mirror of
https://github.com/linuxboot/heads.git
synced 2024-12-19 21:17:55 +00:00
PCR extend ops inform users on what happens, otherwise we tpm commands output on screen without context
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
This commit is contained in:
parent
9e838ad615
commit
05fc4c1747
@ -24,6 +24,7 @@ for cbfsname in `echo $cbfsfiles`; do
|
|||||||
TMPFILE=/tmp/cbfs.$$
|
TMPFILE=/tmp/cbfs.$$
|
||||||
echo "$filename" > $TMPFILE
|
echo "$filename" > $TMPFILE
|
||||||
cat $filename >> $TMPFILE
|
cat $filename >> $TMPFILE
|
||||||
|
echo " !!!!! Extending TPM PCR $CONFIG_PCR with $filename !!!!!"
|
||||||
tpmr extend -ix "$CONFIG_PCR" -if $TMPFILE \
|
tpmr extend -ix "$CONFIG_PCR" -if $TMPFILE \
|
||||||
|| die "$filename: tpm extend failed"
|
|| die "$filename: tpm extend failed"
|
||||||
fi
|
fi
|
||||||
|
@ -19,6 +19,6 @@ sha256sum /tmp/lukshdr-* >/tmp/luksDump.txt || die "Unable to hash LUKS headers"
|
|||||||
DEBUG "Removing /tmp/lukshdr-*"
|
DEBUG "Removing /tmp/lukshdr-*"
|
||||||
rm /tmp/lukshdr-*
|
rm /tmp/lukshdr-*
|
||||||
|
|
||||||
DEBUG "Extending PCR 6 with /tmp/luksDump.txt"
|
echo " !!!! Extending PCR 6 with hash of LUKS headers from /tmp/luksDump.txt !!!!"
|
||||||
tpmr extend -ix 6 -if /tmp/luksDump.txt ||
|
tpmr extend -ix 6 -if /tmp/luksDump.txt ||
|
||||||
die "Unable to extend PCR"
|
die "Unable to extend PCR"
|
||||||
|
@ -30,7 +30,8 @@ if [ ! -r /sys/class/tpm/tpm0/pcrs -o ! -x /bin/tpm ]; then
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -z "$tpm_missing" ]; then
|
if [ -z "$tpm_missing" ]; then
|
||||||
DEBUG "Extending PCR $MODULE_PCR with $MODULE"
|
echo
|
||||||
|
echo " !!!!! Extending TPM PCR $MODULE_PCR with $MODULE prior of usage !!!!!"
|
||||||
tpmr extend -ix "$MODULE_PCR" -if "$MODULE" \
|
tpmr extend -ix "$MODULE_PCR" -if "$MODULE" \
|
||||||
|| die "$MODULE: tpm extend failed"
|
|| die "$MODULE: tpm extend failed"
|
||||||
fi
|
fi
|
||||||
@ -39,7 +40,8 @@ if [ ! -z "$*" -a -z "$tpm_missing" ]; then
|
|||||||
DEBUG "Extending PCR $MODULE_PCR with $*"
|
DEBUG "Extending PCR $MODULE_PCR with $*"
|
||||||
TMPFILE=/tmp/insmod.$$
|
TMPFILE=/tmp/insmod.$$
|
||||||
echo "$@" > $TMPFILE
|
echo "$@" > $TMPFILE
|
||||||
DEBUG "Extending PCR $MODULE_PCR with $TMPFILE"
|
echo
|
||||||
|
echo " !!!!! Extending TPM PCR $MODULE_PCR with $MODULE prior of usage !!!!!"
|
||||||
tpmr extend -ix "$MODULE_PCR" -if $TMPFILE \
|
tpmr extend -ix "$MODULE_PCR" -if $TMPFILE \
|
||||||
|| die "$MODULE: tpm extend on arguments failed"
|
|| die "$MODULE: tpm extend on arguments failed"
|
||||||
fi
|
fi
|
||||||
|
Loading…
Reference in New Issue
Block a user