From 2e9f607284c1b40f7b71200bf0043f461413dd9b Mon Sep 17 00:00:00 2001 From: Antonio Alvarez Feijoo Date: Thu, 26 Oct 2023 16:51:37 +0200 Subject: [PATCH] repart: do not ignore `tpm2-pcr-public-key.pem` If `--tpm2-public-key=` is not specified, but `tpm2-pcr-public-key.pem` exists in /{etc,run,usr/lib}/systemd/, it's being ignored. Fixes 9e437994 --- src/partition/repart.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/partition/repart.c b/src/partition/repart.c index a64ba292d7d..94c6d8e42cc 100644 --- a/src/partition/repart.c +++ b/src/partition/repart.c @@ -3781,7 +3781,7 @@ static int partition_encrypt(Context *context, Partition *p, PartitionTarget *ta r = tpm2_load_pcr_public_key(arg_tpm2_public_key, &pubkey, &pubkey_size); if (r < 0) { if (arg_tpm2_public_key || r != -ENOENT) - return log_error_errno(r, "Failed read TPM PCR public key: %m"); + return log_error_errno(r, "Failed to read TPM PCR public key: %m"); log_debug_errno(r, "Failed to read TPM2 PCR public key, proceeding without: %m"); arg_tpm2_public_key_pcr_mask = 0; @@ -6935,7 +6935,7 @@ static int parse_argv(int argc, char *argv[]) { return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "A path to an image file must be specified when --split is used."); - if (auto_public_key_pcr_mask && arg_tpm2_public_key) { + if (auto_public_key_pcr_mask) { assert(arg_tpm2_public_key_pcr_mask == 0); arg_tpm2_public_key_pcr_mask = INDEX_TO_MASK(uint32_t, TPM2_PCR_KERNEL_BOOT); } -- 2.47.3