tpm: Do not set TPM in failure mode if menu command fails

Since we may detect that HW physical presence is enabled but we do not detect
whether it is actually asserted, we may fail on the TPM menu commands that
require the assertion of physical presence. We therefore cannot set the TPM
into failure mode if we hit this case. Failure should never occur in these
cases if SW physical presence has been asserted.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>

diff --git a/src/tcgbios.c b/src/tcgbios.c
index 31e14350ab3ff97758e340fa9d00d1f0a8e3f395..707742649b75c5868ac01feb7235ca9fd338f55c 100644 (file)
--- a/src/tcgbios.c
+++ b/src/tcgbios.c
@@ -952,20 +952,12 @@ enable_tpm(int enable, int verbose)
     ret = build_and_send_cmd(0, enable ? TPM_ORD_PhysicalEnable
                                        : TPM_ORD_PhysicalDisable,
                              NULL, 0, TPM_DURATION_TYPE_SHORT);
-    if (ret)
-        goto err_exit;
-
-    return 0;
-
-err_exit:
-    if (enable)
-        dprintf(DEBUG_tcg, "TCGBIOS: Enabling the TPM failed.\n");
-    else
-        dprintf(DEBUG_tcg, "TCGBIOS: Disabling the TPM failed.\n");
-
-    dprintf(DEBUG_tcg, "TCGBIOS: TPM malfunctioning (line %d).\n", __LINE__);
-
-    tpm_set_failure();
+    if (ret) {
+        if (enable)
+            dprintf(DEBUG_tcg, "TCGBIOS: Enabling the TPM failed.\n");
+        else
+            dprintf(DEBUG_tcg, "TCGBIOS: Disabling the TPM failed.\n");
+    }
     return ret;
 }
 
@@ -990,7 +982,7 @@ activate_tpm(int activate, int allow_reset, int verbose)
                                       : sizeof(CommandFlag_TRUE),
                              TPM_DURATION_TYPE_SHORT);
     if (ret)
-        goto err_exit;
+        return ret;
 
     if (activate && allow_reset) {
         if (verbose) {
@@ -1002,12 +994,6 @@ activate_tpm(int activate, int allow_reset, int verbose)
     }
 
     return 0;
-
-err_exit:
-    dprintf(DEBUG_tcg, "TCGBIOS: TPM malfunctioning (line %d).\n", __LINE__);
-
-    tpm_set_failure();
-    return ret;
 }
 
 static int
@@ -1045,7 +1031,7 @@ force_clear(int enable_activate_before, int enable_activate_after, int verbose)
     ret = build_and_send_cmd(0, TPM_ORD_ForceClear,
                              NULL, 0, TPM_DURATION_TYPE_SHORT);
     if (ret)
-        goto err_exit;
+        return ret;
 
     if (!enable_activate_after) {
         if (verbose)
@@ -1055,12 +1041,6 @@ force_clear(int enable_activate_before, int enable_activate_after, int verbose)
     }
 
     return enable_activate(1, verbose);
-
-err_exit:
-    dprintf(DEBUG_tcg, "TCGBIOS: TPM malfunctioning (line %d).\n", __LINE__);
-
-    tpm_set_failure();
-    return ret;
 }
 
 static int
@@ -1093,17 +1073,12 @@ set_owner_install(int allow, int verbose)
                              sizeof(CommandFlag_TRUE),
                              TPM_DURATION_TYPE_SHORT);
     if (ret)
-        goto err_exit;
+        return ret;
 
     if (verbose)
         printf("Installation of owner %s.\n", allow ? "enabled" : "disabled");
 
     return 0;
-
-err_exit:
-    dprintf(DEBUG_tcg, "TCGBIOS: TPM malfunctioning (line %d).\n", __LINE__);
-    tpm_set_failure();
-    return ret;
 }
 
 static int