swtpm: Display new capability to allow setting a profile

Display the new capability verb 'cmdarg-profile' indicating that the --profile option with the name= and profile= parameters is supported. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
2026-02-03 19:58:33 +00:00 · 2022-07-11 09:20:47 -04:00 · 2022-07-11 09:20:47 -04:00 · fb9ef19ac8
commit fb9ef19ac8
parent 0184b9113d
2 changed files with 16 additions and 3 deletions
--- a/man/man8/swtpm.pod
+++ b/man/man8/swtpm.pod
@ -333,7 +333,8 @@ may contain the following:
        "flags-opt-disable-auto-shutdown",
        "rsa-keysize-1024",
        "rsa-keysize-2048",
-        "rsa-keysize-3072"
+        "rsa-keysize-3072",
+        "cmdarg-profile"
      ],
      "version": "0.7.0"
    }
@ -408,6 +409,12 @@ The I<--flags> option supports the I<disable-auto-shutdown> flag.
 The TPM 2 supports the shown RSA key sizes. If none of the
 rsa-keysize verbs is shown then only RSA 2048 bit keys are supported.

+=item B<cmarg-profile> (since v0.10)
+
+The option <--profile> is supported to set a profile for a TPM 2 using either
+the option parameter I<name=> to select a profile by its name or I<profile=>
+to provide a JSON-formatted profile.
+
 =back

 =item B<--print-states> (since v0.7)
--- a/src/swtpm/capabilities.c
+++ b/src/swtpm/capabilities.c
@ -129,6 +129,8 @@ int capabilities_print_json(bool cusetpm, TPMLIB_TPMVersion tpmversion)
    char *keysizecaps = NULL;
    const char *nvram_backend_dir = "\"nvram-backend-dir\", ";
    const char *nvram_backend_file = "\"nvram-backend-file\"";
+    const char *cmdarg_profile = "\"cmdarg-profile\"";
+    bool comma1;

    /* ignore errors */
    TPMLIB_ChooseTPMVersion(tpmversion);
@ -142,11 +144,13 @@ int capabilities_print_json(bool cusetpm, TPMLIB_TPMVersion tpmversion)
    if (TPMLIB_ChooseTPMVersion(TPMLIB_TPM_VERSION_2) == TPM_SUCCESS)
        with_tpm2 = "\"tpm-2.0\", ";

+    comma1 = cmdarg_profile;
+
    n =  asprintf(&string,
         "{ "
         "\"type\": \"swtpm\", "
         "\"features\": [ "
-             "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s"
+             "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s"
          " ], "
         "\"version\": \"" VERSION "\" "
         "}",
@ -164,7 +168,9 @@ int capabilities_print_json(bool cusetpm, TPMLIB_TPMVersion tpmversion)
         true         ? "\"cmdarg-migration\", "       : "",
         nvram_backend_dir,
         nvram_backend_file,
-         keysizecaps  ? keysizecaps                    : ""
+         keysizecaps  ? keysizecaps                    : "",
+         comma1       ? ", "                           : "",
+         cmdarg_profile ? cmdarg_profile               : ""
    );

    if (n < 0) {