* Wed Feb 08 2023 Miroslav Rezanina <mrezanin@redhat.com> - 2.7.0.6-9

- wla-redhat-Adjust-tpm2_createprimary-key-attributes-to-m.patch [bz#2167322] - Resolves: bz#2167322 (Adjust TPM primary key creation parameters to match Azure)
2023-02-08 02:57:59 -05:00 · 2023-02-08 02:57:59 -05:00 · 850fe75421
commit 850fe75421
parent 2a309c832f
2 changed files with 8 additions and 3 deletions
--- a/WALinuxAgent.spec
+++ b/WALinuxAgent.spec
@ -4,7 +4,7 @@

 Name:           WALinuxAgent
 Version:        2.7.0.6
-Release:        8%{?dist}
+Release:        9%{?dist}
 Summary:        The Microsoft Azure Linux Agent

 License:        ASL 2.0
@ -159,6 +159,11 @@ rm -rf %{_unitdir}/waagent.service.d/
 %endif

 %changelog
+* Wed Feb 08 2023 Miroslav Rezanina <mrezanin@redhat.com> - 2.7.0.6-9
+- wla-redhat-Adjust-tpm2_createprimary-key-attributes-to-m.patch [bz#2167322]
+- Resolves: bz#2167322
+  (Adjust TPM primary key creation parameters to match Azure)
+
 * Mon Feb 06 2023 Miroslav Rezanina <mrezanin@redhat.com> - 2.7.0.6-8
 - wla-redhat-Explicitly-list-udev-rule-requirements-in-the.patch [bz#2165042]
 - Resolves: bz#2165042
--- a/tpm2-luks-import.sh
+++ b/tpm2-luks-import.sh
@ -35,9 +35,9 @@ fi
    # Import sealed object
    tpm2_flushcontext -t
    if [ ! -f "unique.dat" ]; then
-        tpm2_createprimary -Q -C o -g sha256 -G rsa -c primary.ctx
+        tpm2_createprimary -Q -C o -a 'restricted|decrypt|fixedtpm|fixedparent|sensitivedataorigin|userwithauth|noda' -g sha256 -G rsa -c primary.ctx
    else
-        tpm2_createprimary -Q -C o -g sha256 -G rsa -u unique.dat -c primary.ctx
+        tpm2_createprimary -Q -C o -a 'restricted|decrypt|fixedtpm|fixedparent|sensitivedataorigin|userwithauth|noda' -g sha256 -G rsa -u unique.dat -c primary.ctx
    fi
    tpm2_flushcontext -t
    tpm2_import -Q -C primary.ctx -u parent.pub -i parent.prv -r parent_imported.prv -s parent.seed