rpms / tpm2-tools

Clone
Source Code
GIT

Blame tpm2_pcrreset-new-tools.patch

c7 c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta
  1.   af88e806f0b7f311a326c18a4bf8b2d06c38e583
  2.   tpm2_pcrreset-new-tools.patch
Blob History Raw
Javier Martinez Canillas af88e8 
From 016ef077a2e81fab14cbcd5ba6fae10a6681688b Mon Sep 17 00:00:00 2001
Javier Martinez Canillas af88e8 
From: jetwhiz <charles.munson@ll.mit.edu>
Javier Martinez Canillas af88e8 
Date: Mon, 1 Oct 2018 17:55:13 -0400
Javier Martinez Canillas af88e8 
Subject: [PATCH 2/6] tpm2_pcrreset new tools
Javier Martinez Canillas af88e8
Javier Martinez Canillas af88e8 
New tool to allow resetting PCR registers, backport from 0ef0f31775
Javier Martinez Canillas af88e8
Javier Martinez Canillas af88e8 
Signed-off-by: jetwhiz <Charles.Munson@ll.mit.edu>
Javier Martinez Canillas af88e8 
---
Javier Martinez Canillas af88e8 
 Makefile.am                       |   3 +
Javier Martinez Canillas af88e8 
 man/tpm2_pcrreset.1.md            |  58 ++++++++++++++
Javier Martinez Canillas af88e8 
 test/system/test_tpm2_pcrreset.sh |  59 ++++++++++++++
Javier Martinez Canillas af88e8 
 tools/tpm2_pcrreset.c             | 129 ++++++++++++++++++++++++++++++
Javier Martinez Canillas af88e8 
 4 files changed, 249 insertions(+)
Javier Martinez Canillas af88e8 
 create mode 100644 man/tpm2_pcrreset.1.md
Javier Martinez Canillas af88e8 
 create mode 100755 test/system/test_tpm2_pcrreset.sh
Javier Martinez Canillas af88e8 
 create mode 100644 tools/tpm2_pcrreset.c
Javier Martinez Canillas af88e8
Javier Martinez Canillas af88e8 
diff --git a/Makefile.am b/Makefile.am
Javier Martinez Canillas af88e8 
index 3856bcb400c..ffe22f383e3 100644
Javier Martinez Canillas af88e8 
--- a/Makefile.am
Javier Martinez Canillas af88e8 
+++ b/Makefile.am
Javier Martinez Canillas af88e8 
@@ -87,6 +87,7 @@ bin_PROGRAMS = \
Javier Martinez Canillas af88e8 
     tools/tpm2_pcrevent \
Javier Martinez Canillas af88e8 
     tools/tpm2_pcrextend \
Javier Martinez Canillas af88e8 
     tools/tpm2_pcrlist \
Javier Martinez Canillas af88e8 
+    tools/tpm2_pcrreset \
Javier Martinez Canillas af88e8 
     tools/tpm2_quote \
Javier Martinez Canillas af88e8 
     tools/tpm2_rc_decode \
Javier Martinez Canillas af88e8 
     tools/tpm2_readpublic \
Javier Martinez Canillas af88e8 
@@ -179,6 +180,7 @@ tools_tpm2_unseal_SOURCES = tools/tpm2_unseal.c $(TOOL_SRC)
Javier Martinez Canillas af88e8 
 tools_tpm2_dictionarylockout_SOURCES = tools/tpm2_dictionarylockout.c $(TOOL_SRC)
Javier Martinez Canillas af88e8 
 tools_tpm2_createpolicy_SOURCES = tools/tpm2_createpolicy.c $(TOOL_SRC)
Javier Martinez Canillas af88e8 
 tools_tpm2_pcrextend_SOURCES = tools/tpm2_pcrextend.c $(TOOL_SRC)
Javier Martinez Canillas af88e8 
+tools_tpm2_pcrreset_SOURCES = tools/tpm2_pcrreset.c $(TOOL_SRC)
Javier Martinez Canillas af88e8 
 tools_tpm2_pcrevent_SOURCES = tools/tpm2_pcrevent.c $(TOOL_SRC)
Javier Martinez Canillas af88e8 
 tools_tpm2_rc_decode_SOURCES = tools/tpm2_rc_decode.c $(TOOL_SRC)
Javier Martinez Canillas af88e8
Javier Martinez Canillas af88e8 
@@ -279,6 +281,7 @@ if HAVE_MAN_PAGES
Javier Martinez Canillas af88e8 
     man/man1/tpm2_pcrevent.1 \
Javier Martinez Canillas af88e8 
     man/man1/tpm2_pcrextend.1 \
Javier Martinez Canillas af88e8 
     man/man1/tpm2_pcrlist.1 \
Javier Martinez Canillas af88e8 
+    man/man1/tpm2_pcrreset.1 \
Javier Martinez Canillas af88e8 
     man/man1/tpm2_quote.1 \
Javier Martinez Canillas af88e8 
     man/man1/tpm2_rc_decode.1 \
Javier Martinez Canillas af88e8 
     man/man1/tpm2_readpublic.1 \
Javier Martinez Canillas af88e8 
diff --git a/man/tpm2_pcrreset.1.md b/man/tpm2_pcrreset.1.md
Javier Martinez Canillas af88e8 
new file mode 100644
Javier Martinez Canillas af88e8 
index 00000000000..d5637137796
Javier Martinez Canillas af88e8 
--- /dev/null
Javier Martinez Canillas af88e8 
+++ b/man/tpm2_pcrreset.1.md
Javier Martinez Canillas af88e8 
@@ -0,0 +1,58 @@
Javier Martinez Canillas af88e8 
+% tpm2_pcrreset(1) tpm2-tools | General Commands Manual
Javier Martinez Canillas af88e8 
+%
Javier Martinez Canillas af88e8 
+% JANUARY 2019
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# NAME
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+**tpm2_pcrreset**(1) - Reset one or more PCR banks
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# SYNOPSIS
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+**tpm2_pcrreset** [*OPTIONS*] _PCR\_INDEX_ ...
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# DESCRIPTION
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+**tpm2_pcrreset**(1) - Reset PCR value in all banks for specified index.
Javier Martinez Canillas af88e8 
+More than one PCR index can be specified.
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+The reset value is manufacturer-dependent and is either sequence of 00 or FF
Javier Martinez Canillas af88e8 
+on the length of the hash algorithm for each supported bank
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+_PCR\_INDEX_ is a space separated list of PCR indexes to be reset when issuing
Javier Martinez Canillas af88e8 
+the command.
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# OPTIONS
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+This tool accepts no tool specific options.
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+[common options](common/options.md)
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+[common tcti options](common/tcti.md)
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# EXAMPLES
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+## Reset a single PCR
Javier Martinez Canillas af88e8 
+```
Javier Martinez Canillas af88e8 
+tpm2_pcrreset 23
Javier Martinez Canillas af88e8 
+```
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+## Reset multiple PCRs
Javier Martinez Canillas af88e8 
+```
Javier Martinez Canillas af88e8 
+tpm2_pcrreset 16 23
Javier Martinez Canillas af88e8 
+```
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# NOTES
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+On operating system's locality (generally locality 0), only PCR 23 can be reset.
Javier Martinez Canillas af88e8 
+PCR-16 can also be reset on this locality, depending on TPM manufacturers
Javier Martinez Canillas af88e8 
+which could define this PCR as resettable.
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+PCR 0 to 15 are not resettable (being part of SRTM). PCR 16 to 22 are mostly
Javier Martinez Canillas af88e8 
+reserved for DRTM or dedicated to specific localities and might not
Javier Martinez Canillas af88e8 
+be resettable depending on current TPM locality.
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# RETURNS
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+0 on success or 1 on failure.
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+[footer](common/footer.md)
Javier Martinez Canillas af88e8 
diff --git a/test/system/test_tpm2_pcrreset.sh b/test/system/test_tpm2_pcrreset.sh
Javier Martinez Canillas af88e8 
new file mode 100755
Javier Martinez Canillas af88e8 
index 00000000000..962de780ab4
Javier Martinez Canillas af88e8 
--- /dev/null
Javier Martinez Canillas af88e8 
+++ b/test/system/test_tpm2_pcrreset.sh
Javier Martinez Canillas af88e8 
@@ -0,0 +1,59 @@
Javier Martinez Canillas af88e8 
+#!/bin/bash
Javier Martinez Canillas af88e8 
+#;**********************************************************************;
Javier Martinez Canillas af88e8 
+#
Javier Martinez Canillas af88e8 
+# Copyright (c) 2019, Sebastien LE STUM
Javier Martinez Canillas af88e8 
+# All rights reserved.
Javier Martinez Canillas af88e8 
+#
Javier Martinez Canillas af88e8 
+# Redistribution and use in source and binary forms, with or without
Javier Martinez Canillas af88e8 
+# modification, are permitted provided that the following conditions are met:
Javier Martinez Canillas af88e8 
+#
Javier Martinez Canillas af88e8 
+# 1. Redistributions of source code must retain the above copyright notice,
Javier Martinez Canillas af88e8 
+# this list of conditions and the following disclaimer.
Javier Martinez Canillas af88e8 
+#
Javier Martinez Canillas af88e8 
+# 2. Redistributions in binary form must reproduce the above copyright notice,
Javier Martinez Canillas af88e8 
+# this list of conditions and the following disclaimer in the documentation
Javier Martinez Canillas af88e8 
+# and/or other materials provided with the distribution.
Javier Martinez Canillas af88e8 
+#
Javier Martinez Canillas af88e8 
+# 3. Neither the name of Intel Corporation nor the names of its contributors
Javier Martinez Canillas af88e8 
+# may be used to endorse or promote products derived from this software without
Javier Martinez Canillas af88e8 
+# specific prior written permission.
Javier Martinez Canillas af88e8 
+#
Javier Martinez Canillas af88e8 
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
Javier Martinez Canillas af88e8 
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
Javier Martinez Canillas af88e8 
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
Javier Martinez Canillas af88e8 
+# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
Javier Martinez Canillas af88e8 
+# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
Javier Martinez Canillas af88e8 
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
Javier Martinez Canillas af88e8 
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
Javier Martinez Canillas af88e8 
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
Javier Martinez Canillas af88e8 
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
Javier Martinez Canillas af88e8 
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
Javier Martinez Canillas af88e8 
+# THE POSSIBILITY OF SUCH DAMAGE.
Javier Martinez Canillas af88e8 
+#;**********************************************************************;
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+source test_helpers.sh
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# Reset a resettable PCR
Javier Martinez Canillas af88e8 
+tpm2_pcrreset 23
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# Reset more than one resettable PCR
Javier Martinez Canillas af88e8 
+tpm2_pcrreset 16 23
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# Get PCR_Reset out of bound index error
Javier Martinez Canillas af88e8 
+tpm2_pcrreset 999 2>&1 1>/dev/null | grep -q "out of bound PCR"
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# Get PCR_Reset wrong index error
Javier Martinez Canillas af88e8 
+tpm2_pcrreset toto 2>&1 1>/dev/null | grep -q "invalid PCR"
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# Get PCR_Reset index out of range error
Javier Martinez Canillas af88e8 
+if tpm2_pcrreset 29 2>&1 1>/dev/null ; then
Javier Martinez Canillas af88e8 
+    echo "tpm2_pcrreset on out of range PCR index didn't fail"
Javier Martinez Canillas af88e8 
+    exit 1
Javier Martinez Canillas af88e8 
+else
Javier Martinez Canillas af88e8 
+    true
Javier Martinez Canillas af88e8 
+fi
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+# Get PCR_Reset bad locality error
Javier Martinez Canillas af88e8 
+tpm2_pcrreset 0 2>&1 1>/dev/null | grep -q "0x907"
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+exit 0
Javier Martinez Canillas af88e8 
diff --git a/tools/tpm2_pcrreset.c b/tools/tpm2_pcrreset.c
Javier Martinez Canillas af88e8 
new file mode 100644
Javier Martinez Canillas af88e8 
index 00000000000..5fa1de121e7
Javier Martinez Canillas af88e8 
--- /dev/null
Javier Martinez Canillas af88e8 
+++ b/tools/tpm2_pcrreset.c
Javier Martinez Canillas af88e8 
@@ -0,0 +1,129 @@
Javier Martinez Canillas af88e8 
+//**********************************************************************;
Javier Martinez Canillas af88e8 
+// Copyright (c) 2017, Intel Corporation
Javier Martinez Canillas af88e8 
+// All rights reserved.
Javier Martinez Canillas af88e8 
+//
Javier Martinez Canillas af88e8 
+// Redistribution and use in source and binary forms, with or without
Javier Martinez Canillas af88e8 
+// modification, are permitted provided that the following conditions are met:
Javier Martinez Canillas af88e8 
+//
Javier Martinez Canillas af88e8 
+// 1. Redistributions of source code must retain the above copyright notice,
Javier Martinez Canillas af88e8 
+// this list of conditions and the following disclaimer.
Javier Martinez Canillas af88e8 
+//
Javier Martinez Canillas af88e8 
+// 2. Redistributions in binary form must reproduce the above copyright notice,
Javier Martinez Canillas af88e8 
+// this list of conditions and the following disclaimer in the documentation
Javier Martinez Canillas af88e8 
+// and/or other materials provided with the distribution.
Javier Martinez Canillas af88e8 
+//
Javier Martinez Canillas af88e8 
+// 3. Neither the name of Intel Corporation nor the names of its contributors
Javier Martinez Canillas af88e8 
+// may be used to endorse or promote products derived from this software without
Javier Martinez Canillas af88e8 
+// specific prior written permission.
Javier Martinez Canillas af88e8 
+//
Javier Martinez Canillas af88e8 
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
Javier Martinez Canillas af88e8 
+// AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
Javier Martinez Canillas af88e8 
+// IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
Javier Martinez Canillas af88e8 
+// ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
Javier Martinez Canillas af88e8 
+// LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
Javier Martinez Canillas af88e8 
+// CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
Javier Martinez Canillas af88e8 
+// SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
Javier Martinez Canillas af88e8 
+// INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
Javier Martinez Canillas af88e8 
+// CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
Javier Martinez Canillas af88e8 
+// ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
Javier Martinez Canillas af88e8 
+// THE POSSIBILITY OF SUCH DAMAGE.
Javier Martinez Canillas af88e8 
+//**********************************************************************;
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+#include <ctype.h>
Javier Martinez Canillas af88e8 
+#include <errno.h>
Javier Martinez Canillas af88e8 
+#include <stdbool.h>
Javier Martinez Canillas af88e8 
+#include <stdlib.h>
Javier Martinez Canillas af88e8 
+#include <string.h>
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+#include <tss2/tss2_sys.h>
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+#include "log.h"
Javier Martinez Canillas af88e8 
+#include "pcr.h"
Javier Martinez Canillas af88e8 
+#include "tpm2_options.h"
Javier Martinez Canillas af88e8 
+#include "tpm2_tool.h"
Javier Martinez Canillas af88e8 
+#include "tpm2_util.h"
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+typedef struct tpm_pcr_reset_ctx tpm_pcr_reset_ctx;
Javier Martinez Canillas af88e8 
+struct tpm_pcr_reset_ctx {
Javier Martinez Canillas af88e8 
+    bool            pcr_list[TPM2_MAX_PCRS];
Javier Martinez Canillas af88e8 
+};
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+static tpm_pcr_reset_ctx ctx;
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+static bool pcr_reset_one(TSS2_SYS_CONTEXT *sapi_context, TPMI_DH_PCR pcr_index) {
Javier Martinez Canillas af88e8 
+    TSS2L_SYS_AUTH_RESPONSE sessions_data_out;
Javier Martinez Canillas af88e8 
+    TSS2L_SYS_AUTH_COMMAND sessions_data = { 1, {{ .sessionHandle=TPM2_RS_PW }}};
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+    TSS2_RC rval = TSS2_RETRY_EXP(Tss2_Sys_PCR_Reset(sapi_context, pcr_index, &sessions_data,
Javier Martinez Canillas af88e8 
+            &sessions_data_out));
Javier Martinez Canillas af88e8 
+    if (rval != TSS2_RC_SUCCESS) {
Javier Martinez Canillas af88e8 
+        LOG_ERR("Could not reset PCR index: %d", pcr_index);
Javier Martinez Canillas af88e8 
+        return false;
Javier Martinez Canillas af88e8 
+    }
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+    return true;
Javier Martinez Canillas af88e8 
+}
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+static bool pcr_reset(TSS2_SYS_CONTEXT *sapi_context) {
Javier Martinez Canillas af88e8 
+    size_t i;
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+    for (i = 0; i < TPM2_MAX_PCRS; i++) {
Javier Martinez Canillas af88e8 
+        if(!ctx.pcr_list[i])
Javier Martinez Canillas af88e8 
+            continue;
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+        bool result = pcr_reset_one(sapi_context, i);
Javier Martinez Canillas af88e8 
+        if (!result) {
Javier Martinez Canillas af88e8 
+            return false;
Javier Martinez Canillas af88e8 
+        }
Javier Martinez Canillas af88e8 
+    }
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+    return true;
Javier Martinez Canillas af88e8 
+}
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+static bool on_arg(int argc, char** argv){
Javier Martinez Canillas af88e8 
+    int i;
Javier Martinez Canillas af88e8 
+    uint32_t pcr;
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+    memset(ctx.pcr_list, 0, TPM2_MAX_PCRS);
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+    if (argc < 1) {
Javier Martinez Canillas af88e8 
+        LOG_ERR("Expected at least one PCR index"
Javier Martinez Canillas af88e8 
+                "ie: <pcr index>, got: 0");
Javier Martinez Canillas af88e8 
+        return false;
Javier Martinez Canillas af88e8 
+    }
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+    for(i = 0; i < argc; i++){
Javier Martinez Canillas af88e8 
+        if(!tpm2_util_string_to_uint32(argv[i], &pcr)){
Javier Martinez Canillas af88e8 
+            LOG_ERR("Got invalid PCR Index: \"%s\"", argv[i]);
Javier Martinez Canillas af88e8 
+            return false;
Javier Martinez Canillas af88e8 
+        }
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+        /*
Javier Martinez Canillas af88e8 
+        * If any specified PCR index is greater than the last valid
Javier Martinez Canillas af88e8 
+        * index supported in the spec, throw an error
Javier Martinez Canillas af88e8 
+        */
Javier Martinez Canillas af88e8 
+        if(pcr > TPM2_MAX_PCRS - 1){
Javier Martinez Canillas af88e8 
+            LOG_ERR("Got out of bound PCR Index: \"%s\"", argv[i]);
Javier Martinez Canillas af88e8 
+            return false;
Javier Martinez Canillas af88e8 
+        }
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+        ctx.pcr_list[pcr] = 1;
Javier Martinez Canillas af88e8 
+    }
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+    return true;
Javier Martinez Canillas af88e8 
+}
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+bool tpm2_tool_onstart(tpm2_options **opts) {
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+    *opts = tpm2_options_new(NULL, 0, NULL, NULL, on_arg, 0);
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+    return *opts != NULL;
Javier Martinez Canillas af88e8 
+}
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+int tpm2_tool_onrun(TSS2_SYS_CONTEXT *sapi_context, tpm2_option_flags flags) {
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+    UNUSED(flags);
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
+    return pcr_reset(sapi_context) != true;
Javier Martinez Canillas af88e8 
+}
Javier Martinez Canillas af88e8 
+
Javier Martinez Canillas af88e8 
--
Javier Martinez Canillas af88e8 
2.21.0
Javier Martinez Canillas af88e8

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation