> On 5 Apr 2024, at 01:49, James Bottomley
> <[email protected]> wrote:
>
> The reality is that unless you context save a session, you don't need
> degapping and pretty much every TSS based use of sessions doesn't need
> to save them, so people who construct TPM based systems rarely run into
> this.
This is the odd part - I'm *not* context saving sessions here.
Running `target/debug/examples/hmac`
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: HrLoaded, value: 0 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: HrLoadedAvail, value: 3 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: HrActive, value: 1 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: HrActiveAvail, value: 63 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: ActiveSessionsMax, value: 64 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: ContextGapMax, value: 255 }] })
Running `target/debug/examples/hmac`
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: HrLoaded, value: 0 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: HrLoadedAvail, value: 3 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: HrActive, value: 1 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: HrActiveAvail, value: 63 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: ActiveSessionsMax, value: 64 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: ContextGapMax, value: 255 }] })
Running `target/debug/examples/hmac`
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: HrLoaded, value: 0 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: HrLoadedAvail, value: 3 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: HrActive, value: 1 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: HrActiveAvail, value: 63 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: ActiveSessionsMax, value: 64 }] })
true: TpmProperties(TaggedTpmPropertyList { tagged_tpm_properties:
[TaggedProperty { property: ContextGapMax, value: 255 }] })
I could be completely wrong, but my reading of the specification is that
HrActive/HrLoaded are the values of interest here, and we can see they remain
at 0/1 for each test as the sessions and loaded objects are removed at the end
of each test.
And yet, I'm running into the error 0x0901. So something else is going on that
I'm not 100% sure about.
--
Sincerely,
William Brown
Senior Software Engineer,
Identity and Access Management
SUSE Labs, Australia
