diff --git a/man/man8/swtpm.pod b/man/man8/swtpm.pod index 94e82ef..b9a7c19 100644 --- a/man/man8/swtpm.pod +++ b/man/man8/swtpm.pod @@ -333,7 +333,8 @@ may contain the following: "flags-opt-disable-auto-shutdown", "rsa-keysize-1024", "rsa-keysize-2048", - "rsa-keysize-3072" + "rsa-keysize-3072", + "cmdarg-profile" ], "version": "0.7.0" } @@ -408,6 +409,12 @@ The I<--flags> option supports the I flag. The TPM 2 supports the shown RSA key sizes. If none of the rsa-keysize verbs is shown then only RSA 2048 bit keys are supported. +=item B (since v0.10) + +The option <--profile> is supported to set a profile for a TPM 2 using either +the option parameter I to select a profile by its name or I +to provide a JSON-formatted profile. + =back =item B<--print-states> (since v0.7) diff --git a/src/swtpm/capabilities.c b/src/swtpm/capabilities.c index 6e19405..6b3b6a3 100644 --- a/src/swtpm/capabilities.c +++ b/src/swtpm/capabilities.c @@ -129,6 +129,8 @@ int capabilities_print_json(bool cusetpm, TPMLIB_TPMVersion tpmversion) char *keysizecaps = NULL; const char *nvram_backend_dir = "\"nvram-backend-dir\", "; const char *nvram_backend_file = "\"nvram-backend-file\""; + const char *cmdarg_profile = "\"cmdarg-profile\""; + bool comma1; /* ignore errors */ TPMLIB_ChooseTPMVersion(tpmversion); @@ -142,11 +144,13 @@ int capabilities_print_json(bool cusetpm, TPMLIB_TPMVersion tpmversion) if (TPMLIB_ChooseTPMVersion(TPMLIB_TPM_VERSION_2) == TPM_SUCCESS) with_tpm2 = "\"tpm-2.0\", "; + comma1 = cmdarg_profile; + n = asprintf(&string, "{ " "\"type\": \"swtpm\", " "\"features\": [ " - "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s" + "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s" " ], " "\"version\": \"" VERSION "\" " "}", @@ -164,7 +168,9 @@ int capabilities_print_json(bool cusetpm, TPMLIB_TPMVersion tpmversion) true ? "\"cmdarg-migration\", " : "", nvram_backend_dir, nvram_backend_file, - keysizecaps ? keysizecaps : "" + keysizecaps ? keysizecaps : "", + comma1 ? ", " : "", + cmdarg_profile ? cmdarg_profile : "" ); if (n < 0) {