From: Lennart Poettering <lennart@amutable.com>
Date: Thu, 26 Mar 2026 10:16:10 +0000 (+0100)
Subject: units: make use of nvpcrs only after the NV anchor completion measurement is done
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=eaeeae6598fe44b14f827e834cb918e3c31b47fc;p=thirdparty%2Fsystemd.git

units: make use of nvpcrs only after the NV anchor completion measurement is done

This makes sure we don't use the "hardware" or "verity" nvpcrs before
the NV anchor measurement is done.

This is mostly to avoid confusing output, and to indirectly ensure the
nvpcr allocation in tpm2-setup is the load bearing one, but it should
not be load bearing for security afaics.
---

diff --git a/units/systemd-pcrnvdone.service.in b/units/systemd-pcrnvdone.service.in
index 7593dedfed1..bbd0e66e605 100644
--- a/units/systemd-pcrnvdone.service.in
+++ b/units/systemd-pcrnvdone.service.in
@@ -13,7 +13,7 @@ Documentation=man:systemd-pcrnvdone.service(8)
 DefaultDependencies=no
 Conflicts=shutdown.target
 After=systemd-tpm2-setup-early.service systemd-tpm2-setup.service
-Before=sysinit.target shutdown.target
+Before=sysinit.target cryptsetup-pre.target cryptsetup.target shutdown.target
 ConditionSecurity=measured-os
 ConditionPathExists=!/etc/initrd-release
 FailureAction=reboot-force
diff --git a/units/systemd-pcrproduct.service.in b/units/systemd-pcrproduct.service.in
index 2562dea18fe..1b121416a94 100644
--- a/units/systemd-pcrproduct.service.in
+++ b/units/systemd-pcrproduct.service.in
@@ -12,7 +12,7 @@ Description=TPM NvPCR Product ID Measurement
 Documentation=man:systemd-pcrproduct.service(8)
 DefaultDependencies=no
 Conflicts=shutdown.target
-After=tpm2.target
+After=tpm2.target systemd-pcrnvdone.service
 Before=sysinit.target shutdown.target
 RequiresMountsFor=/var/lib/systemd/nvpcr
 ConditionPathExists=!/etc/initrd-release