[Tboot-changelog] changeset in tboot.hg: Don't zap s3_key in tboot shared page if ...

[Gang W. <gan...@in...>]

changeset 2f5c5709ef59 in /var/www/tboot.hg
details: tboot.hg?cmd=changeset;node=2f5c5709ef59
description:
	Don't zap s3_key in tboot shared page if sealing failed due to tpm unowned

	Otherwise, in tpm unowned case, Xen will get a memory integrity lost panic due to zapped s3_key which could not be unsealed because it is never sealed successfully.

	Signed-off-by: Gang Wei <gan...@in...>

diffstat:

 tboot/common/tboot.c |  9 ++++++---
 1 files changed, 6 insertions(+), 3 deletions(-)

diffs (19 lines):

diff -r e933940b512c -r 2f5c5709ef59 tboot/common/tboot.c
--- a/tboot/common/tboot.c	Wed Sep 28 15:02:36 2011 -0700
+++ b/tboot/common/tboot.c	Fri Sep 30 15:02:33 2011 +0800
@@ -483,9 +483,12 @@
         /* create and seal memory integrity measurement */
         if ( !seal_post_k_state() )
             apply_policy(TB_ERR_S3_INTEGRITY);
-
-        /* wipe S3 key from memory now that it is sealed */
-        memset(_tboot_shared.s3_key, 0, sizeof(_tboot_shared.s3_key));
+            /* OK to leave key in memory on failure since if user cared they
+               would have policy that doesn't continue for TB_ERR_S3_INTEGRITY
+               error */
+        else
+            /* wipe S3 key from memory now that it is sealed */
+            memset(_tboot_shared.s3_key, 0, sizeof(_tboot_shared.s3_key));
     }
 
     /* cap dynamic PCRs extended as part of launch (17, 18, ...) */