From: Luca Boccassi Date: Wed, 8 Jul 2026 14:40:59 +0000 (+0100) Subject: creds: tolerate TPM2 seal failure in auto mode X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=19c08f2dfa38e970fc95ad25258c9bfba7dbf7ad;p=thirdparty%2Fsystemd.git creds: tolerate TPM2 seal failure in auto mode Automatic key modes tolerate a failed TPM2 sealing attempt and fall back to a host or null key. Do not consume TPM2 blob output in that case, tpm2_seal() leaves it empty on failure, so the fallback path should continue without TPM2 metadata. Follow-up for 9e4379945b74ee7920fe375be0bcb04d8ef53873 --- diff --git a/src/shared/creds-util.c b/src/shared/creds-util.c index 58207d4d002..09bbf6bca89 100644 --- a/src/shared/creds-util.c +++ b/src/shared/creds-util.c @@ -1032,17 +1032,17 @@ int encrypt_credential_and_warn( return log_error_errno(r, "Failed to seal to TPM2: %m"); log_notice_errno(r, "TPM2 sealing didn't work, continuing without TPM2: %m"); - } - - if (!iovec_memdup(&IOVEC_MAKE(tpm2_policy.buffer, tpm2_policy.size), &tpm2_policy_hash)) - return log_oom(); + } else { + if (!iovec_memdup(&IOVEC_MAKE(tpm2_policy.buffer, tpm2_policy.size), &tpm2_policy_hash)) + return log_oom(); - assert(n_blobs == 1); - tpm2_blob = TAKE_STRUCT(blobs[0]); + assert(n_blobs == 1); + tpm2_blob = TAKE_STRUCT(blobs[0]); - assert(tpm2_blob.iov_len <= CREDENTIAL_FIELD_SIZE_MAX); - assert(tpm2_policy_hash.iov_len <= CREDENTIAL_FIELD_SIZE_MAX); - assert(tpm2_srk.iov_len <= CREDENTIAL_FIELD_SIZE_MAX); + assert(tpm2_blob.iov_len <= CREDENTIAL_FIELD_SIZE_MAX); + assert(tpm2_policy_hash.iov_len <= CREDENTIAL_FIELD_SIZE_MAX); + assert(tpm2_srk.iov_len <= CREDENTIAL_FIELD_SIZE_MAX); + } } #endif