ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2025-02-20 09:16:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #625 from MrChromebox/tpm_luks

Browse Source 
kexec-save-default: guard TPM LUKS usage with config option
This commit is contained in:
tlaurion 2020-06-18 23:08:54 -04:00 committed by GitHub
commit 05c854753c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
boards/librem13v2/librem13v2.config
View File

@ -25,6 +25,7 @@ CONFIG_LIBREMKEY=y
CONFIG_LINUX_USB=y
export CONFIG_TPM=y
export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
export CONFIG_BOOTSCRIPT=/bin/gui-init
export CONFIG_BOOT_REQ_HASH=n
export CONFIG_BOOT_REQ_ROLLBACK=n

1
boards/librem13v4/librem13v4.config
View File

@ -25,6 +25,7 @@ CONFIG_LIBREMKEY=y
CONFIG_LINUX_USB=y
export CONFIG_TPM=y
export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
export CONFIG_BOOTSCRIPT=/bin/gui-init
export CONFIG_BOOT_REQ_HASH=n
export CONFIG_BOOT_REQ_ROLLBACK=n

1
boards/librem15v3/librem15v3.config
View File

@ -27,6 +27,7 @@ CONFIG_LIBREMKEY=y
CONFIG_LINUX_USB=y
export CONFIG_TPM=y
export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
export CONFIG_BOOTSCRIPT=/bin/gui-init
export CONFIG_BOOT_REQ_HASH=n
export CONFIG_BOOT_REQ_ROLLBACK=n

1
boards/librem15v4/librem15v4.config
View File

@ -27,6 +27,7 @@ CONFIG_LIBREMKEY=y
CONFIG_LINUX_USB=y
export CONFIG_TPM=y
export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
export CONFIG_BOOTSCRIPT=/bin/gui-init
export CONFIG_BOOT_REQ_HASH=n
export CONFIG_BOOT_REQ_ROLLBACK=n

2
initrd/bin/kexec-save-default
View File

@ -45,7 +45,7 @@ fi
KEY_DEVICES="$paramsdir/kexec_key_devices.txt"
KEY_LVM="$paramsdir/kexec_key_lvm.txt"
save_key="n"
if [ "$CONFIG_TPM" = "y" ]; then
if [[ "$CONFIG_TPM" = "y" && "$CONFIG_TPM_NO_LUKS_DISK_UNLOCK" != "y" ]]; then
if [ ! -r "$KEY_DEVICES" ]; then
read \
-n 1 \