Skip to content

Instantly share code, notes, and snippets.

@sargun
Created August 27, 2021 03:07
Show Gist options
  • Save sargun/c1fdb8f3ac19f94b63bc82304b1a3b67 to your computer and use it in GitHub Desktop.
Save sargun/c1fdb8f3ac19f94b63bc82304b1a3b67 to your computer and use it in GitHub Desktop.
/*
* Lock a trusted key, by extending a selected PCR.
*
* Prevents a trusted key that is sealed to PCRs from being accessed.
* This uses the tpm driver's extend function.
*/
static int pcrlock(const int pcrnum)
{
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
return tpm_pcr_extend(chip, pcrnum, digests) ? -EINVAL : 0;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment