From: Gang W. <gan...@in...> - 2011-10-13 15:34:54
|
changeset d03f2f19188e in /var/www/tboot.hg details: tboot.hg?cmd=changeset;node=d03f2f19188e description: Move apply_policy() call into txt_post_launch() To make sure the secret flags are set if policy choose continue for txt_post_launch_verify_platform() failure. Signed-off-by: Gang Wei <gan...@in...> diffstat: tboot/common/tboot.c | 3 +-- tboot/include/txt/txt.h | 2 +- tboot/txt/txt.c | 9 +++------ 3 files changed, 5 insertions(+), 9 deletions(-) diffs (58 lines): diff -r 2f5c5709ef59 -r d03f2f19188e tboot/common/tboot.c --- a/tboot/common/tboot.c Fri Sep 30 15:02:33 2011 +0800 +++ b/tboot/common/tboot.c Thu Oct 13 23:30:18 2011 +0800 @@ -147,8 +147,7 @@ printk("measured launch succeeded\n"); - err = txt_post_launch(); - apply_policy(err); + txt_post_launch(); /* backup DMAR table */ save_vtd_dmar_table(); diff -r 2f5c5709ef59 -r d03f2f19188e tboot/include/txt/txt.h --- a/tboot/include/txt/txt.h Fri Sep 30 15:02:33 2011 +0800 +++ b/tboot/include/txt/txt.h Thu Oct 13 23:30:18 2011 +0800 @@ -44,7 +44,7 @@ extern tb_error_t txt_verify_platform(void); extern bool txt_prepare_cpu(void); extern tb_error_t txt_launch_environment(multiboot_info_t *mbi); -extern tb_error_t txt_post_launch(void); +extern void txt_post_launch(void); extern tb_error_t txt_protect_mem_regions(void); extern tb_error_t txt_post_launch_verify_platform(void); extern bool txt_s3_launch_environment(void); diff -r 2f5c5709ef59 -r d03f2f19188e tboot/txt/txt.c --- a/tboot/txt/txt.c Fri Sep 30 15:02:33 2011 +0800 +++ b/tboot/txt/txt.c Thu Oct 13 23:30:18 2011 +0800 @@ -630,7 +630,7 @@ return true; } -tb_error_t txt_post_launch(void) +void txt_post_launch(void) { txt_heap_t *txt_heap; os_mle_data_t *os_mle_data; @@ -664,9 +664,8 @@ /* restore pre-SENTER MTRRs that were overwritten for SINIT launch */ restore_mtrrs(&(os_mle_data->saved_mtrr_state)); - /* now, if there was an error, return it */ - if ( err != TB_ERR_NONE ) - return err; + /* now, if there was an error, apply policy */ + apply_policy(err); /* always set the TXT.CMD.SECRETS flag */ write_priv_config_reg(TXTCR_CMD_SECRETS, 0x01); @@ -677,8 +676,6 @@ write_priv_config_reg(TXTCR_CMD_OPEN_LOCALITY1, 0x01); read_priv_config_reg(TXTCR_E2STS); /* just a fence, so ignore return */ printk("opened TPM locality 1\n"); - - return TB_ERR_NONE; } void txt_cpu_wakeup(void) |