efi-loader: add efi_has_tpm2() helper

The helper checks if the UEFI firmware is hooked up to a TPM2 chip. This is useful to know in trusted boot scenarios, in particular during early boot in auto-enroll scenarios where we want to know whether TPM2 is available or not, and the Linux drivers are not loaded yet, and where it might or not be worth waiting for it.
author: Lennart Poettering <lennart@poettering.net> 2021-02-11 23:10:07 +0100
committer: Lennart Poettering <lennart@poettering.net> 2021-02-11 23:10:07 +0100
commit: d0ddaf587f23f68c9c34bd88b272d63ca098dd0d (patch)
tree: a87d5fe8f07dcc77618c01fd42464eb76e8d9bcd /src/shared/efi-loader.h
parent: 5b4c163002be61e240b1622a64917aee1793c00a (diff)
download: systemd-d0ddaf587f23f68c9c34bd88b272d63ca098dd0d.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/src/shared/efi-loader.h b/src/shared/efi-loader.h
index 7621794736..bc5769bb6b 100644
--- a/src/shared/efi-loader.h
+++ b/src/shared/efi-loader.h
@@ -29,6 +29,8 @@ int efi_loader_get_features(uint64_t *ret);
 int efi_loader_get_config_timeout_one_shot(usec_t *ret);
 int efi_loader_update_entry_one_shot_cache(char **cache, struct stat *cache_stat);
 
+bool efi_has_tpm2(void);
+
 #else
 
 static inline int efi_reboot_to_firmware_supported(void) {
@@ -91,6 +93,10 @@ static inline int efi_loader_update_entry_one_shot_cache(char **cache, struct st
         return -EOPNOTSUPP;
 }
 
+static inline bool efi_has_tpm2(void) {
+        return false;
+}
+
 #endif
 
 bool efi_loader_entry_name_valid(const char *s);
author	Lennart Poettering <lennart@poettering.net>	2021-02-11 23:10:07 +0100
committer	Lennart Poettering <lennart@poettering.net>	2021-02-11 23:10:07 +0100
commit	d0ddaf587f23f68c9c34bd88b272d63ca098dd0d (patch)
tree	a87d5fe8f07dcc77618c01fd42464eb76e8d9bcd /src/shared/efi-loader.h
parent	5b4c163002be61e240b1622a64917aee1793c00a (diff)
download	systemd-d0ddaf587f23f68c9c34bd88b272d63ca098dd0d.tar.gz