Add support for systemd-tpm2 libcryptsetup plugin.

Add support for systemd-tpm2 based LUKS2 device activation via libcryptsetup plugin. This make the feature (tpm2 sealed LUKS2 keyslot passphrase) usable from both systemd utilities and cryptsetup cli. The feature is configured via -Dlibcryptsetup-plugins combo with default value set to 'auto'. It get's enabled automatically when cryptsetup 2.4.0 or later is installed in build system.
author: Ondrej Kozina <okozina@redhat.com> 2021-03-16 20:13:28 +0100
committer: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> 2021-07-26 15:15:16 +0200
commit: d1ae38d85ae458ba8126465d25789e2721a75dba (patch)
tree: 6a94b4a55181e4577d1c0781a7a5c0342d5296d8 /src/shared/tpm2-util.h
parent: c5a421b3b9d94b3a6736ac61aa5b085e66f2f76a (diff)
download: systemd-d1ae38d85ae458ba8126465d25789e2721a75dba.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/src/shared/tpm2-util.h b/src/shared/tpm2-util.h
index 82cd186e11..9f60fef083 100644
--- a/src/shared/tpm2-util.h
+++ b/src/shared/tpm2-util.h
@@ -49,3 +49,8 @@ int tpm2_make_luks2_json(int keyslot, uint32_t pcr_mask, const void *blob, size_
 
 /* Default to PCR 7 only */
 #define TPM2_PCR_MASK_DEFAULT (UINT32_C(1) << 7)
+
+typedef struct {
+        uint32_t search_pcr_mask;
+        const char *device;
+} systemd_tpm2_plugin_params;
author	Ondrej Kozina <okozina@redhat.com>	2021-03-16 20:13:28 +0100
committer	Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>	2021-07-26 15:15:16 +0200
commit	d1ae38d85ae458ba8126465d25789e2721a75dba (patch)
tree	6a94b4a55181e4577d1c0781a7a5c0342d5296d8 /src/shared/tpm2-util.h
parent	c5a421b3b9d94b3a6736ac61aa5b085e66f2f76a (diff)
download	systemd-d1ae38d85ae458ba8126465d25789e2721a75dba.tar.gz