ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-18 20:47:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

gui-init: Remove TPM2 primary handle hash when resetting TPM

Browse Source 
Resetting the TPM invalidates the primary handle hash, and
kexec-save-default only generates a hash if none exists.  Remove the
hash file when it is invalidated.

OEM reset and "Reset Configuration" both already remove all kexec
files.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
This commit is contained in:
Jonathon Hall 2023-02-21 17:16:11 -05:00
parent 4e375ad7ca
commit 7ea606524b
No known key found for this signature in database
GPG Key ID: 1E9C3CA91AE25114
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
initrd/bin/gui-init
View File

@ -522,6 +522,7 @@ reset_tpm()
mount_boot
mount -o rw,remount /boot
rm -f /boot/kexec_rollback.txt
rm -f /boot/kexec_primhdl_hash.txt
# create Heads TPM counter before any others
check_tpm_counter /boot/kexec_rollback.txt \