The problem with auth session handles not being properly cleaned up is once
again
present in the 0.3.2 release. I had submitted a fix for this in 0.3.1 that
seemed
to work. I see some changes in the 0.3.2 code in the auth_mgr_close_context
function
but the problem still exists. The fix in 0.3.1 involved removing the check for
"auth_mgr.auth_mapper[i].full == TRUE" in auth_mgr_close_context. I recall
there
was some discussion about it not being the right place for the fix but don't
recall
seeing a better solution.
This is an important issue because it results in a DOS on the TPM that requires
a reboot to clear up.
This is the suggested fix:
--- src/tcs/tcs_auth_mgr.c.old Mon Aug 3 12:19:13 2009
+++ src/tcs/tcs_auth_mgr.c Tue Nov 10 07:45:58 2009
@@ -204,8 +204,7 @@
TSS_RESULT result;
for (i = 0; i < auth_mgr.auth_mapper_size; i++) {
- if (auth_mgr.auth_mapper[i].full == TRUE &&
- auth_mgr.auth_mapper[i].tcs_ctx == tcs_handle) {
+ if (auth_mgr.auth_mapper[i].tcs_ctx == tcs_handle) {
if (auth_mgr.auth_mapper[i].swap) {
/* This context is swapped out of the TPM, so
we can just free the
* blob */
@@ -228,8 +227,10 @@
LogDebug("TPM_TerminateHandle returned
%d", result);
}
}
- auth_mgr.open_auth_sessions--;
- auth_mgr.auth_mapper[i].full = FALSE;
+ if (auth_mgr.auth_mapper[i].full) {
+ auth_mgr.open_auth_sessions--;
+ auth_mgr.auth_mapper[i].full = FALSE;
+ }
LogDebug("released auth for TCS %x TPM %x", tcs_handle,
auth_mgr.auth_mapper[i].tpm_handle);
auth_mgr_swap_in();
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
TrouSerS-tech mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/trousers-tech
