'\" t
.TH "SYSTEMD\-PCRPHASE\&.SERVICE" "8" "" "systemd 252" "systemd-pcrphase.service"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el       .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
systemd-pcrphase.service, systemd-pcrphase-sysinit.service, systemd-pcrphase-initrd.service, systemd-pcrphase \- Measure boot phase into TPM2 PCR 11
.SH "SYNOPSIS"
.PP
systemd\-pcrphase\&.service
.PP
systemd\-pcrphase\-sysinit\&.service
.PP
systemd\-pcrphase\-initrd\&.service
.PP
/lib/systemd/system\-pcrphase
\fISTRING\fR
.SH "DESCRIPTION"
.PP
systemd\-pcrphase\&.service,
systemd\-pcrphase\-sysinit\&.service
and
systemd\-pcrphase\-initrd\&.service
are system services that measure specific strings into TPM2 PCR 11 during boot at various milestones of the boot process\&.
.PP
These services require
\fBsystemd-stub\fR(7)
to be used in a unified kernel image (UKI) setup\&. They execute no operation when invoked when the stub has not been used to invoke the kernel\&. The stub will measure the invoked kernel and associated vendor resources into PCR 11 before handing control to it; once userspace is invoked these services then will extend certain literal strings indicating various phases of the boot process into TPM2 PCR 11\&. During a regular boot process the following strings are extended into PCR 11\&.
.sp
.RS 4
.ie n \{\
\h'-04' 1.\h'+01'\c
.\}
.el \{\
.sp -1
.IP "  1." 4.2
.\}
"enter\-initrd"
is extended into PCR 11 early when the initrd initializes, before activating system extension images for the initrd\&. It is supposed to act as barrier between the time where the kernel initializes, and where the initrd starts operating and enables system extension images, i\&.e\&. code shipped outside of the UKI\&. (This string is extended at start of
systemd\-pcrphase\-initrd\&.service\&.)
.RE
.sp
.RS 4
.ie n \{\
\h'-04' 2.\h'+01'\c
.\}
.el \{\
.sp -1
.IP "  2." 4.2
.\}
"leave\-initrd"
is extended into PCR 11 when the initrd is about to transition into the host file system, i\&.e\&. when it achieved its purpose\&. It is supposed to act as barrier between kernel/initrd code and host OS code\&. (This string is extended at stop of
systemd\-pcrphase\-initrd\&.service\&.)
.RE
.sp
.RS 4
.ie n \{\
\h'-04' 3.\h'+01'\c
.\}
.el \{\
.sp -1
.IP "  3." 4.2
.\}
"sysinit"
is extended into PCR 11 when basic system initialization is complete (which includes local file systems have been mounted), and the system begins starting regular system services\&. (This string is extended at start of
systemd\-pcrphase\-sysinit\&.service\&.)
.RE
.sp
.RS 4
.ie n \{\
\h'-04' 4.\h'+01'\c
.\}
.el \{\
.sp -1
.IP "  4." 4.2
.\}
"ready"
is extended into PCR 11 during later boot\-up, after remote file systems have been activated (i\&.e\&. after
remote\-fs\&.target), but before users are permitted to log in (i\&.e\&. before
systemd\-user\-sessions\&.service)\&. It is supposed to act as barrier between the time where unprivileged regular users are still prohibited to log in and where they are allowed to log in\&. (This string is extended at start of
systemd\-pcrphase\&.service\&.)
.RE
.sp
.RS 4
.ie n \{\
\h'-04' 5.\h'+01'\c
.\}
.el \{\
.sp -1
.IP "  5." 4.2
.\}
"shutdown"
is extended into PCR 11 when system shutdown begins\&. It is supposed to act as barrier between the time the system is fully up and running and where it is about to shut down\&. (This string is extended at stop of
systemd\-pcrphase\&.service\&.)
.RE
.sp
.RS 4
.ie n \{\
\h'-04' 6.\h'+01'\c
.\}
.el \{\
.sp -1
.IP "  6." 4.2
.\}
"final"
is extended into PCR 11 at the end of system shutdown\&. It is supposed to act as barrier between the time the service manager still runs and when it transitions into the final boot phase where service management is not available anymore\&. (This string is extended at stop of
systemd\-pcrphase\-sysinit\&.service\&.)
.RE
.PP
During a regular system lifecycle, the strings
"enter\-initrd"
→
"leave\-initrd"
→
"sysinit"
→
"ready"
→
"shutdown"
→
"final"
are extended into PCR 11, one after the other\&.
.PP
Specific phases of the boot process may be referenced via the series of strings measured, separated by colons (the "boot path")\&. For example, the boot path for the regular system runtime is
"enter\-initrd:leave\-initrd:sysinit:ready", while the one for the initrd is just
"enter\-initrd"\&. The boot path for the the boot phase before the initrd, is an empty string; because that\*(Aqs hard to pass around a single colon (":") may be used instead\&. Note that the aforementioned six strings are just the default strings and individual systems might measure other strings at other times, and thus implement different and more fine\-grained boot phases to bind policy to\&.
.PP
By binding policy of TPM2 objects to a specific boot path it is possible to restrict access to them to specific phases of the boot process, for example making it impossible to access the root file system\*(Aqs encryption key after the system transitioned from the initrd into the host root file system\&.
.PP
Use
\fBsystemd-measure\fR(1)
to pre\-calculate expected PCR 11 values for specific boot phases (via the
\fB\-\-phase=\fR
switch)\&.
.SH "OPTIONS"
.PP
The
/lib/systemd/system\-pcrphase
executable may also be invoked from the command line, where it expects the word to extend into PCR 11, as well as the following switches:
.PP
\fB\-\-bank=\fR
.RS 4
Takes the PCR banks to extend the specified word into\&. If not specified the tool automatically determines all enabled PCR banks and measures the word into all of them\&.
.RE
.PP
\fB\-\-tpm2\-device=\fR\fIPATH\fR
.RS 4
Controls which TPM2 device to use\&. Expects a device node path referring to the TPM2 chip (e\&.g\&.
/dev/tpmrm0)\&. Alternatively the special value
"auto"
may be specified, in order to automatically determine the device node of a suitable TPM2 device (of which there must be exactly one)\&. The special value
"list"
may be used to enumerate all suitable TPM2 devices currently discovered\&.
.RE
.PP
\fB\-h\fR, \fB\-\-help\fR
.RS 4
Print a short help text and exit\&.
.RE
.PP
\fB\-\-version\fR
.RS 4
Print a short version string and exit\&.
.RE
.SH "SEE ALSO"
.PP
\fBsystemd\fR(1),
\fBsystemd-stub\fR(7),
\fBsystemd-measure\fR(1)