lockoutPolicy.t.size != 0)
 			result = TRUE;