rev148: Rework ACCUMULATE_SELF_HEAL_TIMER

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>

src/tpm2/DA.c

@@ -3,7 +3,7 @@
 /*			   Dictionary Attack Logic.  				*/
 /*			     Written by Ken Goldman				*/
 /*		       IBM Thomas J. Watson Research Center			*/
-/*            $Id: DA.c 1047 2017-07-20 18:27:34Z kgoldman $			*/
+/*            $Id: DA.c 1259 2018-07-10 19:11:09Z kgoldman $			*/
 /*										*/
 /*  Licenses and Notices							*/
 /*										*/
@@ -55,7 +55,7 @@
 /*    arising in any way out of use or reliance upon this specification or any 	*/
 /*    information herein.							*/
 /*										*/
-/*  (c) Copyright IBM Corp. and others, 2016, 2017				*/
+/*  (c) Copyright IBM Corp. and others, 2016 - 2018				*/
 /*										*/
 /********************************************************************************/
 
@@ -101,7 +101,7 @@ DAStartup(
 	  )
 {
     NOT_REFERENCED(type);
-#ifndef ACCUMULATE_SELF_HEAL_TIMER
+#if !ACCUMULATE_SELF_HEAL_TIMER
     _plat__TimerWasReset();
     s_selfHealTimer = 0;
     s_lockoutTimer = 0;

src/tpm2/Global.c

@@ -126,7 +126,7 @@ BOOL                 s_DAPendingOnNV;
 TPM2B_DIGEST         s_cpHashForCommandAudit;
 #endif
 /* 9.5.4.2 DA.c */
-#ifndef ACCUMULATE_SELF_HEAL_TIMER
+#if !ACCUMULATE_SELF_HEAL_TIMER
 UINT64               s_selfHealTimer;
 UINT64               s_lockoutTimer;
 #endif // !ACCUMULATE_SELF_HEAL_TIMER

src/tpm2/Global.h

@@ -747,13 +747,13 @@ typedef struct orderly_data
     DRBG_STATE          drbgState;
     // These values allow the accumulation of self-healing time across orderly shutdown
     // of the TPM.
-#ifdef ACCUMULATE_SELF_HEAL_TIMER
+#if ACCUMULATE_SELF_HEAL_TIMER
     UINT64              selfHealTimer;  // current value of s_selfHealTimer
     UINT64              lockoutTimer;   // current value of s_lockoutTimer
     UINT64              time;           // current value of g_time at shutdown
 #endif // ACCUMULATE_SELF_HEAL_TIMER
 } ORDERLY_DATA;
-#ifdef ACCUMULATE_SELF_HEAL_TIMER
+#if ACCUMULATE_SELF_HEAL_TIMER
 #define     s_selfHealTimer     go.selfHealTimer
 #define     s_lockoutTimer      go.lockoutTimer
 #endif  // ACCUMULATE_SELF_HEAL_TIMER
@@ -1030,7 +1030,7 @@ extern BOOL             s_DAPendingOnNV;
 /* From DA.c */
 /* This variable holds the accumulated time since the last time that failedTries was
    decremented. This value is in millisecond. */
-#ifndef ACCUMULATE_SELF_HEAL_TIMER
+#if !ACCUMULATE_SELF_HEAL_TIMER
 extern UINT64       s_selfHealTimer;
 /* This variable holds the accumulated time that the lockoutAuth has been blocked. */
 extern UINT64       s_lockoutTimer;

src/tpm2/NVMarshal.c

@@ -597,14 +597,14 @@ ORDERLY_DATA_Marshal(ORDERLY_DATA *data, BYTE **buffer, INT32 *size)
 
     written += DRBG_STATE_Marshal(&data->drbgState, buffer, size);
 
-#ifdef ACCUMULATE_SELF_HEAL_TIMER
+#if ACCUMULATE_SELF_HEAL_TIMER
     has_block = TRUE;
 #else
     has_block = FALSE;
 #endif
     written += BLOCK_SKIP_WRITE_PUSH(has_block, buffer, size);
 
-#ifdef ACCUMULATE_SELF_HEAL_TIMER
+#if ACCUMULATE_SELF_HEAL_TIMER
     written += UINT64_Marshal(&data->selfHealTimer, buffer, size);
     written += UINT64_Marshal(&data->lockoutTimer, buffer, size);
     written += UINT64_Marshal(&data->time, buffer, size);
@@ -644,7 +644,7 @@ ORDERLY_DATA_Unmarshal(ORDERLY_DATA *data, BYTE **buffer, INT32 *size)
         rc = DRBG_STATE_Unmarshal(&data->drbgState, buffer, size);
     }
 
-#ifdef ACCUMULATE_SELF_HEAL_TIMER
+#if ACCUMULATE_SELF_HEAL_TIMER
     needs_block = TRUE;
 #else
     needs_block = FALSE;
@@ -653,7 +653,7 @@ ORDERLY_DATA_Unmarshal(ORDERLY_DATA *data, BYTE **buffer, INT32 *size)
         BLOCK_SKIP_READ(skip_self_heal_timer, needs_block, buffer, size,
                         "ORDERLY DATA", "selfHealTimer");
     }
-#ifdef ACCUMULATE_SELF_HEAL_TIMER
+#if ACCUMULATE_SELF_HEAL_TIMER
     if (rc == TPM_RC_SUCCESS) {
         rc = UINT64_Unmarshal(&data->selfHealTimer, buffer, size);
     }
@@ -2757,14 +2757,14 @@ VolatileState_Marshal(BYTE **buffer, INT32 *size)
 
 #if defined DA_C || defined GLOBAL_C || defined MANUFACTURE_C
 
-#ifndef ACCUMULATE_SELF_HEAL_TIMER
+#if !ACCUMULATE_SELF_HEAL_TIMER
     has_block = TRUE;
 #else
     has_block = FALSE;
 #endif
     written += BLOCK_SKIP_WRITE_PUSH(has_block, buffer, size);
 
-#ifndef ACCUMULATE_SELF_HEAL_TIMER
+#if !ACCUMULATE_SELF_HEAL_TIMER
     written += UINT64_Marshal(&s_selfHealTimer, buffer, size); /* line 975 */
     written += UINT64_Marshal(&s_lockoutTimer, buffer, size); /* line 977 */
 #endif // ACCUMULATE_SELF_HEAL_TIMER
@@ -3144,7 +3144,7 @@ skip_session_process:
     }
 
 #if defined DA_C || defined GLOBAL_C || defined MANUFACTURE_C
-#ifndef ACCUMULATE_SELF_HEAL_TIMER
+#if !ACCUMULATE_SELF_HEAL_TIMER
     needs_block = TRUE;
 #else
     needs_block = FALSE;
@@ -3153,7 +3153,7 @@ skip_session_process:
         BLOCK_SKIP_READ(skip_accumulate_self_heal_timer_2, needs_block, buffer, size,
                         "Volatile state", "s_selfHealTimer.2");
     }
-#ifndef ACCUMULATE_SELF_HEAL_TIMER
+#if !ACCUMULATE_SELF_HEAL_TIMER
     if (rc == TPM_RC_SUCCESS) {
         rc = UINT64_Unmarshal(&s_selfHealTimer, buffer, size); /* line 975 */
     }

src/tpm2/StartupCommands.c

@@ -300,7 +300,7 @@ TPM2_Shutdown(
     PCRStateSave(in->shutdownType);
     // Save RAM backed NV index data
     NvUpdateIndexOrderlyData();
-#ifdef ACCUMULATE_SELF_HEAL_TIMER
+#if ACCUMULATE_SELF_HEAL_TIMER
     // Save the current time value
     go.time = g_time;
 #endif

src/tpm2/TpmBuildSwitches.h

@@ -196,11 +196,15 @@
 //#   define NO_FAIL_TRACE
 #endif
 #endif // NDEBUG
-/* If the implementation is going to give lockout time credit for time up to the last orderly
-   shutdown, then uncomment this variable */
-#ifndef ACCUMULATE_SELF_HEAL_TIMER
-#define ACCUMULATE_SELF_HEAL_TIMER
-#endif // ACCUMULATE_SELF_HEAL_TIMER
+
+/* Indicate if the implementation is going to give lockout time credit for time up to the last
+   orderly shutdown. */
+#if !(defined ACCUMULATE_SELF_HEAL_TIMER)				\
+    || ((ACCUMULATE_SELF_HEAL_TIMER != NO) && (ACCUMULATE_SELF_HEAL_TIMER != YES))
+#   undef   ACCUMULATE_SELF_HEAL_TIMER
+#   define  ACCUMULATE_SELF_HEAL_TIMER      YES       // Default: Either YES or NO
+#endif
+
 /* If the implementation is to compute the sizes of the proof and primary seed size values based on
    the implemented algorithms, then use this define. */
 #if !(defined USE_SPEC_COMPLIANT_PROOFS)				\