From 431b8a2e75a71a0b1f47d47d3f045b1e3efbce53 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 31 Jul 2017 13:10:41 -0400
Subject: Make fallback aware of tpm measurements, and reboot if tpm is used.

Since booting the entry with fallback in the stack of things that got
measured will result in all the wrong PCR values, in the cases where TPM
is present and enabled, use ->Reset() instead of loading the Boot####
variable and executing its target.

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 tpm.h | 1 +
 1 file changed, 1 insertion(+)

(limited to 'tpm.h')

diff --git a/tpm.h b/tpm.h
index e3c2b923..d11b545b 100644
--- a/tpm.h
+++ b/tpm.h
@@ -8,6 +8,7 @@
 
 EFI_STATUS tpm_log_event(EFI_PHYSICAL_ADDRESS buf, UINTN size, UINT8 pcr,
 			 const CHAR8 *description);
+EFI_STATUS fallback_should_prefer_reset(void);
 
 EFI_STATUS tpm_log_pe(EFI_PHYSICAL_ADDRESS buf, UINTN size, UINT8 *sha1hash,
 		      UINT8 pcr);
-- 
cgit v1.2.3