From 60d9aa4d5a54d1ef7e2878299f2c78a3ace3a4ce Mon Sep 17 00:00:00 2001
From: Thierry Laurion <insurgo@riseup.net>
Date: Thu, 25 Apr 2024 20:23:28 -0400
Subject: [PATCH] tpmr: remove warning "Warn: check public portion of the
 tpmkey manually"

Discussed under https://github.com/linuxboot/heads/pull/1630#issuecomment-2075120429

TODO added in code.

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
---
 initrd/bin/tpmr | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/initrd/bin/tpmr b/initrd/bin/tpmr
index 630454e17..a740d4a03 100755
--- a/initrd/bin/tpmr
+++ b/initrd/bin/tpmr
@@ -347,8 +347,10 @@ tpm2_startsession() {
 		--saved-session ||
 		die "tpm2_flushcontext: unable to flush saved session"
 	tpm2 readpublic -Q -c "$PRIMARY_HANDLE" -t "$PRIMARY_HANDLE_FILE"
-	tpm2 startauthsession -Q -c "$PRIMARY_HANDLE_FILE" --hmac-session -S "$ENC_SESSION_FILE"
-	tpm2 startauthsession -Q -c "$PRIMARY_HANDLE_FILE" --hmac-session -S "$DEC_SESSION_FILE"
+	#TODO: do the right thing to not have to suppress "WARN: check public portion the tpmkey manually" see https://github.com/linuxboot/heads/pull/1630#issuecomment-2075120429
+	tpm2 startauthsession -Q -c "$PRIMARY_HANDLE_FILE" --hmac-session -S "$ENC_SESSION_FILE" 2>&1 > /dev/null
+	#TODO: do the right thing to not have to suppress "WARN: check public portion the tpmkey manually" see https://github.com/linuxboot/heads/pull/1630#issuecomment-2075120429
+	tpm2 startauthsession -Q -c "$PRIMARY_HANDLE_FILE" --hmac-session -S "$DEC_SESSION_FILE" 2>&1 > /dev/null
 	tpm2 sessionconfig -Q --disable-encrypt "$DEC_SESSION_FILE"
 }