when the VM shuts down. This mode is not suitable for VMs which lock disk encryption keys to the
TPM, as these keys will be lost on every reboot. Defaults to <literal>auto</literal>.</para>
+ <para>If <option>--ephemeral</option> is specified, <literal>auto</literal> behaves like
+ <literal>off</literal>.</para>
+
<xi:include href="version-info.xml" xpointer="v258"/></listitem>
</varlistentry>
typedef enum TpmStateMode {
TPM_STATE_OFF, /* keep no state around */
- TPM_STATE_AUTO, /* keep state around, derive path from image/directory */
+ TPM_STATE_AUTO, /* keep state around if not ephemeral, derive path from image/directory */
TPM_STATE_PATH, /* explicitly specified location */
_TPM_STATE_MODE_MAX,
_TPM_STATE_MODE_INVALID = -EINVAL,
_cleanup_free_ char *swtpm = NULL;
if (arg_tpm != 0) {
- if (arg_tpm_state_mode == TPM_STATE_AUTO) {
+ if (arg_tpm_state_mode == TPM_STATE_AUTO && !arg_ephemeral) {
assert(!arg_tpm_state_path);
const char *p = ASSERT_PTR(arg_image ?: arg_directory);
projects / thirdparty / systemd.git / commitdiff
