tpm: Don't call tpm_set_failure() from tpm_log_extend_event()

The 16bit BIOS interface shouldn't be able to shutdown the TPM.  Move
the check for tpm_is_working() and tpm_set_failure() to the only
caller of tpm_log_extend_event() that may shutdown the TPM.

Signed-off-by: Kevin O'Connor <kevin@koconnor.net>

diff --git a/src/tcgbios.c b/src/tcgbios.c
index 8e77bbec2b74af356938fe7788daa36ad4497fd8..b681b4a70e08c1b0e7bd0442e26bba0ddff05b58 100644 (file)
--- a/src/tcgbios.c
+++ b/src/tcgbios.c
@@ -288,9 +288,6 @@ determine_timeouts(void)
 static u32
 tpm_log_extend_event(struct pcpes *pcpes, const void *event)
 {
-    if (!tpm_is_working())
-        return TCG_GENERAL_ERROR;
-
     if (pcpes->pcrindex >= 24)
         return TCG_INVALID_INPUT_PARA;
 
@@ -306,15 +303,10 @@ tpm_log_extend_event(struct pcpes *pcpes, const void *event)
     u32 resp_length = sizeof(rsp);
     u32 rc = tpmhw_transmit(0, &tre.hdr, &rsp, &resp_length,
                             TPM_DURATION_TYPE_SHORT);
-    if (rc || resp_length != sizeof(rsp)) {
-        tpm_set_failure();
-        return rc;
-    }
+    if (rc || resp_length != sizeof(rsp) || rsp.hdr.errcode)
+        return rc ?: TCG_TCG_COMMAND_ERROR;
 
-    rc = tpm_log_event(pcpes, event);
-    if (rc)
-        tpm_set_failure();
-    return rc;
+    return tpm_log_event(pcpes, event);
 }
 
 static void
@@ -341,13 +333,18 @@ tpm_add_measurement_to_log(u32 pcrindex, u32 event_type,
                            const char *event, u32 event_length,
                            const u8 *hashdata, u32 hashdata_length)
 {
+    if (!tpm_is_working())
+        return;
+
     struct pcpes pcpes = {
         .pcrindex = pcrindex,
         .eventtype = event_type,
         .eventdatasize = event_length,
     };
     tpm_fill_hash(&pcpes, hashdata, hashdata_length);
-    tpm_log_extend_event(&pcpes, event);
+    u32 rc = tpm_log_extend_event(&pcpes, event);
+    if (rc)
+        tpm_set_failure();
 }