64 lines
2.1 KiB
Diff
64 lines
2.1 KiB
Diff
From 596dc33f0093735254cd3dd086a8375fbf56fd47 Mon Sep 17 00:00:00 2001
|
|
From: Juergen Repp <juergen_repp@web.de>
|
|
Date: Sat, 12 Oct 2024 12:04:15 +0200
|
|
Subject: [PATCH 4/8] tpm2_createpolicy: flush session for trial policy.
|
|
|
|
The created session is flushed if a trial policy is only used to compute
|
|
the policy digest.
|
|
Fixes: #3427
|
|
|
|
Signed-off-by: Juergen Repp <juergen_repp@web.de>
|
|
---
|
|
tools/tpm2_createpolicy.c | 21 +++++++++++++++++----
|
|
1 file changed, 17 insertions(+), 4 deletions(-)
|
|
|
|
diff --git a/tools/tpm2_createpolicy.c b/tools/tpm2_createpolicy.c
|
|
index b5686e05..48c039e8 100644
|
|
--- a/tools/tpm2_createpolicy.c
|
|
+++ b/tools/tpm2_createpolicy.c
|
|
@@ -54,6 +54,9 @@ static create_policy_ctx pctx = {
|
|
|
|
static tool_rc parse_policy_type_specific_command(ESYS_CONTEXT *ectx) {
|
|
|
|
+ tool_rc rc;
|
|
+ TSS2_RC rval;
|
|
+
|
|
if (!pctx.common_policy_options.policy_type.policy_pcr) {
|
|
LOG_ERR("Only PCR policy is currently supported!");
|
|
return tool_rc_option_error;
|
|
@@ -71,7 +74,7 @@ static tool_rc parse_policy_type_specific_command(ESYS_CONTEXT *ectx) {
|
|
|
|
tpm2_session **s = &pctx.common_policy_options.policy_session;
|
|
|
|
- tool_rc rc = tpm2_session_open(ectx, session_data, s);
|
|
+ rc = tpm2_session_open(ectx, session_data, s);
|
|
if (rc != tool_rc_success) {
|
|
return rc;
|
|
}
|
|
@@ -91,9 +94,19 @@ static tool_rc parse_policy_type_specific_command(ESYS_CONTEXT *ectx) {
|
|
return rc;
|
|
}
|
|
|
|
- return tpm2_policy_tool_finish(ectx,
|
|
- pctx.common_policy_options.policy_session,
|
|
- pctx.common_policy_options.policy_file);
|
|
+ rc = tpm2_policy_tool_finish(ectx,
|
|
+ pctx.common_policy_options.policy_session,
|
|
+ pctx.common_policy_options.policy_file);
|
|
+ if (rc != tool_rc_success) {
|
|
+ return rc;
|
|
+ }
|
|
+ if (pctx.common_policy_options.policy_session_type == TPM2_SE_TRIAL) {
|
|
+ rval = Esys_FlushContext(ectx, tpm2_session_get_handle(*s));
|
|
+ if (rval != TPM2_RC_SUCCESS) {
|
|
+ return tool_rc_general_error;
|
|
+ }
|
|
+ }
|
|
+ return rc;
|
|
}
|
|
|
|
static bool on_option(char key, char *value) {
|
|
--
|
|
2.49.0
|
|
|