functions: prompt_tpm_owner_password only reuses /tmp/secret/tpm_owner_password if already created by seal functions or itself. Sealing ops not being able to reuse the file shred it (kexec-seal-key and seal-totp)

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
2024-12-20 05:28:08 +00:00 · 2023-11-02 11:38:50 -04:00 · 2023-11-02 11:38:50 -04:00 · 48c446cd7d
commit 48c446cd7d
parent 921acd0f6f
1 changed files with 2 additions and 5 deletions
--- a/initrd/etc/functions
+++ b/initrd/etc/functions
@ -194,11 +194,8 @@ list_usb_storage() {
 # line, since some flows need it multiple times and only one prompt is ideal.
 prompt_tpm_owner_password() {
 	TRACE "Under /etc/functions:prompt_tpm_owner_password"
-	#Caller might already have cached the password in tpm_password. If not, prompt for it and cache it externally
-	if [ -n "$tpm_owner_password" ]; then
-		DEBUG "tpm_owner_password variable already set by caller. Reusing"
-		return 0
-	elif [ -s /tmp/secret/tpm_owner_password ]; then
+	
+	if [ -s /tmp/secret/tpm_owner_password ]; then
 		DEBUG "/tmp/secret/tpm_owner_password already cached in file. Reusing"
 		tpm_owner_password=$(cat /tmp/secret/tpm_owner_password)
 		return 0