provider does load load if TPM has not been started #149
Description
When testing with swtpm (at least, I assume a hardware device has the same requirements), the tpm2-openssl provider will not load if the TPM has not been started:
%ruby sample/provider.rb
WARNING:esys:src/tss2-esys/api/Esys_GetCapability.c:303:Esys_GetCapability_Finish() Received TPM Error
ERROR:esys:src/tss2-esys/api/Esys_GetCapability.c:107:Esys_GetCapability() Esys Finish ErrorCode (0x00000101)
sample/provider.rb:18:in `load': Failed to load tpm2 provider: init fail (name=tpm2) (OpenSSL::Provider::ProviderError)
this error is incomprehensible. Only a search that led to: stefanberger/swtpm#980 revealed the issue.
Adding --flags startup-clear (which implies not-need-init) solves this.
Should tpm2-openssl issue the start command?
Is there an issue with shutting the TPM down? Would something need to do a reference count?
Is abrmd already do that? Maybe the kernel driver also knows to do this.
See also: stefanberger/swtpm#1049