From: Lennart Poettering <lennart@poettering.net>
Date: Thu, 7 Sep 2023 10:11:10 +0000 (+0200)
Subject: tpm2-util: drop support for creating TPM2 trial sessions
X-Git-Tag: v255-rc1~553
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=4bba26aea6c80db7941c2c0dc451c992276d4156;p=thirdparty%2Fsystemd.git

tpm2-util: drop support for creating TPM2 trial sessions

This is unused these days, we instead calculate policy hashes ourselves
and do not need trial sessions for that anymore. Given how unreliable
they are in actual TPMs, we don't want to use them anyway, so I don't
think we ever want to readd this.

hence, let's drop this unused feature.
---

diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
index a57841fab4b..db17835897a 100644
--- a/src/shared/tpm2-util.c
+++ b/src/shared/tpm2-util.c
@@ -2880,10 +2880,8 @@ static int tpm2_make_policy_session(
                 Tpm2Context *c,
                 const Tpm2Handle *primary,
                 const Tpm2Handle *encryption_session,
-                bool trial,
                 Tpm2Handle **ret_session) {
 
-        TPM2_SE session_type = trial ? TPM2_SE_TRIAL : TPM2_SE_POLICY;
         TSS2_RC rc;
         int r;
 
@@ -2911,7 +2909,7 @@ static int tpm2_make_policy_session(
                         ESYS_TR_NONE,
                         ESYS_TR_NONE,
                         NULL,
-                        session_type,
+                        TPM2_SE_POLICY,
                         &SESSION_TEMPLATE_SYM_AES_128_CFB,
                         TPM2_ALG_SHA256,
                         &session->esys_handle);
@@ -4112,7 +4110,6 @@ int tpm2_unseal(const char *device,
                                 c,
                                 primary_handle,
                                 encryption_session,
-                                /* trial= */ false,
                                 &policy_session);
                 if (r < 0)
                         return r;