From eb81249e8a311e78310acbe92245c2ec8d72370c Mon Sep 17 00:00:00 2001 From: Lennart Poettering Date: Tue, 19 Apr 2022 15:08:23 +0200 Subject: [PATCH] man: document new has-tpm2 verb --- man/systemd-creds.xml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/man/systemd-creds.xml b/man/systemd-creds.xml index d3c0295d64c..2d6a4fd5772 100644 --- a/man/systemd-creds.xml +++ b/man/systemd-creds.xml @@ -163,6 +163,20 @@ and thus decryption is entirely automatic. + + has-tpm2 + + Reports whether the system is equipped with a TPM2 device usable for protecting + credentials. If the a TPM2 device has been discovered, is supported, and is being used by firmware, + by the OS kernel drivers and by userspace (i.e. systemd) this prints yes and exits + with exit status zero. If no such device is discovered/supported/used, prints + no. Otherwise prints partial. In either of these two cases + exits with non-zero exit status. It also shows three lines indicating separately whether drivers, + firmware and the system discovered/support/use TPM2. + + Combine with to suppress the output. + + @@ -305,6 +319,14 @@ systemd-cryptenroll1. + + + + + When used with has-tpm2 suppresses the output, and only returns an + exit status indicating support for TPM2. + + @@ -315,6 +337,12 @@ Exit status On success, 0 is returned. + + In case of the has-tpm2 command returns 0 if a TPM2 device is discovered, + supported and used by firmware, driver, and userspace (i.e. systemd). Otherwise returns the OR + combination of the value 1 (in case firmware support is missing), 2 (in case driver support is missing) + and 4 (in case userspace support is missing). If no TPM2 support is available at all, value 7 is hence + returned. -- 2.47.3