tpm: update comment on transient handle GetCapability bug in kernel tpm resource...

Add clarification and link to kernel bug.

diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
index 8189e9d8c0dcc408c6680c013187ca559a8eec2f..bb7928bbd70c8373acd07df2f59463edeb8abfa4 100644 (file)
--- a/src/shared/tpm2-util.c
+++ b/src/shared/tpm2-util.c
@@ -792,11 +792,10 @@ int tpm2_index_to_handle(
                                        "Invalid handle 0x%08" PRIx32 " (in unknown range).", index);
         }
 
-        /* For transient handles, the kernel tpm "resource manager" (i.e. /dev/tpmrm0) never acknowleges that
-         * any transient handles exist, even if they actually do. So a failure to find the requested handle
-         * index, if it's a transient handle, may not actually mean it's not present in the tpm; thus, only
-         * check GetCapability() if the handle isn't transient. */
-        if (TPM2_HANDLE_TYPE(index) != TPM2_HT_TRANSIENT) { // FIXME: once kernel tpmrm is fixed to acknowledge transient handles, check transient handles too
+        /* For transient handles, the kernel tpm "resource manager" (i.e. /dev/tpmrm0) performs mapping
+         * which breaks GetCapability requests, so only check GetCapability if it's not a transient handle.
+         * https://bugzilla.kernel.org/show_bug.cgi?id=218009 */
+        if (TPM2_HANDLE_TYPE(index) != TPM2_HT_TRANSIENT) { // FIXME: once kernel bug is fixed, check transient handles too
                 r = tpm2_get_capability_handle(c, index);
                 if (r < 0)
                         return r;