pcrlock: when unlocking try to pick up pcrlock policy from system credentials

author: Lennart Poettering <lennart@poettering.net> 2023-11-21 11:44:34 +0100
committer: Lennart Poettering <lennart@poettering.net> 2024-01-22 15:20:22 +0100
commit: d37c312b87aeba4a470ad720eda56cdbc9ea2290 (patch)
tree: afaaf913e47030b58e1a31f9645be35c3ad8096a /src/cryptenroll
parent: pcrlock: also write pcrlock policy as unencrypted credential to XBOOTLDR/ESP (diff)
download: systemd-d37c312b87aeba4a470ad720eda56cdbc9ea2290.tar.xz
systemd-d37c312b87aeba4a470ad720eda56cdbc9ea2290.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/src/cryptenroll/cryptenroll-tpm2.c b/src/cryptenroll/cryptenroll-tpm2.c
index 87e19814db..b556c70931 100644
--- a/src/cryptenroll/cryptenroll-tpm2.c
+++ b/src/cryptenroll/cryptenroll-tpm2.c
@@ -365,6 +365,7 @@ int enroll_tpm2(struct crypt_device *cd,
                         &IOVEC_MAKE(policy.buffer, policy.size),
                         use_pin ? &IOVEC_MAKE(binary_salt, sizeof(binary_salt)) : NULL,
                         &srk,
+                        pcrlock_path ? &pcrlock_policy.nv_handle : NULL,
                         flags,
                         &v);
         if (r < 0)
author	Lennart Poettering <lennart@poettering.net>	2023-11-21 11:44:34 +0100
committer	Lennart Poettering <lennart@poettering.net>	2024-01-22 15:20:22 +0100
commit	d37c312b87aeba4a470ad720eda56cdbc9ea2290 (patch)
tree	afaaf913e47030b58e1a31f9645be35c3ad8096a /src/cryptenroll
parent	pcrlock: also write pcrlock policy as unencrypted credential to XBOOTLDR/ESP (diff)
download	systemd-d37c312b87aeba4a470ad720eda56cdbc9ea2290.tar.xz systemd-d37c312b87aeba4a470ad720eda56cdbc9ea2290.zip