diff options
| author | Stefan Berger <stefanb@linux.ibm.com> | 2021-09-17 13:38:05 -0400 |
|---|---|---|
| committer | Alexey Kardashevskiy <aik@ozlabs.ru> | 2021-10-01 14:09:29 +1000 |
| commit | bb9536fc0db5a5bd4e425a6b1170d44a730361a2 (patch) | |
| tree | 6a9556c155b4c0f3ba1ec31ae4e40e9058ac6023 | |
| parent | 63d2f38ab6e78122113817890d4e8ed6f1912cf3 (diff) | |
| download | qemu-SLOF-bb9536fc0db5a5bd4e425a6b1170d44a730361a2.tar.gz | |
tcgbios: Disable platform hierarchy in case of failure
In the rare case of a TPM 2 failure, disable the platform hierarchy after
disabling the endorsement and owner hierarchies.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
| -rw-r--r-- | lib/libtpm/tcgbios.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/lib/libtpm/tcgbios.c b/lib/libtpm/tcgbios.c index e43745e..3b2e76d 100644 --- a/lib/libtpm/tcgbios.c +++ b/lib/libtpm/tcgbios.c @@ -620,6 +620,7 @@ static void tpm_set_failure(void) { tpm20_hierarchycontrol(TPM2_RH_ENDORSEMENT, TPM2_NO); tpm20_hierarchycontrol(TPM2_RH_OWNER, TPM2_NO); + tpm20_hierarchycontrol(TPM2_RH_PLATFORM, TPM2_NO); tpm_state.tpm_working = false; } |