8 Apr
2024
8 Apr
'24
20:07
On 2024-04-08 17:30, Andrei Borzenkov wrote:
On 08.04.2024 09:16, Ludwig Nussel wrote:
Andrei Borzenkov wrote:
Any pointers how I can reinitialize whatever is needed to be reinitialized so automatic unlocking works again?
# pcrlock remove-policy # systemd-cryptenroll --wipe=tpm2 /dev/yourdev # sdbootutil update-predictions # systemd-cryptenroll --tpm2-device=auto /dev/yourdev
Yes, that works. Thank you!
That lock one NVIndex slot in the TPM2. After the wipe I would do a `tpm2_clear` to free it.