-
Notifications
You must be signed in to change notification settings - Fork 366
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix use of PCR16 #2879
base: master
Are you sure you want to change the base?
Fix use of PCR16 #2879
Conversation
Signed-off-by: Andreas Fuchs <[email protected]>
The test harness for integration tests now check before and after every integration test invocation if PCR16 is empty to begin but also after the test. Signed-off-by: Andreas Fuchs <[email protected]>
37c2c1e
to
6a78aa7
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few comments, but nothing major.
} | ||
|
||
if (pcr_values.count != 1) { | ||
LOG_ERROR("TPM2_PCR_Read for PCR 16 in SHA256 did not return a value"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did you forget a return EXIT_ERROR;
here?
TSS2_RC rc; | ||
TPML_DIGEST pcr_values = { 0 }; | ||
TPML_PCR_SELECTION pcr_selection = { .count=1, .pcrSelections = { { .hash = TPM2_ALG_SHA256, .sizeofSelect = 3, .pcrSelect = { 0 } } } }; | ||
pcr_selection.pcrSelections[0].pcrSelect[(16 / 8)] = 1 << (16 % 8); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do we not have a macro for this?
@@ -44,7 +46,7 @@ struct { | |||
}; | |||
|
|||
struct tpm_state { | |||
TPMS_CAPABILITY_DATA capabilities[7]; | |||
TPMS_CAPABILITY_DATA capabilities[sizeof(capabilities_to_dump) / sizeof(capabilities_to_dump[0])]; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ARRAY_LEN()
is defined in src/util/aux_util.h
Fixes: #2877