summaryrefslogtreecommitdiffstats
path: root/src/tpm2-setup/tpm2-setup.c
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-25 02:54:52 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-25 02:54:52 +0000
commit51fac37bb20c9440a9a4e0a20846c139364d6d13 (patch)
tree77c11a0dffc2c15542689f3a51d12d5076c477e8 /src/tpm2-setup/tpm2-setup.c
parentAdding upstream version 255.4. (diff)
downloadsystemd-51fac37bb20c9440a9a4e0a20846c139364d6d13.tar.xz
systemd-51fac37bb20c9440a9a4e0a20846c139364d6d13.zip
Adding upstream version 255.5.upstream/255.5
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--src/tpm2-setup/tpm2-setup.c17
1 files changed, 15 insertions, 2 deletions
diff --git a/src/tpm2-setup/tpm2-setup.c b/src/tpm2-setup/tpm2-setup.c
index 0be7ffc..35628fc 100644
--- a/src/tpm2-setup/tpm2-setup.c
+++ b/src/tpm2-setup/tpm2-setup.c
@@ -18,6 +18,7 @@
static char *arg_tpm2_device = NULL;
static bool arg_early = false;
+static bool arg_graceful = false;
STATIC_DESTRUCTOR_REGISTER(arg_tpm2_device, freep);
@@ -43,6 +44,7 @@ static int help(int argc, char *argv[], void *userdata) {
" --tpm2-device=PATH\n"
" Pick TPM2 device\n"
" --early=BOOL Store SRK public key in /run/ rather than /var/lib/\n"
+ " --graceful Exit gracefully if no TPM2 device is found\n"
"\nSee the %2$s for details.\n",
program_invocation_short_name,
link,
@@ -59,6 +61,7 @@ static int parse_argv(int argc, char *argv[]) {
ARG_VERSION = 0x100,
ARG_TPM2_DEVICE,
ARG_EARLY,
+ ARG_GRACEFUL,
};
static const struct option options[] = {
@@ -66,6 +69,7 @@ static int parse_argv(int argc, char *argv[]) {
{ "version", no_argument, NULL, ARG_VERSION },
{ "tpm2-device", required_argument, NULL, ARG_TPM2_DEVICE },
{ "early", required_argument, NULL, ARG_EARLY },
+ { "graceful", no_argument, NULL, ARG_GRACEFUL },
{}
};
@@ -100,6 +104,10 @@ static int parse_argv(int argc, char *argv[]) {
arg_early = r;
break;
+ case ARG_GRACEFUL:
+ arg_graceful = true;
+ break;
+
case '?':
return -EINVAL;
@@ -204,9 +212,9 @@ static int load_public_key_tpm2(struct public_key_data *ret) {
assert(ret);
- r = tpm2_context_new(arg_tpm2_device, &c);
+ r = tpm2_context_new_or_warn(arg_tpm2_device, &c);
if (r < 0)
- return log_error_errno(r, "Failed to create TPM2 context: %m");
+ return r;
r = tpm2_get_or_create_srk(
c,
@@ -247,6 +255,11 @@ static int run(int argc, char *argv[]) {
if (r <= 0)
return r;
+ if (arg_graceful && tpm2_support() != TPM2_SUPPORT_FULL) {
+ log_notice("No complete TPM2 support detected, exiting gracefully.");
+ return EXIT_SUCCESS;
+ }
+
umask(0022);
_cleanup_(public_key_data_done) struct public_key_data runtime_key = {}, persistent_key = {}, tpm2_key = {};