all suitable TPM2 devices currently discovered.</para></listitem>
</varlistentry>
+ <varlistentry>
+ <term><option>--graceful</option></term>
+
+ <listitem><para>If no TPM2 firmware, kernel subsystem, kernel driver or device support is found, exit
+ with exit status 0 (i.e. indicate success). If this is not specified any attempt to measure without a
+ TPM2 device will cause the invocation to fail.</para></listitem>
+ </varlistentry>
+
<xi:include href="standard-options.xml" xpointer="help" />
<xi:include href="standard-options.xml" xpointer="version" />
#include "tpm-pcr.h"
#include "tpm2-util.h"
+static bool arg_graceful = false;
static char *arg_tpm2_device = NULL;
static char **arg_banks = NULL;
" --version Print version\n"
" --bank=DIGEST Select TPM bank (SHA1, SHA256)\n"
" --tpm2-device=PATH Use specified TPM2 device\n"
+ " --graceful Exit gracefully if no TPM2 device is found\n"
"\nSee the %2$s for details.\n",
program_invocation_short_name,
link,
ARG_VERSION = 0x100,
ARG_BANK,
ARG_TPM2_DEVICE,
+ ARG_GRACEFUL,
};
static const struct option options[] = {
{ "version", no_argument, NULL, ARG_VERSION },
{ "bank", required_argument, NULL, ARG_BANK },
{ "tpm2-device", required_argument, NULL, ARG_TPM2_DEVICE },
+ { "graceful", no_argument, NULL, ARG_GRACEFUL },
{}
};
break;
}
+ case ARG_GRACEFUL:
+ arg_graceful = true;
+ break;
+
case '?':
return -EINVAL;
if (isempty(word))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "String to measure cannot be empty, refusing.");
+ if (arg_graceful && tpm2_support() != TPM2_SUPPORT_FULL) {
+ log_notice("No complete TPM2 support detected, exiting gracefully.");
+ return EXIT_SUCCESS;
+ }
+
length = strlen(word);
int b = getenv_bool("SYSTEMD_PCRPHASE_STUB_VERIFY");
projects / thirdparty / systemd.git / commitdiff
