From 96f5dc28fd6c4105d363ccfca54ec60ba5f7eece Mon Sep 17 00:00:00 2001 From: Stefan Berger Date: Tue, 14 Jun 2022 17:17:32 -0400 Subject: [PATCH] tpm2: Initialize RuntimeProfile on first TPM_Manufacture() Signed-off-by: Stefan Berger --- src/tpm2/Manufacture.c | 12 ++++++++++-- src/tpm2/Manufacture_fp.h | 3 ++- src/tpm_tpm2_interface.c | 6 +++++- 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/src/tpm2/Manufacture.c b/src/tpm2/Manufacture.c index 2f7c289d..486fa097 100644 --- a/src/tpm2/Manufacture.c +++ b/src/tpm2/Manufacture.c @@ -80,14 +80,21 @@ /* 1 manufacturing process previously performed */ LIB_EXPORT int TPM_Manufacture( - int firstTime // IN: indicates if this is the first call from + int firstTime, // IN: indicates if this is the first call from // main() + const char * profile // libtpms: optional profile to use ) { TPM_SU orderlyShutdown; // Initialize the context slot mask for UINT16 - s_ContextSlotMask = 0xffff; // libtpms added + s_ContextSlotMask = 0xffff; // libtpms added begin + if (firstTime) { + RuntimeProfileInit(&g_RuntimeProfile); + /* profile was tested before in SetProfile, so this should always work */ + if (RuntimeProfileSet(&g_RuntimeProfile, profile, true) != TPM_RC_SUCCESS) + return -1; + } // libtpms added end #if RUNTIME_SIZE_CHECKS // Call the function to verify the sizes of values that result from different // compile options. @@ -193,6 +200,7 @@ TPM_TearDown( void ) { + RuntimeProfileFree(&g_RuntimeProfile); // libtpms added g_manufactured = FALSE; return 0; } diff --git a/src/tpm2/Manufacture_fp.h b/src/tpm2/Manufacture_fp.h index 60e1c0aa..f23324dc 100644 --- a/src/tpm2/Manufacture_fp.h +++ b/src/tpm2/Manufacture_fp.h @@ -81,8 +81,9 @@ #define MANUF_FIRST_TIME 1 #define MANUF_REMANUFACTURE 0 LIB_EXPORT int TPM_Manufacture( - int firstTime // IN: indicates if this is the first call from + int firstTime, // IN: indicates if this is the first call from // main() + const char *profile // libtpms added ); //*** TPM_TearDown() diff --git a/src/tpm_tpm2_interface.c b/src/tpm_tpm2_interface.c index 4570d786..ac705be7 100644 --- a/src/tpm_tpm2_interface.c +++ b/src/tpm_tpm2_interface.c @@ -69,6 +69,7 @@ extern BOOL g_inFailureMode; static BOOL reportedFailureCommand; +static char *g_profile; /* * Check whether the main NVRAM file exists. Return TRUE if it doesn, FALSE otherwise @@ -136,7 +137,7 @@ static TPM_RESULT TPM2_MainInit(void) TPMLIB_LogTPM2Error( "%s: _plat__NVEnable(NULL) failed: %d\n", __func__, ret); - if (TPM_Manufacture(TRUE) < 0 || g_inFailureMode) { + if (TPM_Manufacture(TRUE, g_profile) < 0 || g_inFailureMode) { TPMLIB_LogTPM2Error("%s: TPM_Manufacture(TRUE) failed or TPM in " "failure mode\n", __func__); reportedFailureCommand = TRUE; @@ -171,6 +172,9 @@ static void TPM2_Terminate(void) _rpc__Signal_PowerOff(); ExpDCacheFree(); + + free(g_profile); + g_profile = NULL; } static TPM_RESULT TPM2_Process(unsigned char **respbuffer, uint32_t *resp_size,