New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 693749 link

Starred by 1 user
Status: Archived
Owner:
apronin@chromium.org
Closed: Mar 2017
Cc:
dkrahn@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 2
Type: Bug



Sign in to add a comment

cryptohome: tpm2: don't re-interpret response codes that don't have equivalent tpm errors

Project Member Reported by apronin@chromium.org, Feb 17 2017 
After CL:436767, for TPM2 cryptohome always strips the layer mask (the upper 20 bits) of the response code when determining the correct retry action.

That should be done only for the layers that put spec-defined TPM_RC error codes in the lower 12 bits, which currently are the hardware TPM itself and the Resource Manager.

Other layers currently don't produce overlapping error codes in the lower 12 bits, but may start doing so in the future.
Project Member

Comment 1 by bugdroid1@chromium.org, Mar 2 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/platform2/+/0ee79fcaf0ff734fa62442f5c3ce03a627cae472

commit 0ee79fcaf0ff734fa62442f5c3ce03a627cae472
Author: Andrey Pronin <apronin@chromium.org>
Date: Thu Mar 02 21:20:48 2017

cryptohome: fix response code masks for retry actions for tpm2

After CL:436767, for TPM2 cryptohome always strips the layer code
(the upper 20 bits) of the response code when determining the
correct retry action. But that should be done only for the layers
that put spec-defined TPM_RC error codes in the lower 12 bits.

Strip the layer code only for such layers: hardware TPM itself and
Resource Manager.

BUG= chromium:693749 
TEST=1) Boot, login, logout.
     2) restart trunksd
     3) Login. The system should let the user back in.

Change-Id: I82f9759d17b6962b03c4c2bbb6d8cf2a3550bba5
Reviewed-on: https://chromium-review.googlesource.com/444851
Commit-Ready: Andrey Pronin <apronin@chromium.org>
Tested-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Ben Chan <benchan@chromium.org>

[modify] https://crrev.com/0ee79fcaf0ff734fa62442f5c3ce03a627cae472/cryptohome/tpm2_test.cc
[modify] https://crrev.com/0ee79fcaf0ff734fa62442f5c3ce03a627cae472/cryptohome/tpm2_impl.cc

Comment 2 by apronin@chromium.org, Mar 2 2017

Status: Fixed (was: Started)

Comment 3 by dchan@google.com, May 30 2017

Labels: VerifyIn-60

Comment 4 by dchan@chromium.org, Aug 1 2017

Labels: VerifyIn-61

Comment 5 by dchan@chromium.org, Jan 22 2018

Status: Archived (was: Fixed)

Sign in to add a comment