From 708d7524790c962a5b49bcf8bc5556f4acda3d08 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Fri, 16 Sep 2022 23:57:26 +0200
Subject: boot: add new pcrphase tool to measure barrier strings into PCR 11

---
 catalog/systemd.catalog.in | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'catalog')

diff --git a/catalog/systemd.catalog.in b/catalog/systemd.catalog.in
index 8cd284c195..56307003f9 100644
--- a/catalog/systemd.catalog.in
+++ b/catalog/systemd.catalog.in
@@ -527,3 +527,15 @@ Support: %SUPPORT_URL%
 
 For the first time during the current boot an NTP synchronization has been
 acquired and the local system clock adjustment has been initiated.
+
+-- 3f7d5ef3e54f4302b4f0b143bb270cab
+Subject: TPM PCR Extended
+Defined-By: systemd
+Support: %SUPPORT_URL%
+
+The string '@MEASURING@' has been extended into Trusted Platform Module's (TPM)
+Platform Configuration Register (PCR) @PCR@, on banks @BANKS@.
+
+Whenever the system transitions to a new runtime phase, a different string is
+extended into the specified PCR, to ensure that security policies for TPM-bound
+secrets and other resources are limited to specific phases of the runtime.
-- 
cgit v1.2.1