Skip to content

Commit

Permalink
FAPI: Fix cleanup of policy sessions.
Browse files Browse the repository at this point in the history
Policy sessions were not flushed if the policy session
was successfully executed but the command where the policy
was used for authorization was executed with an error.
For the session cleanup in error cases it will be tested
whethe the policy session still exists in the TPM.
Fixes: #2784

Signed-off-by: Juergen Repp <juergen_repp@web.de>
  • Loading branch information
JuergenReppSIT committed Mar 11, 2024
1 parent 638f187 commit a516076
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 2 deletions.
41 changes: 40 additions & 1 deletion src/tss2-fapi/fapi_util.c
Original file line number Diff line number Diff line change
Expand Up @@ -1197,6 +1197,11 @@ ifapi_non_tpm_mode_init(FAPI_CONTEXT *context)
void
ifapi_session_clean(FAPI_CONTEXT *context)
{
TPM2_HANDLE tpm_policy_handle;
TPMI_YES_NO moreData;
TPMS_CAPABILITY_DATA *capabilityData = NULL;
bool handle_found = false;

if (context->session1 != ESYS_TR_NONE && context->session1 != ESYS_TR_PASSWORD) {
if (context->session1 == context->session2) {
context->session2 = ESYS_TR_NONE;
Expand All @@ -1209,8 +1214,41 @@ ifapi_session_clean(FAPI_CONTEXT *context)
if (context->session2 != ESYS_TR_NONE) {
if (Esys_FlushContext(context->esys, context->session2) != TSS2_RC_SUCCESS) {
LOG_ERROR("Cleanup session failed.");
context->session2 = ESYS_TR_NONE;
}
context->session2 = ESYS_TR_NONE;
}

if (context->policy_session &&
context->policy_session != ESYS_TR_NONE) {
if (Esys_TR_GetTpmHandle(context->esys, context->policy_session, &tpm_policy_handle)) {
LOG_ERROR("Cleanup policy_session could not get TPM handle.");
} else {
/* Check whether policy session still exists. */
if (Esys_GetCapability(context->esys,
ESYS_TR_NONE, ESYS_TR_NONE, ESYS_TR_NONE,
TPM2_CAP_HANDLES, TPM2_LOADED_SESSION_FIRST , TPM2_MAX_CAP_HANDLES, &moreData,
&capabilityData)) {
LOG_ERROR("Cleanup policy_session could not check TPM handle.");
} else {
/* Loop is used because usage of tpm_policy_handle instead of TPM2_LOADED_SESSION_FIRST
for get capability did not work. If the handle is not found and moreData is set
the flush will also be executed. */
for (uint32_t i = 0; i < capabilityData->data.handles.count; i++) {
if (capabilityData->data.handles.handle[i] == tpm_policy_handle) {
handle_found = true;
}
}
if (handle_found || moreData) {
SAFE_FREE(capabilityData);
if (Esys_FlushContext(context->esys, context->policy_session) != TSS2_RC_SUCCESS) {
LOG_ERROR("Cleanup policy_session failed.");
}
} else {
SAFE_FREE(capabilityData);
}
}
}
context->policy_session = ESYS_TR_NONE;
}
if (!context->srk_persistent && context->srk_handle != ESYS_TR_NONE) {
if (Esys_FlushContext(context->esys, context->srk_handle) != TSS2_RC_SUCCESS) {
Expand Down Expand Up @@ -2174,6 +2212,7 @@ ifapi_authorize_object(FAPI_CONTEXT *context, IFAPI_OBJECT *object, ESYS_TR *ses

return_if_error(r, "Execute policy.");

context->policy_session = *session;
r = Esys_TRSess_GetAuthRequired(context->esys, *session,
&auth_required);
return_if_error(r, "GetAuthRequired");
Expand Down
3 changes: 2 additions & 1 deletion src/tss2-fapi/ifapi_policy_execute.c
Original file line number Diff line number Diff line change
Expand Up @@ -1910,7 +1910,8 @@ ifapi_policyeval_execute(
return_try_again(r);

if (r != TSS2_RC_SUCCESS) {
if (do_flush) {
if (do_flush && current_policy->session &&
current_policy->session != ESYS_TR_NONE) {
Esys_FlushContext(esys_ctx, current_policy->session);
}
ifapi_free_node_list(current_policy->policy_elements);
Expand Down

0 comments on commit a516076

Please sign in to comment.