shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-01 09:21:26 +03:00
Code

cryptsetup: don't bother waiting for TPM2 devices if we are on EFI and EFI says there is no TPM2 device

Browse Source 
Note that this means EFI-systems with a manually added TPM device won't
be supported automatically, but given that the TPM2 trust model kinda
requires firmware support I doubt it matters supporting this. And in all
other cases it speeds things up a bit.
This commit is contained in:
Lennart Poettering 2021-06-01 16:35:13 +02:00
parent cad105442d
commit 71b25deae3
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/cryptsetup/cryptsetup.c
View File

@ -17,6 +17,7 @@
#include "cryptsetup-tpm2.h" #include "cryptsetup-tpm2.h"
#include "cryptsetup-util.h" #include "cryptsetup-util.h"
#include "device-util.h" #include "device-util.h"
#include "efi-loader.h"
#include "escape.h" #include "escape.h"
#include "fileio.h" #include "fileio.h"
#include "fs-util.h" #include "fs-util.h"
@ -1136,6 +1137,10 @@ static int attach_luks_or_plain_or_bitlk_by_tpm2(
assert(!event); assert(!event);
if (is_efi_boot() && !efi_has_tpm2())
return log_notice_errno(SYNTHETIC_ERRNO(EAGAIN),
"No TPM2 hardware discovered and EFI bios indicates no support for it either, assuming TPM2-less system, falling back to traditional unocking.");
r = sd_event_default(&event); r = sd_event_default(&event);
if (r < 0) if (r < 0)
return log_error_errno(r, "Failed to allocate event loop: %m"); return log_error_errno(r, "Failed to allocate event loop: %m");