On 9/17/24 11:05 PM, Gary Lin wrote:
On Mon, Sep 16, 2024 at 01:42:18PM -0400, Stefan Berger wrote:
tests/asn1/tests/Test_overflow.c: In function ‘test_overflow’:
tests/asn1/tests/Test_overflow.c:48:50: error: left shift of negative
value
[-Werror=shift-negative-value]
48 | unsigned long num = ((long) GRUB_UINT_MAX) << 2;
| ^~
cc1: all warnings being treated as errors
It's the cast to 'long' that this gcc complains about. If I remove
the cast
then it works.
Urgh, the cast looks wrong. I'll remove the cast.
While I am trying things out...
grub-protect should display an error message when it cannot find
--tpm2-keyfile. It exits with status code 5 but an error message is
missing.
I also seem to have an issue with --tpm2key parameter passed to
grub-protect per the documentation but then grub using
'tpm2_key_protector_init --keyfile=(hd0,gpt1)/boot/grub2/sealed.tp'
complains about the TPM wire format not being correct. I had to omit
this parameter from grub-protect for the key to be unmarshall'able. I
also haven't looked whether there's a parameter to
tpm2_key_protectore_init to hint at the different key format. Ideally it
would figure this out by itself or there was only one format...
ppc64 runs grub in big endian mode, so there may be some issues due to
that -- with bitfields for sure: Currently trying to figure out how it
is unmarshalling the PCR selection (not a bitfield). When sealing to pcr
0 it marshalled 0x01 0x00 0x00, which is correct but when unmarshalling
it is unmarshalls 0x80 0x00 0x00 - odd.