git.ipfire.org Git - thirdparty/systemd.git/commit

]> git.ipfire.org Git - thirdparty/systemd.git/commit

projects / thirdparty / systemd.git / commit

author	Lennart Poettering <lennart@amutable.com>
	Mon, 9 Mar 2026 12:06:58 +0000 (13:06 +0100)
committer	Lennart Poettering <lennart@amutable.com>
	Thu, 26 Mar 2026 15:11:34 +0000 (16:11 +0100)
commit	056c21aaebce6f7fd83ffe6a1784ff2692dc8744
tree	c0ed33bf2d769dd5b97d7631bcf81c7c4e0a9f5f	tree \| snapshot
parent	6718ba1769184d3e7ebe06801d44d55e30e92ac8	commit \| diff

tpm2: add "systemd-tpm2-swtpm" wrapper for "swtpm"

For TPM-less systems it's sometimes valuable to have a fill-in software
TPM running from early boot on, so that TPM-based functionality can
"just work" and rely on TPM semantics, even if it's at a substantially
weaker security level.

This adds a wrapper around swtpm. It's a binary that chainloads swtpm
but does a few preparatory steps and integrates into systemd's logic
otherwise.

All this is then exposed as systemd-tpm2-swtpm.service.

The service is not hooked into much yet, that is added in later commits.

12 files changed:

man/rules/meson.build		diff \| blob \| blame \| history
man/systemd-tpm2-swtpm.service.xml	[new file with mode: 0644]	blob
mkosi/mkosi.conf		diff \| blob \| blame \| history
mkosi/mkosi.conf.d/centos-fedora/mkosi.conf		diff \| blob \| blame \| history
mkosi/mkosi.conf.d/debian-ubuntu/mkosi.conf		diff \| blob \| blame \| history
mkosi/mkosi.initrd.conf/mkosi.conf		diff \| blob \| blame \| history
mkosi/mkosi.initrd.conf/mkosi.conf.d/centos-fedora.conf		diff \| blob \| blame \| history
mkosi/mkosi.initrd.conf/mkosi.conf.d/debian-ubuntu.conf		diff \| blob \| blame \| history
src/tpm2-setup/meson.build		diff \| blob \| blame \| history
src/tpm2-setup/tpm2-swtpm.c	[new file with mode: 0644]	blob
units/meson.build		diff \| blob \| blame \| history
units/systemd-tpm2-swtpm.service.in	[new file with mode: 0644]	blob

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom