Merge pull request #43 from hallyn/2023-09-01/tmpfix

Fix wrong pcr7 values
project-machine · Sep 1, 2023 · 40292ca · 40292ca
2 parents 8ed7b64 + 80c7a93
commit 40292ca
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 7 deletions.
diff --git a/layers/build-krd/dracut/soci/soci-settled.sh b/layers/build-krd/dracut/soci/soci-settled.sh
@@ -228,8 +228,11 @@ soci_udev_settled() {
                soci_info "Preinstall completed"
                ;;
             provision)
+               if [ ! -f /pcr7.bin ]; then
+                   soci_log_run tpm2_pcrread sha256:7 -o /pcr7.bin > /pcr7.out
+               fi
                if [ ! -f /sysroot/pcr7.bin ]; then
-                   soci_log_run tpm2_pcrread sha256:7 -o /sysroot/pcr7.bin > /sysroot/pcr7.out
+                   soci_log_run cp /pcr7.bin /sysroot/
                fi
                soci_log_run tpm2_pcrextend "7:sha256=b7135cbb321a66fa848b07288bd008b89bd5b7496c4569c5e1a4efd5f7c8e0a7"
                soci_info "PCR7 has been extended.  Ready to provision."

diff --git a/pkg/cert/cert.go b/pkg/cert/cert.go
@@ -80,12 +80,7 @@ func LoadSignatureDataDir(dirPath string) (*efi.SignatureData, error) {
 		return nil, err
 	}
 
-	owner, err := GUIDFromFile(filepath.Join(dirPath, "guid"))
-	if err != nil {
-		return nil, err
-	}
-
-	return &efi.SignatureData{Owner: owner, Data: cert.Raw}, nil
+	return &efi.SignatureData{Owner: efi.GUID{}, Data: cert.Raw}, nil
 }
 
 func LoadSignatureDataDirs(dirPaths ...string) ([]*efi.SignatureData, error) {