1SYSTEMD-PCRPHASE.SERVICE(8)systemd-pcrphase.serviceSYSTEMD-PCRPHASE.SERVICE(8)
2
6 systemd-pcrphase.service, systemd-pcrphase-sysinit.service, systemd-
7 pcrphase-initrd.service, systemd-pcrmachine.service, systemd-pcrfs-
8 root.service, systemd-pcrfs@.service, systemd-pcrphase - Measure boot
9 phase into TPM2 PCR 11, machine ID and file system identity into PCR 15
10
12 systemd-pcrphase.service
13 systemd-pcrphase-sysinit.service
15 systemd-pcrphase-initrd.service
17 systemd-pcrmachine.service
19 systemd-pcrfs-root.service
21 systemd-pcrfs@.service
23 /usr/lib/systemd/systemd-pcrphase [STRING]
25
27 systemd-pcrphase.service, systemd-pcrphase-sysinit.service, and
28 systemd-pcrphase-initrd.service are system services that measure
29 specific strings into TPM2 PCR 11 during boot at various milestones of
30 the boot process.
31 systemd-pcrmachine.service is a system service that measures the
33 machine ID (see machine-id(5)) into PCR 15.
34 systemd-pcrfs-root.service and systemd-pcrfs@.service are services that
36 measure file system identity information (i.e. mount point, file system
37 type, label and UUID, partition label and UUID) into PCR 15.
38 systemd-pcrfs-root.service does so for the root file system,
39 systemd-pcrfs@.service is a template unit that measures the file system
40 indicated by its instance identifier instead.
41 These services require systemd-stub(7) to be used in a unified kernel
43 image (UKI). They execute no operation when the stub has not been used
44 to invoke the kernel. The stub will measure the invoked kernel and
45 associated vendor resources into PCR 11 before handing control to it;
46 once userspace is invoked these services then will extend TPM2 PCR 11
47 with certain literal strings indicating phases of the boot process.
48 During a regular boot process PCR 11 is extended with the following
49 strings:
50 1. "enter-initrd" — early when the initrd initializes, before
52 activating system extension images for the initrd. It acts as a
53 barrier between the time where the kernel initializes and where the
54 initrd starts operating and enables system extension images, i.e.
55 code shipped outside of the UKI. (This extension happens when the
56 systemd-pcrphase-initrd.service(8) service is started.)
57 2. "leave-initrd" — when the initrd is about to transition into the
59 host file system. It acts as barrier between initrd code and host
60 OS code. (This extension happens when the
61 systemd-pcrphase-initrd.service service is stopped.)
62 3. "sysinit" — when basic system initialization is complete (which
64 includes local file systems having been mounted), and the system
65 begins starting regular system services. (This extension happens
66 when the systemd-pcrphase-sysinit.service(8) service is started.)
67 4. "ready" — during later boot-up, after remote file systems have been
69 activated (i.e. after remote-fs.target), but before users are
70 permitted to log in (i.e. before systemd-user-sessions.service). It
71 acts as barrier between the time where unprivileged regular users
72 are still prohibited to log in and where they are allowed to log
73 in. (This extension happens when the systemd-pcrphase.service
74 service is started.)
75 5. "shutdown" — when the system shutdown begins. It acts as barrier
77 between the time the system is fully up and running and where it is
78 about to shut down. (This extension happens when the
79 systemd-pcrphase.service service is stopped.)
80 6. "final" — at the end of system shutdown. It acts as barrier between
82 the time the service manager still runs and when it transitions
83 into the final shutdown phase where service management is not
84 available anymore. (This extension happens when the systemd-
85 pcrphase-sysinit.service(8) service is stopped.)
86 During a regular system lifecycle, PCR 11 is extended with the strings
88 "enter-initrd", "leave-initrd", "sysinit", "ready", "shutdown", and
89 "final".
90 Specific phases of the boot process may be referenced via the series of
92 strings measured, separated by colons (the "phase path"). For example,
93 the phase path for the regular system runtime is
94 "enter-initrd:leave-initrd:sysinit:ready", while the one for the initrd
95 is just "enter-initrd". The phase path for the boot phase before the
96 initrd is an empty string; because that's hard to pass around a single
97 colon (":") may be used instead. Note that the aforementioned six
98 strings are just the default strings and individual systems might
99 measure other strings at other times, and thus implement different and
100 more fine-grained boot phases to bind policy to.
101 By binding policy of TPM2 objects to a specific phase path it is
103 possible to restrict access to them to specific phases of the boot
104 process, for example making it impossible to access the root file
105 system's encryption key after the system transitioned from the initrd
106 into the host root file system.
107 Use systemd-measure(1) to pre-calculate expected PCR 11 values for
109 specific boot phases (via the --phase= switch).
110 systemd-pcrfs-root.service and systemd-pcrfs@.service are automatically
112 pulled into the initial transaction by systemd-gpt-auto-generator(8)
113 for the root and /var/ file systems. systemd-fstab-generator(8) will
114 do this for all mounts with the x-systemd.pcrfs mount option in
115 /etc/fstab.
116
118 The /usr/lib/systemd/system-pcrphase executable may also be invoked
119 from the command line, where it expects the word to extend into PCR 11,
120 as well as the following switches:
121 --bank=
123 Takes the PCR banks to extend the specified word into. If not
124 specified the tool automatically determines all enabled PCR banks
125 and measures the word into all of them.
126 --tpm2-device=PATH
128 Controls which TPM2 device to use. Expects a device node path
129 referring to the TPM2 chip (e.g. /dev/tpmrm0). Alternatively the
130 special value "auto" may be specified, in order to automatically
131 determine the device node of a suitable TPM2 device (of which there
132 must be exactly one). The special value "list" may be used to
133 enumerate all suitable TPM2 devices currently discovered.
134 --graceful
136 If no TPM2 firmware, kernel subsystem, kernel driver or device
137 support is found, exit with exit status 0 (i.e. indicate success).
138 If this is not specified any attempt to measure without a TPM2
139 device will cause the invocation to fail.
140 --machine-id
142 Instead of measuring a word specified on the command line into PCR
143 11, measure the host's machine ID into PCR 15.
144 --file-system=
146 Instead of measuring a word specified on the command line into PCR
147 11, measure identity information of the specified file system into
148 PCR 15. The parameter must be the path to the established mount
149 point of the file system to measure.
150 -h, --help
152 Print a short help text and exit.
153 --version
155 Print a short version string and exit.
156
158 systemd(1), systemd-stub(7), systemd-measure(1), systemd-gpt-auto-
159 generator(8), systemd-fstab-generator(8)
160systemd 253 SYSTEMD-PCRPHASE.SERVICE(8)