Skip to content

Checking for TPM version. TPM2 < 1.38 will not be supported.#1324

Merged
schubi2 merged 3 commits into
masterfrom
tpm_check
Oct 23, 2025
Merged

Checking for TPM version. TPM2 < 1.38 will not be supported.#1324
schubi2 merged 3 commits into
masterfrom
tpm_check

Conversation

@schubi2

@schubi2 schubi2 commented Sep 30, 2025

Copy link
Copy Markdown
Member

Problem

systemd-pcrlock is using PolicyAuthorizeNV to store the policy inside
the TPM2's non volatile RAM. This feature is supported after TPM2 1.38
revision, and without it systemd-pcrlock will fail. These PR checks
for version > 1.38 (bsc#1250403)
tpm_fde is not affected because it is using it's own tool to recognize TPM.

Solution

Checking for version > 1.38

Testing

  • Added a new unit test
  • Tested manually

@coveralls

coveralls commented Sep 30, 2025

Copy link
Copy Markdown

Coverage Status

coverage: 41.883% (+0.004%) from 41.879%
when pulling ddbf10f on tpm_check
into 1f6d1d4 on master.

@schubi2 schubi2 changed the title Checking for TPM version. TPM2 < 1.38 will not be supported. (WIP) Checking for TPM version. TPM2 < 1.38 will not be supported. Oct 1, 2025
Comment thread package/yast2.changes
@schubi2 schubi2 merged commit 94119f8 into master Oct 23, 2025
12 checks passed
@schubi2 schubi2 deleted the tpm_check branch October 23, 2025 07:32
@github-actions

Copy link
Copy Markdown

✅ Autosubmission job #18740996946 successfully finished
✅ Created submit request #1313158

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants