From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 24 Oct 2023 20:19:48 +0000 (+0200)
Subject: tpm2-util: dont't find best PCR bank if no PCRs are selected whatsoever
X-Git-Tag: v255-rc1~146^2~1
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=3ee5e9d5f3eff01f35b12d4bd4133720f05594fb;p=thirdparty%2Fsystemd.git

tpm2-util: dont't find best PCR bank if no PCRs are selected whatsoever

This will otherwise just yield weird log message, complaining that PCRs
were not initialized. But which PCRs if we have none selected?
---

diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
index 8d509713561..4bb17157e27 100644
--- a/src/shared/tpm2-util.c
+++ b/src/shared/tpm2-util.c
@@ -2539,6 +2539,12 @@ int tpm2_get_best_pcr_bank(
         assert(c);
         assert(ret);
 
+        if (pcr_mask == 0) {
+                log_debug("Asked to pick best PCR bank but no PCRs selected we could derive this from. Defaulting to SHA256.");
+                *ret = TPM2_ALG_SHA256; /* if no PCRs are selected this doesn't matter anyway... */
+                return 0;
+        }
+
         FOREACH_TPMS_PCR_SELECTION_IN_TPML_PCR_SELECTION(selection, &c->capability_pcrs) {
                 TPMI_ALG_HASH hash = selection->hash;
                 int good;