From a0a48464acef435d709131d3cc3e8992a010cee7 Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.ibm.com>
Date: Wed, 13 Dec 2023 17:24:12 -0500
Subject: [PATCH] rev180: Add (unused) parameter to PublicAttributesValidation

Add yet unused parameter 'primaryHierarchy to PublicAttributesValidation.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 src/tpm2/HierarchyCommands.c | 4 ++--
 src/tpm2/Object.c            | 2 +-
 src/tpm2/ObjectCommands.c    | 7 +++++--
 src/tpm2/Object_spt.c        | 6 +++++-
 src/tpm2/Object_spt_fp.h     | 3 +++
 5 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/src/tpm2/HierarchyCommands.c b/src/tpm2/HierarchyCommands.c
index ab728249..455ce94b 100644
--- a/src/tpm2/HierarchyCommands.c
+++ b/src/tpm2/HierarchyCommands.c
@@ -87,8 +87,8 @@ TPM2_CreatePrimary(
     // Check attributes in input public area. CreateChecks() checks the things that
     // are unique to creation and then validates the attributes and values that are
     // common to create and load.
-    result = CreateChecks(NULL, publicArea,
-			  in->inSensitive.sensitive.data.t.size);
+    result = CreateChecks(
+			  NULL, in->primaryHandle, publicArea, in->inSensitive.sensitive.data.t.size);
     if(result != TPM_RC_SUCCESS)
 	return RcSafeAddToResult(result, RC_CreatePrimary_inPublic);
     // Validate the sensitive area values
diff --git a/src/tpm2/Object.c b/src/tpm2/Object.c
index 02ffcb2a..b1c1cfec 100644
--- a/src/tpm2/Object.c
+++ b/src/tpm2/Object.c
@@ -426,7 +426,7 @@ ObjectLoad(OBJECT* object,           // IN: pointer to object slot
 	    //   consistency with the parent, OR
 	    // - parent is NULL but the object is not a primary object, either
 	    result =
-		PublicAttributesValidation(parent, publicArea);
+		PublicAttributesValidation(parent, /*primaryHierarchy = */ 0, publicArea);
 	}
     if(result != TPM_RC_SUCCESS)
 	return RcSafeAddToResult(result, blamePublic);
diff --git a/src/tpm2/ObjectCommands.c b/src/tpm2/ObjectCommands.c
index 8ad50b79..70eaa0db 100644
--- a/src/tpm2/ObjectCommands.c
+++ b/src/tpm2/ObjectCommands.c
@@ -144,6 +144,7 @@ TPM2_Create(Create_In*  in,  // IN: input parameter list
     // are unique to creation and then validates the attributes and values that are
     // common to create and load.
     result = CreateChecks(parentObject,
+			  /* primaryHierarchy = */ 0,
 			  publicArea,
 			  in->inSensitive.sensitive.data.t.size);
     if(result != TPM_RC_SUCCESS)
@@ -587,7 +588,7 @@ TPM2_CreateLoaded(CreateLoaded_In*  in,  // IN: input parameter list
 			    publicArea->objectAttributes, TPMA_OBJECT, sensitiveDataOrigin))
 		return TPM_RCS_ATTRIBUTES;
 	    // Check the rest of the attributes
-	    result = PublicAttributesValidation(parent, publicArea);
+	    result = PublicAttributesValidation(parent, 0, publicArea);
 	    if(result != TPM_RC_SUCCESS)
 		return RcSafeAddToResult(result, RC_CreateLoaded_inPublic);
 	    // Process the template and sensitive areas to get the actual 'label' and
@@ -613,7 +614,9 @@ TPM2_CreateLoaded(CreateLoaded_In*  in,  // IN: input parameter list
 	    // Check attributes in input public area. CreateChecks() checks the things
 	    // that are unique to creation and then validates the attributes and values
 	    // that are common to create and load.
-	    result = CreateChecks(parent, publicArea,
+	    result = CreateChecks(parent,
+				  (parent == NULL) ? in->parentHandle : 0,
+				  publicArea,
 				  in->inSensitive.sensitive.data.t.size);
 
 	    if(result != TPM_RC_SUCCESS)
diff --git a/src/tpm2/Object_spt.c b/src/tpm2/Object_spt.c
index 2c9aed53..8e629c31 100644
--- a/src/tpm2/Object_spt.c
+++ b/src/tpm2/Object_spt.c
@@ -397,6 +397,7 @@ BOOL ObjectIsParent(OBJECT* parentObject  // IN: parent handle
 //      other               returns from PublicAttributesValidation()
 TPM_RC
 CreateChecks(OBJECT*           parentObject,
+	     TPMI_RH_HIERARCHY primaryHierarchy,
 	     TPMT_PUBLIC*      publicArea,
 	     UINT16            sensitiveDataSize)
 {
@@ -443,7 +444,8 @@ CreateChecks(OBJECT*           parentObject,
 	}
     if(TPM_RC_SUCCESS == result)
 	{
-	    result = PublicAttributesValidation(parentObject, publicArea);
+	    result =
+		PublicAttributesValidation(parentObject, primaryHierarchy, publicArea);
 	}
     return result;
 }
@@ -663,6 +665,8 @@ TPM_RC
 PublicAttributesValidation(
 			   // IN: input parent object (if ordinary or derived object; NULL otherwise)
 			   OBJECT* parentObject,
+			   // IN: hierarchy (if primary object; 0 otherwise)
+			   TPMI_RH_HIERARCHY primaryHierarchy,
 			   // IN: public area of the object
 			   TPMT_PUBLIC* publicArea)
 {
diff --git a/src/tpm2/Object_spt_fp.h b/src/tpm2/Object_spt_fp.h
index 1aeed216..a8fdcf96 100644
--- a/src/tpm2/Object_spt_fp.h
+++ b/src/tpm2/Object_spt_fp.h
@@ -99,6 +99,7 @@ BOOL ObjectIsParent(OBJECT* parentObject  // IN: parent handle
 //      other                   returns from PublicAttributesValidation()
 TPM_RC
 CreateChecks(OBJECT*           parentObject,
+	     TPMI_RH_HIERARCHY primaryHierarchy,
 	     TPMT_PUBLIC*      publicArea,
 	     UINT16            sensitiveDataSize);
 
@@ -145,6 +146,8 @@ TPM_RC
 PublicAttributesValidation(
 			   // IN: input parent object (if ordinary or derived object; NULL otherwise)
 			   OBJECT* parentObject,
+			   // IN: hierarchy (if primary object; 0 otherwise)
+			   TPMI_RH_HIERARCHY primaryHierarchy,
 			   // IN: public area of the object
 			   TPMT_PUBLIC* publicArea);