Utility for flushing active TPM handles. #8
Conversation
…ll active handles and flush them from the TPM
|
Move the files to a separate directory under |
|
The code should make it more obvious instead of using an opaque constant. |
tpm2tools/flush_active_handles.go
Outdated
| // FlushActiveHandles calls FlushContext() on all active handles within the | ||
| // TPM at io.ReadWriter rw. Returns nil if successful or TPM has no active | ||
| // handles. | ||
| func FlushActiveHandles(rw io.ReadWriter) error { |
There was a problem hiding this comment.
As @awly said, flushing all transient handles is best put in as a standalone binary. The function to list all handles of a specific type; however, should be a library function.
* Implement LoadExternal Add integration test, without loading private key * Implement Certify This does not work yet! Committing to keep the changes, for some other work. * Refactor encodePasswordAuthArea Use correct size of inputs, support multiple password sessions. * Make Certify work Fix CreatePrimary with signing keys Fix LoadExternal with private key Fix integration test for certifying a TPM key Add integration test for certifying externally-loaded key * Unify TPM2B_PUBLIC parsing and check Certify signatures Also add handling for default RSA key exponent returned from TPM. * Add doc comment to Certify * Address review comments - Fix grammar - Add comment about big.Int and TPM endianness - Add a const for empty passwords in tests - Increase RSA key size - Extract anonymous struct in Certify into named one * Add README with instructions on running tests * Merge an if statement
…es main under cmd/
…ogle/... Fixed up some comments.
|
Ready for another look. |
cmd/flush_handles.go
Outdated
| for _, handleType := range handleTypes { | ||
| err = flushHandlesOfType(rw, handleType) | ||
| if err != nil { | ||
| log.Fatalf("%v", err) |
There was a problem hiding this comment.
log.Fatal will prevent any deferred calls. Move OpenTPM + this loop to another func that returns an error. That way deferred rw.Close can run before log.Fatal
tpm2tools/handles.go
Outdated
| } | ||
| handles := make([]tpmutil.Handle, len(vals)) | ||
| for i, v := range vals { | ||
| handles[i] = v.(tpmutil.Handle) |
cmd/flush_handles.go
Outdated
| for _, handleType := range handleTypes { | ||
| err = flushHandlesOfType(rw, handleType) | ||
| if err != nil { | ||
| log.Fatalf("%v", err) |
tpm2tools/handles.go
Outdated
| } | ||
| handles := make([]tpmutil.Handle, len(vals)) | ||
| for i, v := range vals { | ||
| handles[i] = v.(tpmutil.Handle) |
cmd/flush_handles_test.go
Outdated
| {false, false, false, true, []tpm2.HandleType{tpm2.HandleTypeTransient, tpm2.HandleTypeLoadedSession, tpm2.HandleTypeSavedSession}}, | ||
| } { | ||
| // Overwrite flag pointer values. | ||
| flushTransient = &test.flushTransientFlag |
There was a problem hiding this comment.
TL;DR: avoid global state (including flags) whenever possible.
Generally speaking, tests shouldn't know about flags at all (unless you test flag parsing).
Flags are func main-level concern and all other code should get configuration passed explicitly through func arguments or struct fields.
Looking outside of their context into the global vars (which get set through flags at runtime) makes testing harder: you can't parallelize tests that read flags due to memory safety, you must remember to clean up modified values to make tests order-independent.
However, this program is not production-critical so we don't need to be so strict about code structure or testing.
| t.Fatal(err) | ||
| } | ||
| if len(h) != 0 { | ||
| t.Fatalf("Simulator should be empty of transient handles; got: %d", len(h)) |
There was a problem hiding this comment.
Fixed I think?
| t.Fatal(err) | ||
| } | ||
| if len(h) != 0 { | ||
| t.Fatalf("Simulator should be empty of transient handles; got: %d", len(h)) |
There was a problem hiding this comment.
Fixed I think?
There was a problem hiding this comment.
Most of @josephlr 's suggestions and changes have been implemented. Sorry this is my first Github PR. I am just learning how to do these sub-review things.
tpm2tools/flush_active_handles.go
Outdated
| // FlushActiveHandles calls FlushContext() on all active handles within the | ||
| // TPM at io.ReadWriter rw. Returns nil if successful or TPM has no active | ||
| // handles. | ||
| func FlushActiveHandles(rw io.ReadWriter) error { |
| } | ||
| defer simulator.Close() | ||
|
|
||
| // Loads then flushes 1, 2, ...maxHandles handles. |
There was a problem hiding this comment.
It only loads in transient handles. I kind of like looping load then flush. It helped me identify bugs in the past where I returned incorrect numbers of handles.
|
LGTM, leaving this up to @josephlr |
| public := tpm2.Public{ | ||
| Type: tpm2.AlgRSA, | ||
| NameAlg: tpm2.AlgSHA1, | ||
| Attributes: tpm2.FlagSign | tpm2.FlagSensitiveDataOrigin | tpm2.FlagUserWithAuth, |
There was a problem hiding this comment.
SensitiveDataOrigin doesn't make sense in this context. I'm disappointed if this is not an error.
There was a problem hiding this comment.
Its not haha. But removed.
Implement autotools build for TPM and Platform code
Reads all active handles through a call to the TPM
rw:Then flushes those handles with
tpm2.FlushContext(...).I am not 100% certain on the magic const
0x80000000used in GetCapability but it appears to work correctly. I found it here: https://github.com/google/go-tpm/blob/master/tpm2/tpm2_test.go#L135