tpm2-util: add comment explaining what tpm2_define_policy_nv_index() actually does

author Lennart Poettering <lennart@poettering.net>

Wed, 17 Apr 2024 08:10:56 +0000 (10:10 +0200)

committer Lennart Poettering <lennart@poettering.net>

Thu, 18 Apr 2024 16:12:23 +0000 (18:12 +0200)
author Lennart Poettering <lennart@poettering.net>
Wed, 17 Apr 2024 08:10:56 +0000 (10:10 +0200)
committer Lennart Poettering <lennart@poettering.net>
Thu, 18 Apr 2024 16:12:23 +0000 (18:12 +0200)
diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c

index 51c01b6c9c7a2b27694a62ff6a49d819ab67789c..051ff291ddfe67031ce8002f05d743fc42dad57c 100644 (file)
--- a/src/shared/tpm2-util.c
+++ b/src/shared/tpm2-util.c
@@ -5639,6 +5639,10 @@ int tpm2_define_policy_nv_index(
          assert(c);
          assert(pin || auth);
  
+        /* Allocates an nvindex to store a policy for use in PolicyAuthorizeNV in. This is where pcrlock then
+         * stores its predicted PCR policies in. If 'requested_nv_index' will try to allocate the specified
+         * nvindex, otherwise will find a free one, and use that. */
+
          r = tpm2_handle_new(c, &new_handle);
          if (r < 0)
                  return r;
author	Lennart Poettering <lennart@poettering.net>
	Wed, 17 Apr 2024 08:10:56 +0000 (10:10 +0200)
committer	Lennart Poettering <lennart@poettering.net>
	Thu, 18 Apr 2024 16:12:23 +0000 (18:12 +0200)