Set/ Clear TPMA_PERMANENT.disableClear attribute to effectively block/ unblock lockout authorization handle for issuing TPM clear.
**tpm2_clear**(1) - Send a clear command to the TPM to clear the 3 hierarchy authorization values. authorization values. As an argument takes the auth value for either platform or lockout hierarchy **NOTE**: All objects created under the respective hierarchies are lost. @@ -25,13 +26...
static int do_tpm2_clear(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { u32 handle = 0; const char *pw = (argc < 3) ? NULL : argv[2]; const ssize_t pw_sz = pw ? strlen(pw) : 0;if (argc < 2 || argc > 3) return CMD_RET_USAGE;...
A FAPI command for TPM2_Clear is currently not available. This would be required to perform a TPM2_Clear operation in synchronization with the FAPI key store. The execution of the ESAPI command for TPM2_Clear currently renders the content of the FAPI key store invalid without notification. ...