1 --- src/tcs/tcs_auth_mgr.c.old	Mon Aug  3 12:19:13 2009

     2 +++ src/tcs/tcs_auth_mgr.c	Thu Nov 12 13:26:02 2009

     3 @@ -28,7 +28,6 @@

     4  

     5  MUTEX_DECLARE_EXTERN(tcsp_lock);

     6  

     7 -

     8  /* Note: The after taking the auth_mgr_lock in any of the functions below, the

     9   * mem_cache_lock cannot be taken without risking a deadlock. So, the auth_mgr

    10   * functions must be "self-contained" wrt locking */

    11 @@ -80,7 +79,7 @@

    12  TSS_RESULT

    13  auth_mgr_save_ctx(TCS_CONTEXT_HANDLE hContext)

    14  {

    15 -	TSS_RESULT result;

    16 +	TSS_RESULT result = TSS_SUCCESS;

    17  	UINT32 i;

    18  

    19  	for (i = 0; i < auth_mgr.auth_mapper_size; i++) {

    20 @@ -87,7 +86,6 @@

    21  		if (auth_mgr.auth_mapper[i].full == TRUE &&

    22  		    auth_mgr.auth_mapper[i].swap == NULL &&

    23  		    auth_mgr.auth_mapper[i].tcs_ctx != hContext) {

    24 -

    25  			LogDebug("Calling TPM_SaveAuthContext for TCS CTX %x. Swapping out: TCS %x "

    26  				 "TPM %x", hContext, auth_mgr.auth_mapper[i].tcs_ctx,

    27  				 auth_mgr.auth_mapper[i].tpm_handle);

    28 @@ -98,12 +96,11 @@

    29  				LogDebug("TPM_SaveAuthContext failed: 0x%x", result);

    30  				return result;

    31  			}

    32 -

    33 -			/* XXX should there be a break here? */

    34 +			break;

    35  		}

    36  	}

    37  

    38 -	return TSS_SUCCESS;

    39 +	return result;

    40  }

    41  

    42  /* if there's a TCS context waiting to get auth, wake it up or swap it in */

    43 @@ -218,8 +215,8 @@

    44  

    45  				/* Ok, probably dealing with a 1.1 TPM */

    46  				if (result == TPM_E_BAD_ORDINAL)

    47 -				      result = internal_TerminateHandle(

    48 -									auth_mgr.auth_mapper[i].tpm_handle);

    49 +					result = internal_TerminateHandle(

    50 +					    auth_mgr.auth_mapper[i].tpm_handle);

    51  

    52  				if (result == TCPA_E_INVALID_AUTHHANDLE) {

    53  					LogDebug("Tried to close an invalid auth handle: %x",

    54 @@ -228,10 +225,14 @@

    55  					LogDebug("TPM_TerminateHandle returned %d", result);

    56  				}

    57  			}

    58 +			/* clear the slot */

    59  			auth_mgr.open_auth_sessions--;

    60  			auth_mgr.auth_mapper[i].full = FALSE;

    61 +			auth_mgr.auth_mapper[i].tpm_handle = 0;

    62 +			auth_mgr.auth_mapper[i].tcs_ctx = 0;

    63  			LogDebug("released auth for TCS %x TPM %x", tcs_handle,

    64 -				 auth_mgr.auth_mapper[i].tpm_handle);

    65 +				auth_mgr.auth_mapper[i].tpm_handle);

    66 +

    67  			auth_mgr_swap_in();

    68  		}

    69  	}

    70 @@ -264,14 +265,22 @@

    71  		    auth_mgr.auth_mapper[i].tpm_handle == tpm_auth_handle &&

    72  		    auth_mgr.auth_mapper[i].tcs_ctx == tcs_handle) {

    73  			if (!cont) {

    74 -				/* Only termininate when not in use anymore */

    75 -				result = TCSP_FlushSpecific_Common(auth_mgr.auth_mapper[i].tpm_handle,

    76 -								   TPM_RT_AUTH);

    77 +				/*

    78 +				 * This function should not be necessary, but

    79 +				 * if the main operation resulted in an error,

    80 +				 * the TPM may still hold the auth handle

    81 +				 * and it must be freed.  Most of the time

    82 +				 * this call will result in TPM_E_INVALID_AUTHHANDLE

    83 +				 * error which can be ignored.

    84 +				 */

    85 +				result = TCSP_FlushSpecific_Common(

    86 +				    auth_mgr.auth_mapper[i].tpm_handle,

    87 +				    TPM_RT_AUTH);

    88  

    89  				/* Ok, probably dealing with a 1.1 TPM */

    90  				if (result == TPM_E_BAD_ORDINAL)

    91 -				      result = internal_TerminateHandle(

    92 -									auth_mgr.auth_mapper[i].tpm_handle);

    93 +					result = internal_TerminateHandle(

    94 +					    auth_mgr.auth_mapper[i].tpm_handle);

    95  

    96  				if (result == TCPA_E_INVALID_AUTHHANDLE) {

    97  					LogDebug("Tried to close an invalid auth handle: %x",

    98 @@ -279,12 +288,22 @@

    99  				} else if (result != TCPA_SUCCESS) {

   100  					LogDebug("TPM_TerminateHandle returned %d", result);

   101  				}

   102 +

   103 +				if (result == TPM_SUCCESS) {

   104 +					LogDebug("released auth for TCS %x TPM %x",

   105 +						 auth_mgr.auth_mapper[i].tcs_ctx, tpm_auth_handle);

   106 +				}

   107 +				/*

   108 +				 * Mark it as released, the "cont" flag indicates

   109 +				 * that it is no longer needed.

   110 +				 */

   111 +				auth_mgr.open_auth_sessions--;

   112 +				auth_mgr.auth_mapper[i].full = FALSE;

   113 +				auth_mgr.auth_mapper[i].tpm_handle = 0;

   114 +				auth_mgr.auth_mapper[i].tcs_ctx = 0;

   115 +				auth_mgr_swap_in();

   116  			}

   117 -			auth_mgr.open_auth_sessions--;

   118 -			auth_mgr.auth_mapper[i].full = FALSE;

   119 -			LogDebug("released auth for TCS %x TPM %x",

   120 -				 auth_mgr.auth_mapper[i].tcs_ctx, tpm_auth_handle);

   121 -			auth_mgr_swap_in();

   122 +			/* If the cont flag is TRUE, we have to keep the handle */

   123  		}

   124  	}

   125  

   126 @@ -563,4 +582,3 @@

   127  

   128  	return result;

   129  }

   130 -