- bookworm 252.30-1~deb12u2
- bookworm-backports 254.16-1~bpo12+1
- testing 256.7-2
- unstable 256.7-2
SYSTEMD-PCRPHASE.SERVICE(8) | systemd-pcrphase.service | SYSTEMD-PCRPHASE.SERVICE(8) |
NAME¶
systemd-pcrphase.service, systemd-pcrphase-sysinit.service, systemd-pcrphase-initrd.service, systemd-pcrmachine.service, systemd-pcrfs-root.service, systemd-pcrfs@.service, systemd-pcrextend - Measure boot phase into TPM2 PCR 11, machine ID and file system identity into PCR 15
SYNOPSIS¶
systemd-pcrphase.service
systemd-pcrphase-sysinit.service
systemd-pcrphase-initrd.service
systemd-pcrmachine.service
systemd-pcrfs-root.service
systemd-pcrfs@.service
/usr/lib/systemd/systemd-pcrextend [STRING]
DESCRIPTION¶
systemd-pcrphase.service, systemd-pcrphase-sysinit.service, and systemd-pcrphase-initrd.service are system services that measure specific strings into TPM2 PCR 11 during boot at various milestones of the boot process.
systemd-pcrmachine.service is a system service that measures the machine ID (see machine-id(5)) into PCR 15.
systemd-pcrfs-root.service and systemd-pcrfs@.service are services that measure file system identity information (i.e. mount point, file system type, label and UUID, partition label and UUID) into PCR 15. systemd-pcrfs-root.service does so for the root file system, systemd-pcrfs@.service is a template unit that measures the file system indicated by its instance identifier instead.
These services require systemd-stub(7) to be used in a unified kernel image (UKI). They execute no operation when the stub has not been used to invoke the kernel. The stub will measure the invoked kernel and associated vendor resources into PCR 11 before handing control to it; once userspace is invoked these services then will extend TPM2 PCR 11 with certain literal strings indicating phases of the boot process. During a regular boot process PCR 11 is extended with the following strings:
During a regular system lifecycle, PCR 11 is extended with the strings "enter-initrd", "leave-initrd", "sysinit", "ready", "shutdown", and "final".
Specific phases of the boot process may be referenced via the series of strings measured, separated by colons (the "phase path"). For example, the phase path for the regular system runtime is "enter-initrd:leave-initrd:sysinit:ready", while the one for the initrd is just "enter-initrd". The phase path for the boot phase before the initrd is an empty string; because that's hard to pass around a single colon (":") may be used instead. Note that the aforementioned six strings are just the default strings and individual systems might measure other strings at other times, and thus implement different and more fine-grained boot phases to bind policy to.
By binding policy of TPM2 objects to a specific phase path it is possible to restrict access to them to specific phases of the boot process, for example making it impossible to access the root file system's encryption key after the system transitioned from the initrd into the host root file system.
Use systemd-measure(1) to pre-calculate expected PCR 11 values for specific boot phases (via the --phase= switch).
systemd-pcrfs-root.service and systemd-pcrfs@.service are automatically pulled into the initial transaction by systemd-gpt-auto-generator(8) for the root and /var/ file systems. systemd-fstab-generator(8) will do this for all mounts with the x-systemd.pcrfs mount option in /etc/fstab.
OPTIONS¶
The /usr/lib/systemd/system-pcrextend executable may also be invoked from the command line, where it expects the word to extend into PCR 11, as well as the following switches:
--bank=
Added in version 252.
--pcr=
Added in version 255.
--tpm2-device=PATH
Added in version 252.
--graceful
Added in version 253.
--machine-id
Added in version 253.
--file-system=
Added in version 253.
-h, --help
--version
FILES¶
/run/log/systemd/tpm2-measure.log
A LOCK_EX BSD file lock (flock(2)) on the log file is acquired while the measurement is made and the file is updated. Thus, applications that intend to acquire a consistent quote from the TPM with the associated snapshot of the event log should acquire a LOCK_SH lock while doing so.
Added in version 252.
SEE ALSO¶
systemd(1), systemd-stub(7), systemd-measure(1), systemd-gpt-auto-generator(8), systemd-fstab-generator(8), TPM2 PCR Measurements Made by systemd[3]
NOTES¶
- 1.
- JSON-SEQ
- 2.
- TCG Canonical Event Log Format (CEL-JSON)
- 3.
- TPM2 PCR Measurements Made by systemd
systemd 256.7 |