tpm_manager: add option to disable pre-initialization
Before this change, tpm_managerd always performed pre-initialization
if it found an unowned TPM upon start. That may not work for special
workflows like factory initialization.
This CL adds a check for a "no_preinit" flag file in /run/tpm_manager.
If that file exists, pre-initialization is not done.
Having this flag file in tpmfs allows for various control schemes,
including disabling pre-initialization for specific boots only and
copying this flag from stateful before starting tpm_managerd for
disabling for all boots at image level.
TEST=unit tests; check pre-init with and without the flag file
Commit-Ready: Andrey Pronin <email@example.com>
Tested-by: Andrey Pronin <firstname.lastname@example.org>
Reviewed-by: Hung-Te Lin <email@example.com>
4 files changed