tpm2-util: add comment explaining what tpm2_define_policy_nv_index() actually does

author: Lennart Poettering <lennart@poettering.net> 2024-04-17 10:10:56 +0200
committer: Lennart Poettering <lennart@poettering.net> 2024-04-18 18:12:23 +0200
commit: 19d82e1beef5858a7d68692607317b630c187d84 (patch)
tree: 571f0d6f9003c206134fa466fbd06606a673391e /src/shared/tpm2-util.c
parent: tpm2-util: load external key into NULL hierarchy if private key is provided (diff)
download: systemd-19d82e1beef5858a7d68692607317b630c187d84.tar.xz
systemd-19d82e1beef5858a7d68692607317b630c187d84.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/src/shared/tpm2-util.c b/src/shared/tpm2-util.c
index 51c01b6c9c..051ff291dd 100644
--- a/src/shared/tpm2-util.c
+++ b/src/shared/tpm2-util.c
@@ -5639,6 +5639,10 @@ int tpm2_define_policy_nv_index(
         assert(c);
         assert(pin || auth);
 
+        /* Allocates an nvindex to store a policy for use in PolicyAuthorizeNV in. This is where pcrlock then
+         * stores its predicted PCR policies in. If 'requested_nv_index' will try to allocate the specified
+         * nvindex, otherwise will find a free one, and use that. */
+
         r = tpm2_handle_new(c, &new_handle);
         if (r < 0)
                 return r;
author	Lennart Poettering <lennart@poettering.net>	2024-04-17 10:10:56 +0200
committer	Lennart Poettering <lennart@poettering.net>	2024-04-18 18:12:23 +0200
commit	19d82e1beef5858a7d68692607317b630c187d84 (patch)
tree	571f0d6f9003c206134fa466fbd06606a673391e /src/shared/tpm2-util.c
parent	tpm2-util: load external key into NULL hierarchy if private key is provided (diff)
download	systemd-19d82e1beef5858a7d68692607317b630c187d84.tar.xz systemd-19d82e1beef5858a7d68692607317b630c187d84.zip