tpm2-util: drop support for creating TPM2 trial sessions

This is unused these days, we instead calculate policy hashes ourselves and do not need trial sessions for that anymore. Given how unreliable they are in actual TPMs, we don't want to use them anyway, so I don't think we ever want to readd this. hence, let's drop this unused feature.
2024-07-22 10:44:58 +00:00 · 2023-09-07 12:11:10 +02:00 · 2023-09-07 12:11:10 +02:00 · 4bba26aea6
parent b7801869d7
commit 4bba26aea6
1 changed files with 1 additions and 4 deletions
--- a/src/shared/tpm2-util.c
+++ b/src/shared/tpm2-util.c
@ -2880,10 +2880,8 @@ static int tpm2_make_policy_session(
                Tpm2Context *c,
                const Tpm2Handle *primary,
                const Tpm2Handle *encryption_session,
-                bool trial,
                Tpm2Handle **ret_session) {

-        TPM2_SE session_type = trial ? TPM2_SE_TRIAL : TPM2_SE_POLICY;
        TSS2_RC rc;
        int r;

@ -2911,7 +2909,7 @@ static int tpm2_make_policy_session(
                        ESYS_TR_NONE,
                        ESYS_TR_NONE,
                        NULL,
-                        session_type,
+                        TPM2_SE_POLICY,
                        &SESSION_TEMPLATE_SYM_AES_128_CFB,
                        TPM2_ALG_SHA256,
                        &session->esys_handle);
@ -4112,7 +4110,6 @@ int tpm2_unseal(const char *device,
                                c,
                                primary_handle,
                                encryption_session,
-                                /* trial= */ false,
                                &policy_session);
                if (r < 0)
                        return r;