tpm2-util: introduce tpm2_is_fully_supported()

diff --git a/src/analyze/analyze-pcrs.c b/src/analyze/analyze-pcrs.c
index 1c3da3fd8406a0e6e87530e731bd68ff7de071f2..0848f8e5b491d72f10a43766fc24596364830432 100644 (file)
--- a/src/analyze/analyze-pcrs.c
+++ b/src/analyze/analyze-pcrs.c
@@ -96,7 +96,7 @@ int verb_pcrs(int argc, char *argv[], void *userdata) {
         const char *alg = NULL;
         int r;
 
-        if (tpm2_support() != TPM2_SUPPORT_FULL)
+        if (!tpm2_is_fully_supported())
                 log_notice("System lacks full TPM2 support, not showing PCR state.");
         else {
                 r = get_pcr_alg(&alg);

diff --git a/src/boot/measure.c b/src/boot/measure.c
index 1af5fef720fcb35b1ea866f8705a6a67aa0ffeb7..36d42147a1f360fdd9bd594526dc5a044be1abb3 100644 (file)
--- a/src/boot/measure.c
+++ b/src/boot/measure.c
@@ -1005,7 +1005,7 @@ static int validate_stub(void) {
         bool found = false;
         int r;
 
-        if (tpm2_support() != TPM2_SUPPORT_FULL)
+        if (!tpm2_is_fully_supported())
                 return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Sorry, system lacks full TPM2 support.");
 
         r = efi_stub_get_features(&features);

diff --git a/src/pcrextend/pcrextend.c b/src/pcrextend/pcrextend.c
index 92f117c2cee78af96736e6a50f53d54c0c4662c9..1bf39caf43d154532c4ff9c54b6a391b2e91ede7 100644 (file)
--- a/src/pcrextend/pcrextend.c
+++ b/src/pcrextend/pcrextend.c
@@ -369,7 +369,7 @@ static int run(int argc, char *argv[]) {
                 event = TPM2_EVENT_PHASE;
         }
 
-        if (arg_graceful && tpm2_support() != TPM2_SUPPORT_FULL) {
+        if (arg_graceful && !tpm2_is_fully_supported()) {
                 log_notice("No complete TPM2 support detected, exiting gracefully.");
                 return EXIT_SUCCESS;
         }

diff --git a/src/shared/creds-util.c b/src/shared/creds-util.c
index 180ab560fa760718bbb18e2d8539ef19d3e3e1d4..8cd7c9d7c5067bb847ca4ef73b99adf210efb948 100644 (file)
--- a/src/shared/creds-util.c
+++ b/src/shared/creds-util.c
@@ -886,7 +886,7 @@ int encrypt_credential_and_warn(
                  * container tpm2_support will detect this, and will return a different flag combination of
                  * TPM2_SUPPORT_FULL, effectively skipping the use of TPM2 when inside one. */
 
-                try_tpm2 = tpm2_support() == TPM2_SUPPORT_FULL;
+                try_tpm2 = tpm2_is_fully_supported();
                 if (!try_tpm2)
                         log_debug("System lacks TPM2 support or running in a container, not attempting to use TPM2.");
         } else

diff --git a/src/shared/tpm2-util.h b/src/shared/tpm2-util.h
index 31ce2e89dbc119631e8e67f4fb49a188aa386043..e25c0661941b250962b23a5e8a4635960b0b18a0 100644 (file)
--- a/src/shared/tpm2-util.h
+++ b/src/shared/tpm2-util.h
@@ -462,6 +462,9 @@ typedef enum Tpm2Support {
 } Tpm2Support;
 
 Tpm2Support tpm2_support(void);
+static inline bool tpm2_is_fully_supported(void) {
+        return tpm2_support() == TPM2_SUPPORT_FULL;
+}
 
 int verb_has_tpm2_generic(bool quiet);
 

diff --git a/src/tpm2-setup/tpm2-setup.c b/src/tpm2-setup/tpm2-setup.c
index b95c5e7a581b99ad5fe2aa585bd26d1602cacd71..ee9d243d5ee49ce236f7f3d4da386944e5121be1 100644 (file)
--- a/src/tpm2-setup/tpm2-setup.c
+++ b/src/tpm2-setup/tpm2-setup.c
@@ -259,7 +259,7 @@ static int run(int argc, char *argv[]) {
         if (r <= 0)
                 return r;
 
-        if (arg_graceful && tpm2_support() != TPM2_SUPPORT_FULL) {
+        if (arg_graceful && !tpm2_is_fully_supported()) {
                 log_notice("No complete TPM2 support detected, exiting gracefully.");
                 return EXIT_SUCCESS;
         }