]> git.ipfire.org Git - thirdparty/systemd.git/commit
projects / thirdparty / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 7c27f9f) | patch
units: make use of nvpcrs only after the NV anchor completion measurement is done
authorLennart Poettering <lennart@amutable.com>
Thu, 26 Mar 2026 10:16:10 +0000 (11:16 +0100)
committerLennart Poettering <lennart@amutable.com>
Thu, 26 Mar 2026 15:11:34 +0000 (16:11 +0100)
commiteaeeae6598fe44b14f827e834cb918e3c31b47fc
tree9556ba0e97bfbf124a27a21d368163f97369e3b4tree | snapshot
parent7c27f9f59455b199e12976c76b28b708c525b55ccommit | diff
units: make use of nvpcrs only after the NV anchor completion measurement is done

This makes sure we don't use the "hardware" or "verity" nvpcrs before
the NV anchor measurement is done.

This is mostly to avoid confusing output, and to indirectly ensure the
nvpcr allocation in tpm2-setup is the load bearing one, but it should
not be load bearing for security afaics.
units/systemd-pcrnvdone.service.in diff | blob | blame | history
units/systemd-pcrproduct.service.in diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.