Modify TPM_NVRAM_LoadData() to try to get cached state blob

Modify TPM_NVRAM_LoadData() to try to get the cached state blob before trying to read the state blob from the file. We clear the state blob as part of passing it to the TPM. A side effect is now that if TPMLIB_ValidateState is called on a blob that this call would not remove the cached blob. So we have to save a copy before reading (and parsing) the state blob so we still have it when TPM_MainInit() is called. Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2026-01-09 05:50:48 +00:00 · 2018-03-10 19:13:01 -05:00 · 2018-03-10 19:13:01 -05:00 · 7bbb41a1fd
commit 7bbb41a1fd
parent c76f52efd3
2 changed files with 20 additions and 2 deletions
--- a/src/tpm12/tpm_nvfile.c
+++ b/src/tpm12/tpm_nvfile.c
@ -64,6 +64,7 @@

 #ifdef TPM_LIBTPMS_CALLBACKS
 #include "tpm_library_intern.h"
+#include "tpm_library.h"
 #endif


@ -162,7 +163,17 @@ TPM_RESULT TPM_NVRAM_LoadData(unsigned char **data,     /* freed by caller */
    char        filename[FILENAME_MAX]; /* rooted file name from name */

 #ifdef TPM_LIBTPMS_CALLBACKS
-    struct libtpms_callbacks *cbs = TPMLIB_GetCallbacks();
+    struct libtpms_callbacks *cbs;
+    bool is_empty_buffer;
+
+    /* try to get state blob set with TPMLIB_SetState() */
+    GetCachedState(TPMLIB_NameToStateType(name), data, length, &is_empty_buffer);
+    if (is_empty_buffer)
+        return TPM_RETRY;
+    if (*data)
+        return TPM_SUCCESS;
+
+    cbs = TPMLIB_GetCallbacks();

    /* call user-provided function if available, otherwise execute
       default behavior */
--- a/src/tpm_tpm12_interface.c
+++ b/src/tpm_tpm12_interface.c
@ -273,6 +273,7 @@ TPM_RESULT TPM12_ValidateState(enum TPMLIB_StateType st,
        TPMLIB_STATE_SAVE_STATE,
        0,
    };
+    enum TPMLIB_StateType c_st;
    unsigned i;

 #ifdef TPM_LIBTPMS_CALLBACKS
@ -289,7 +290,13 @@ TPM_RESULT TPM12_ValidateState(enum TPMLIB_StateType st,
    tpm_state.tpm_number = 0;

    for (i = 0; sts[i] && ret == TPM_SUCCESS; i++) {
-        switch (st & sts[i]) {
+        c_st = st & sts[i];
+
+        /* 'cached' state is known to 'work', so skip it */
+        if (!c_st || !HasCachedState(c_st))
+            continue;
+
+        switch (c_st) {
        case TPMLIB_STATE_PERMANENT:
            ret = TPM_PermanentAll_NVLoad(&tpm_state);
            break;