| #!/bin/sh |
| # Copyright 2020 The Chromium OS Authors. All rights reserved. |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| |
| bootstat lockbox-cache-start |
| umask 022 |
| mkdir -p -m 0711 "${LOCKBOX_CACHE_DIR}" |
| |
| # If we are using TPM2.0 simulator, use tpm_manager to read the NV space. |
| if initctl status trunksd; then |
| /usr/bin/gdbus wait --system -t 15 org.chromium.TpmManager |
| tpm_manager_client read_space --index=0x800004 \ |
| --file="${LOCKBOX_NVRAM_FILE}" |
| # If the nvram file is not empty |
| if [ -s "${LOCKBOX_NVRAM_FILE}" ]; then |
| bootstat lockbox-cache-exec |
| lockbox-cache --cache="${INSTALL_ATTRS_CACHE}" \ |
| --nvram="${LOCKBOX_NVRAM_FILE}" \ |
| --lockbox="${INSTALL_ATTRS_FILE}" |
| fi |
| # There are no other consumers; remove the nvram data |
| rm "${LOCKBOX_NVRAM_FILE}" |
| # In other cases, pretend like lockbox is supported. |
| else |
| cp "${INSTALL_ATTRS_FILE}" "${INSTALL_ATTRS_CACHE}" |
| fi |
| |
| bootstat lockbox-cache-end |
