On 06/11/2015 06:18 PM, Kevin O'Connor wrote:
On Wed, Jun 10, 2015 at 12:14:17PM -0400, Stefan Berger wrote:
This patch adds an new menu entry to the main menu. This menu item enables the user to enter a TPM control menu which allows control of those aspects of the TPM's state that can only be controlled while in the firmware and while physical presence can be asserted.
[...]
--- a/src/boot.c +++ b/src/boot.c
[...]
@@ -461,7 +461,7 @@ interactive_bootmenu(void)
char *bootmsg = romfile_loadfile("etc/boot-menu-message", NULL); int menukey = romfile_loadint("etc/boot-menu-key", 1);
- printf("%s", bootmsg ?: "\nPress ESC for boot menu.\n\n");
- printf("%s", bootmsg ?: "\nPress ESC for boot menu.\n"); free(bootmsg);
This looks like a spurious change.
Fixed.
u32 menutime = romfile_loadint("etc/boot-menu-wait", DEFAULT_BOOTMENU_WAIT);
@@ -474,6 +474,7 @@ interactive_bootmenu(void) while (get_keystroke(0) >= 0) ;
+show_boot_menu: printf("Select boot device:\n\n"); wait_threads();
This backwards goto is really a loop and the code would need to be refactored into a loop. As discussed before though, I think it would be simpler to just reboot after entering the tpm configuration.
So you would also reboot if the user didn't make any changes to the state of the TPM, just for entering that menu?
What about changes to the state of the TPM that require a reboot, such as changing it from deactivated to active? Can we reboot immediately?
Regards, Stefan
-Kevin