From: Stefan Berger stefanb@linux.vnet.ibm.com
After temporarily deactivating the TPM, also give up physical presence to disable more commands.
Signed-off-by: Stefan Berger stefanb@linux.vnet.ibm.com --- src/tcgbios.c | 10 ++++++++++ 1 file changed, 10 insertions(+)
diff --git a/src/tcgbios.c b/src/tcgbios.c index 7bcbdde..685075f 100644 --- a/src/tcgbios.c +++ b/src/tcgbios.c @@ -227,6 +227,16 @@ tpm_set_failure(void) tpm_send_cmd(0, TPM_ORD_SetTempDeactivated, NULL, 0, TPM_DURATION_TYPE_SHORT);
+ tpm_send_cmd(0, TPM_ORD_PhysicalPresence, + PhysicalPresence_CMD_ENABLE, + sizeof(PhysicalPresence_CMD_ENABLE), + TPM_DURATION_TYPE_SHORT); + + tpm_send_cmd(0, TPM_ORD_PhysicalPresence, + PhysicalPresence_NOT_PRESENT_LOCK, + sizeof(PhysicalPresence_NOT_PRESENT_LOCK), + TPM_DURATION_TYPE_SHORT); + TPM_working = 0; }