From ef633db826b4383d6dc681d07a688e648595ee42 Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Wed, 21 Nov 2012 11:06:24 -0800 Subject: CHERRY-PICK: mount-encrypted: report numeric results on TPM failure To help identify the specific failure conditions encountered when the TPM goes weird, report them any time they are encountered. BUG=chrome-os-partner:15960 TEST=daisy build, manual testing BRANCH=none Signed-off-by: Kees Cook Reviewed-on: https://gerrit.chromium.org/gerrit/38468 Reviewed-by: Darren Krahn (cherry picked from commit b08c46a0dad2c0eb2f8590a896bd09d3c01d43c6) Change-Id: I197fd069ac9dfd30fb7516712a1216c7e2800099 Signed-off-by: Kees Cook Reviewed-on: https://gerrit.chromium.org/gerrit/38873 Reviewed-by: Elly Jones --- utility/mount-encrypted.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/utility/mount-encrypted.c b/utility/mount-encrypted.c index 10263b72..7622cb4e 100644 --- a/utility/mount-encrypted.c +++ b/utility/mount-encrypted.c @@ -291,7 +291,8 @@ static int get_nvram_key(uint8_t *digest, int *migrate) /* Ignore unowned TPM's NVRAM area. */ result = tpm_owned(&owned); if (result != TPM_SUCCESS) { - INFO("Could not read TPM Permanent Flags."); + INFO("Could not read TPM Permanent Flags: error 0x%02x.", + result); return 0; } if (!owned) { @@ -314,7 +315,7 @@ static int get_nvram_key(uint8_t *digest, int *migrate) result = _read_nvram(value, sizeof(value), kLockboxIndex, size); if (result != TPM_SUCCESS) { /* No NVRAM area at all. */ - INFO("No NVRAM area defined."); + INFO("No NVRAM area defined: error 0x%02x", result); return 0; } /* Legacy NVRAM area. */ @@ -430,7 +431,7 @@ static int get_random_bytes_tpm(unsigned char *buffer, int wanted) result = TlclGetRandom(buffer + (wanted - remaining), remaining, &size); if (result != TPM_SUCCESS || size > remaining) { - ERROR("TPM GetRandom failed."); + ERROR("TPM GetRandom failed: error 0x%02x.", result); return 0; } remaining -= size; -- cgit v1.2.1