diff options
Diffstat (limited to 'tpm2d')
| -rw-r--r-- | tpm2d/tpm2.c | 27 | ||||
| -rw-r--r-- | tpm2d/tpm2daemon.c | 20 |
2 files changed, 22 insertions, 25 deletions
diff --git a/tpm2d/tpm2.c b/tpm2d/tpm2.c index 3e908ddb1..d0b32ed35 100644 --- a/tpm2d/tpm2.c +++ b/tpm2d/tpm2.c @@ -695,8 +695,8 @@ TPM_RC tpm2_SensitiveToDuplicate (TPMT_SENSITIVE *s, { TPMT_HA hash; const int hlen = TSS_GetDigestSize (nalg); - TPM2B *digest = (TPM2B *)buf; - TPM2B *s2b; + BYTE *digest; + BYTE *s2b; int32_t size; unsigned char null_iv[AES_128_BLOCK_SIZE_BYTES]; UINT16 bsize, written = 0; @@ -707,13 +707,12 @@ TPM_RC tpm2_SensitiveToDuplicate (TPMT_SENSITIVE *s, memset (null_iv, 0, sizeof (null_iv)); /* reserve space for hash before the encrypted sensitive */ - bsize = sizeof (digest->size) + hlen; - buf += bsize; + digest = buf; + bsize = sizeof (uint16_t /* TPM2B.size */) + hlen; p->size += bsize; - s2b = (TPM2B *)buf; + s2b = digest + bsize; /* marshal the digest size */ - buf = (BYTE *)&digest->size; bsize = hlen; size = 2; TSS_UINT16_Marshal (&bsize, &written, &buf, &size); @@ -721,13 +720,13 @@ TPM_RC tpm2_SensitiveToDuplicate (TPMT_SENSITIVE *s, /* marshal the unencrypted sensitive in place */ size = sizeof (*s); bsize = 0; - buf = s2b->buffer; + buf = s2b + offsetof (TPM2B, buffer); TSS_TPMT_SENSITIVE_Marshal (s, &bsize, &buf, &size); - buf = (BYTE *)&s2b->size; + buf = s2b; size = 2; TSS_UINT16_Marshal (&bsize, &written, &buf, &size); - bsize = bsize + sizeof (s2b->size); + bsize = bsize + sizeof (uint16_t /* TPM2B.size */); p->size += bsize; /* compute hash of unencrypted marshalled sensitive and @@ -736,7 +735,7 @@ TPM_RC tpm2_SensitiveToDuplicate (TPMT_SENSITIVE *s, TSS_Hash_Generate (&hash, bsize, s2b, name->size, name->name, 0, NULL); - memcpy (digest->buffer, &hash.digest, hlen); + memcpy (digest + offsetof (TPM2B, buffer), &hash.digest, hlen); gcry_cipher_open (&hd, GCRY_CIPHER_AES128, GCRY_CIPHER_MODE_CFB, GCRY_CIPHER_SECURE); gcry_cipher_setiv (hd, null_iv, sizeof (null_iv)); @@ -749,20 +748,20 @@ TPM_RC tpm2_SensitiveToDuplicate (TPMT_SENSITIVE *s, else if (symdef->algorithm == TPM_ALG_NULL) { /* Code is for debugging only, should never be used in production */ - TPM2B *s2b = (TPM2B *)buf; + BYTE *s2b = buf; int32_t size = sizeof (*s); UINT16 bsize = 0, written = 0; log_error ("Secret key sent to TPM unencrypted\n"); - buf = s2b->buffer; + buf = s2b + offsetof (TPM2B, buffer); /* marshal the unencrypted sensitive in place */ TSS_TPMT_SENSITIVE_Marshal (s, &bsize, &buf, &size); - buf = (BYTE *)&s2b->size; + buf = s2b; size = 2; TSS_UINT16_Marshal (&bsize, &written, &buf, &size); - p->size += bsize + sizeof (s2b->size); + p->size += bsize + sizeof (uint16_t /* TPM2B.size */); } else { diff --git a/tpm2d/tpm2daemon.c b/tpm2d/tpm2daemon.c index b4e6f66e7..8e16e931a 100644 --- a/tpm2d/tpm2daemon.c +++ b/tpm2d/tpm2daemon.c @@ -192,9 +192,6 @@ static gnupg_fd_t create_server_socket (const char *name, static void *start_connection_thread (void *arg); static void handle_connections (gnupg_fd_t listen_fd); -/* Pth wrapper function definitions. */ -ASSUAN_SYSTEM_NPTH_IMPL; - static int active_connections; @@ -368,7 +365,6 @@ main (int argc, char **argv ) malloc_hooks.free = gcry_free; assuan_set_malloc_hooks (&malloc_hooks); assuan_set_gpg_err_source (GPG_ERR_SOURCE_DEFAULT); - assuan_set_system_hooks (ASSUAN_SYSTEM_NPTH); assuan_sock_init (); setup_libassuan_logging (&opt.debug, NULL); @@ -599,6 +595,7 @@ main (int argc, char **argv ) npth_init (); gpgrt_set_syscall_clamp (npth_unprotect, npth_protect); + assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL); /* If --debug-allow-core-dump has been given we also need to switch the working directory to a place where we can actually @@ -740,6 +737,7 @@ main (int argc, char **argv ) npth_init (); gpgrt_set_syscall_clamp (npth_unprotect, npth_protect); + assuan_control (ASSUAN_CONTROL_REINIT_SYSCALL_CLAMP, NULL); /* Detach from tty and put process into a new session. */ if (!nodetach ) @@ -1012,7 +1010,7 @@ start_connection_thread (void *arg) && assuan_sock_check_nonce (ctrl->thread_startup.fd, &socket_nonce)) { log_info (_("error reading nonce on fd %d: %s\n"), - FD2INT (ctrl->thread_startup.fd), strerror (errno)); + FD_DBG (ctrl->thread_startup.fd), strerror (errno)); assuan_sock_close (ctrl->thread_startup.fd); xfree (ctrl); return NULL; @@ -1023,7 +1021,7 @@ start_connection_thread (void *arg) tpm2d_init_default_ctrl (ctrl); if (opt.verbose) log_info (_("handler for fd %d started\n"), - FD2INT (ctrl->thread_startup.fd)); + FD_DBG (ctrl->thread_startup.fd)); /* If this is a pipe server, we request a shutdown if the command handler asked for it. With the next ticker event and given that @@ -1035,7 +1033,7 @@ start_connection_thread (void *arg) if (opt.verbose) log_info (_("handler for fd %d terminated\n"), - FD2INT (ctrl->thread_startup.fd)); + FD_DBG (ctrl->thread_startup.fd)); tpm2d_deinit_default_ctrl (ctrl); xfree (ctrl); @@ -1154,7 +1152,7 @@ handle_connections (gnupg_fd_t listen_fd) if (listen_fd != GNUPG_INVALID_FD) { FD_SET (FD2INT (listen_fd), &fdset); - nfd = FD2INT (listen_fd); + nfd = FD2NUM (listen_fd); } for (;;) @@ -1238,8 +1236,8 @@ handle_connections (gnupg_fd_t listen_fd) gnupg_fd_t fd; plen = sizeof paddr; - fd = INT2FD (npth_accept (FD2INT (listen_fd), - (struct sockaddr *)&paddr, &plen)); + fd = assuan_sock_accept (listen_fd, + (struct sockaddr *)&paddr, &plen); if (fd == GNUPG_INVALID_FD) { log_error ("accept failed: %s\n", strerror (errno)); @@ -1255,7 +1253,7 @@ handle_connections (gnupg_fd_t listen_fd) char threadname[50]; npth_t thread; - snprintf (threadname, sizeof threadname, "conn fd=%d", FD2INT (fd)); + snprintf (threadname, sizeof threadname, "conn fd=%d", FD_DBG (fd)); ctrl->thread_startup.fd = fd; ret = npth_create (&thread, &tattr, start_connection_thread, ctrl); if (ret) |