Added code to work around key load failures.
If a key is evicted it may not be possible to reload it. In this case
tcsd will return TCS_E_KM_LOADFAILED from an operation that uses a
private key. The workaround is to unload and load the key again with a
new handle. In order to isolate the handle churn to a single layer,
TSS handles are virtualized in TPMUtilityImpl.
BUG=chrome-os-partner:13878
TEST=Ran all unit tests and relevant autotests.
Manually attempted to reproduced the problem and verified that the
reload logic was operating correctly. This condition is evidenced
by a warning in the syslog: "TCS load failure: attempting to reload
key.".
Change-Id: I3961456db3ac383a2721a9d0c102a4ae3dac1642
Reviewed-on: https://gerrit.chromium.org/gerrit/33023
Reviewed-by: Kees Cook <keescook@chromium.org>
Commit-Ready: Darren Krahn <dkrahn@chromium.org>
Tested-by: Darren Krahn <dkrahn@chromium.org>
2 files changed