From b7f051c91db90d909f77266a42c54b3a768c8e0c Mon Sep 17 00:00:00 2001 From: Yu Watanabe Date: Thu, 19 Sep 2024 05:25:37 +0900 Subject: tpm2-util: introduce tpm2_is_fully_supported() --- src/analyze/analyze-pcrs.c | 2 +- src/boot/measure.c | 2 +- src/pcrextend/pcrextend.c | 2 +- src/shared/creds-util.c | 2 +- src/shared/tpm2-util.h | 3 +++ src/tpm2-setup/tpm2-setup.c | 2 +- 6 files changed, 8 insertions(+), 5 deletions(-) (limited to 'src') diff --git a/src/analyze/analyze-pcrs.c b/src/analyze/analyze-pcrs.c index 1c3da3fd84..0848f8e5b4 100644 --- a/src/analyze/analyze-pcrs.c +++ b/src/analyze/analyze-pcrs.c @@ -96,7 +96,7 @@ int verb_pcrs(int argc, char *argv[], void *userdata) { const char *alg = NULL; int r; - if (tpm2_support() != TPM2_SUPPORT_FULL) + if (!tpm2_is_fully_supported()) log_notice("System lacks full TPM2 support, not showing PCR state."); else { r = get_pcr_alg(&alg); diff --git a/src/boot/measure.c b/src/boot/measure.c index 1af5fef720..36d42147a1 100644 --- a/src/boot/measure.c +++ b/src/boot/measure.c @@ -1005,7 +1005,7 @@ static int validate_stub(void) { bool found = false; int r; - if (tpm2_support() != TPM2_SUPPORT_FULL) + if (!tpm2_is_fully_supported()) return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Sorry, system lacks full TPM2 support."); r = efi_stub_get_features(&features); diff --git a/src/pcrextend/pcrextend.c b/src/pcrextend/pcrextend.c index 92f117c2ce..1bf39caf43 100644 --- a/src/pcrextend/pcrextend.c +++ b/src/pcrextend/pcrextend.c @@ -369,7 +369,7 @@ static int run(int argc, char *argv[]) { event = TPM2_EVENT_PHASE; } - if (arg_graceful && tpm2_support() != TPM2_SUPPORT_FULL) { + if (arg_graceful && !tpm2_is_fully_supported()) { log_notice("No complete TPM2 support detected, exiting gracefully."); return EXIT_SUCCESS; } diff --git a/src/shared/creds-util.c b/src/shared/creds-util.c index 180ab560fa..8cd7c9d7c5 100644 --- a/src/shared/creds-util.c +++ b/src/shared/creds-util.c @@ -886,7 +886,7 @@ int encrypt_credential_and_warn( * container tpm2_support will detect this, and will return a different flag combination of * TPM2_SUPPORT_FULL, effectively skipping the use of TPM2 when inside one. */ - try_tpm2 = tpm2_support() == TPM2_SUPPORT_FULL; + try_tpm2 = tpm2_is_fully_supported(); if (!try_tpm2) log_debug("System lacks TPM2 support or running in a container, not attempting to use TPM2."); } else diff --git a/src/shared/tpm2-util.h b/src/shared/tpm2-util.h index 31ce2e89db..e25c066194 100644 --- a/src/shared/tpm2-util.h +++ b/src/shared/tpm2-util.h @@ -462,6 +462,9 @@ typedef enum Tpm2Support { } Tpm2Support; Tpm2Support tpm2_support(void); +static inline bool tpm2_is_fully_supported(void) { + return tpm2_support() == TPM2_SUPPORT_FULL; +} int verb_has_tpm2_generic(bool quiet); diff --git a/src/tpm2-setup/tpm2-setup.c b/src/tpm2-setup/tpm2-setup.c index b95c5e7a58..ee9d243d5e 100644 --- a/src/tpm2-setup/tpm2-setup.c +++ b/src/tpm2-setup/tpm2-setup.c @@ -259,7 +259,7 @@ static int run(int argc, char *argv[]) { if (r <= 0) return r; - if (arg_graceful && tpm2_support() != TPM2_SUPPORT_FULL) { + if (arg_graceful && !tpm2_is_fully_supported()) { log_notice("No complete TPM2 support detected, exiting gracefully."); return EXIT_SUCCESS; } -- cgit v1.2.3