diff options
author | Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> | 2016-06-10 14:31:42 +0300 |
---|---|---|
committer | Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> | 2016-06-10 14:31:42 +0300 |
commit | f40e55ca1c1c5c934060d97678af183ab349deef (patch) | |
tree | 93ee892d567105d317d23e90c0643957f98568d6 | |
parent | 26780b384359790714dd8e87a7cb7dd7484ff6da (diff) | |
download | tpm2-scripts-f40e55ca1c1c5c934060d97678af183ab349deef.tar.gz |
Remove hardcoded policy handle
keyctl-smoke.sh has a hardcoded policyhandle value in the keyctl command
to load the blob, instead of using $POLICYHANDLE, and thus, multiple
attempts to run keyctl-smoke.sh will fail.
Reported-by: Jerry Snitselaar <jsnitsel@redhat.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
-rwxr-xr-x | keyctl-smoke.sh | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/keyctl-smoke.sh b/keyctl-smoke.sh index 9ed9701..88eca2a 100755 --- a/keyctl-smoke.sh +++ b/keyctl-smoke.sh @@ -7,6 +7,6 @@ POLICYHANDLE=$(sudo ./tpm2-pcr-policy --pcr 16 --name-alg=sha256 --bank=sha1) KEYID=$(keyctl add trusted kmk "new 32 keyhandle=$KEYHANDLE hash=sha256 policydigest=$POLICYDIGEST" @u) keyctl pipe $KEYID > blob.hex keyctl clear @u -keyctl add trusted kmk "load `cat blob.hex` keyhandle=$KEYHANDLE policyhandle=0x03000000" @u +keyctl add trusted kmk "load `cat blob.hex` keyhandle=$KEYHANDLE policyhandle=$POLICYHANDLE" @u keyctl clear @u sudo ./tpm2-flush $KEYHANDLE |