From bc4aab36137429cab7781586729bf039ce9f24e6 Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date: Tue, 4 Dec 2018 16:39:32 -0500
Subject: [PATCH] tpm2: Log command that put TPM 2 into failure mode

Once we detect that the TPM 2 was put into failure mode, log
the command that did it.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 src/tpm_library.c        | 27 +++++++++++++++++++++++++++
 src/tpm_library_intern.h |  3 ++-
 src/tpm_tpm2_interface.c |  9 +++++++++
 3 files changed, 38 insertions(+), 1 deletion(-)

diff --git a/src/tpm_library.c b/src/tpm_library.c
index bb3dd253..de4ed146 100644
--- a/src/tpm_library.c
+++ b/src/tpm_library.c
@@ -546,6 +546,33 @@ void TPMLIB_LogPrintfA(unsigned int indent, const char *format, ...)
     va_end(args);
 }
 
+/*
+ * TPMLIB_LogArray: Display an array of data
+ *
+ * @indent: how many spaces to indent; indent of ~0 forces logging
+ *          with indent 0 even if not debug_level is set
+ * @data: the data to print
+ * @datalen: length of the data
+ */
+void TPMLIB_LogArray(unsigned int indent, const unsigned char *data,
+                     size_t datalen)
+{
+    char line[80];
+    size_t i, o = 0;
+
+    for (i = 0; i < datalen; i++) {
+        snprintf(&line[o], sizeof(line) - o, "%02x ", data[i]);
+        o += 3;
+        if (o >= 16 * 3) {
+            TPMLIB_LogPrintfA(indent, "%s\n", line);
+            o = 0;
+        }
+    }
+    if (o > 0) {
+        TPMLIB_LogPrintfA(indent, "%s\n", line);
+    }
+}
+
 void ClearCachedState(enum TPMLIB_StateType st)
 {
     free(cached_blobs[st].buffer);
diff --git a/src/tpm_library_intern.h b/src/tpm_library_intern.h
index e332e632..0d6095c5 100644
--- a/src/tpm_library_intern.h
+++ b/src/tpm_library_intern.h
@@ -103,7 +103,8 @@ TPM_RESULT TPM12_IO_TpmEstablished_Reset(void);
 int TPMLIB_LogPrintf(const char *format, ...);
 void TPMLIB_LogPrintfA(unsigned int indent, const char *format, ...) \
      ATTRIBUTE_FORMAT(2, 3);
-
+void TPMLIB_LogArray(unsigned int indent, const unsigned char *data,
+                     size_t datalen);
 
 #define TPMLIB_LogError(format, ...) \
      TPMLIB_LogPrintfA(~0, "libtpms: "format, __VA_ARGS__)
diff --git a/src/tpm_tpm2_interface.c b/src/tpm_tpm2_interface.c
index 3126a4af..74cdea65 100644
--- a/src/tpm_tpm2_interface.c
+++ b/src/tpm_tpm2_interface.c
@@ -66,6 +66,7 @@
 #include "tpm_nvfilename.h"
 
 extern BOOL      g_inFailureMode;
+static BOOL      reportedFailureCommand;
 
 /*
  * Check whether the main NVRAM file exists. Return TRUE if it doesn, FALSE otherwise
@@ -97,6 +98,7 @@ TPM_RESULT TPM2_MainInit(void)
     bool has_cached_state;
 
     g_inFailureMode = FALSE;
+    reportedFailureCommand = FALSE;
 
 #ifdef TPM_LIBTPMS_CALLBACKS
     struct libtpms_callbacks *cbs = TPMLIB_GetCallbacks();
@@ -200,6 +202,13 @@ TPM_RESULT TPM2_Process(unsigned char **respbuffer, uint32_t *resp_size,
 
     *resp_size = resp.BufferSize;
 
+    if (g_inFailureMode && !reportedFailureCommand) {
+        reportedFailureCommand = TRUE;
+        TPMLIB_LogTPM2Error("%s: Entered failure mode through command:\n",
+                            __func__);
+        TPMLIB_LogArray(~0, command, command_size);
+    }
+
     return TPM_SUCCESS;
 }