]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 3d32078) | patch
cryptenroll: do not combine pcrlock and signed PCR policies in TPM mode
authorLennart Poettering <lennart@poettering.net>
Thu, 2 May 2024 16:34:36 +0000 (18:34 +0200)
committerLennart Poettering <lennart@poettering.net>
Mon, 6 May 2024 14:15:11 +0000 (16:15 +0200)
commit27f42786fe2bcf9f4eba17d1869e69dcde6f9bda
treec80355c04d6507b2abb348809714490ca05307d9tree | snapshot
parent3d320785c4bbba74459096b07e85a79c4f0cdffbcommit | diff
cryptenroll: do not combine pcrlock and signed PCR policies in TPM mode

We currently do not support pcrlock policies and signed PCR policies in
combination. Hence, when we auto-discover both, let's disable signed PCR
policies if pcrlock is available too (simple because that covers more
ground).

Fixes: #32565
src/cryptenroll/cryptenroll-tpm2.c diff | blob | blame | history
src/cryptenroll/cryptenroll-tpm2.h diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.