tcgbios: Disable platform hierarchy in case of failure

In the rare case of a TPM 2 failure, disable the platform hierarchy after
disabling the endorsement and owner hierarchies.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

diff --git a/src/tcgbios.c b/src/tcgbios.c
index 02921d8cae80184ca624a267af2f95e6ef413a04..31f4d7b82fe1cd8ec719ca85e77b7e310e278157 100644 (file)
--- a/src/tcgbios.c
+++ b/src/tcgbios.c
@@ -983,6 +983,7 @@ tpm_set_failure(void)
     case TPM_VERSION_2:
         tpm20_hierarchycontrol(TPM2_RH_ENDORSEMENT, TPM2_NO);
         tpm20_hierarchycontrol(TPM2_RH_OWNER, TPM2_NO);
+        tpm20_hierarchycontrol(TPM2_RH_PLATFORM, TPM2_NO);
         break;
     }