]> git.ipfire.org Git - thirdparty/grub.git/commit
projects / thirdparty / grub.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 11caacd) | patch
tpm2_key_protector: Dump the PCR bank for key unsealing
authorGary Lin <glin@suse.com>
Fri, 13 Jun 2025 07:02:34 +0000 (15:02 +0800)
committerDaniel Kiper <daniel.kiper@oracle.com>
Tue, 17 Jun 2025 12:12:50 +0000 (14:12 +0200)
commit451e227e530e765d4af1960b9795d8987ea6ee78
treefaf9c90b6d928337162cdd3ec01677be0f1299a1tree | snapshot
parent11caacdb22599fcd448d92dcf4367032f661a23acommit | diff
tpm2_key_protector: Dump the PCR bank for key unsealing

TPM 2.0 Key File format stores the PCR selection in the parameters
for TPM2_PolicyPCR and it already contains the selected PCR bank.
Currently, tpm2_key_protector dumped the PCR bank specified by the
--bank option, and it may not be the PCR bank for key unsealing.

To dump the real PCR bank for key unsealing, this commit records the PCR
bank used by TPM2_PolicyPCR and dumps PCR values from that bank when
necessary.

Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
grub-core/commands/tpm2_key_protector/module.c diff | blob | blame | history
Mirror of https://git.savannah.gnu.org/git/grub.git