using shred instead of rm on secret related files.

initrd/bin/kexec-unseal-key

@@ -38,7 +38,7 @@ for tries in 1 2 3; do
 		-hk 40000000 \
 	; then
 		# should be okay if this fails
-		rm -f /tmp/secret/sealed || true
+		shred -n 10 -z -u /tmp/secret/sealed || true
 		exit 0
 	fi
 

initrd/bin/seal-libremkey

@@ -28,9 +28,9 @@ tpm unsealfile  \
 	-of "$HOTP_SECRET" \
 || die "Unable to unseal HOTP secret"
 
-rm -f "$HOTP_SEALED"
+shred -n 10 -z -u "$HOTP_SEALED"
 secret="`cat $HOTP_SECRET`"
-rm -f "$HOTP_SECRET"
+shred -n 10 -z -u "$HOTP_SECRET"
 
 # Store counter in file instead of TPM for now, as it conflicts with Heads
 # config TPM counter as TPM 1.2 can only increment one counter between reboots

initrd/bin/seal-totp

@@ -43,7 +43,7 @@ if ! tpm sealfile2 \
 	-ix 4 0000000000000000000000000000000000000000 \
 	-ix 7 X \
 ; then
-	rm -f "$TOTP_SECRET"
+	shred -n 10 -z -u "$TOTP_SECRET"
 	 die "Unable to seal secret"
 fi
 
@@ -79,7 +79,7 @@ if ! tpm nv_writevalue \
 	|| die "Unable to write sealed secret to NVRAM"
 fi
 
-rm -f "$TOTP_SEALED"
+shred -n 10 -z -u "$TOTP_SEALED"
 
 url="otpauth://totp/$HOST?secret=$secret"
 secret=""

initrd/bin/unseal-hotp

@@ -28,7 +28,7 @@ tpm unsealfile  \
 	-of "$HOTP_SECRET" \
 || die "Unable to unseal HOTP secret"
 
-rm -f "$HOTP_SEALED"
+shred -n 10 -z -u "$HOTP_SEALED"
 
 # Store counter in file instead of TPM for now, as it conflicts with Heads
 # config TPM counter as TPM 1.2 can only increment one counter between reboots
@@ -51,11 +51,11 @@ fi
 #counter_value=$(printf "%d" 0x${counter_value})
 
 if ! hotp $counter_value < "$HOTP_SECRET"; then
-	rm -f "$HOTP_SECRET"
+	shred -n 10 -z -u "$HOTP_SECRET"
 	die 'Unable to compute HOTP hash?'
 fi
 
-rm -f "$HOTP_SECRET"
+shred -n 10 -z -u "$HOTP_SECRET"
 
 #increment_tpm_counter $counter > /dev/null \
 #|| die "Unable to increment tpm counter"

initrd/bin/unseal-totp

@@ -18,12 +18,12 @@ tpm unsealfile  \
 	-of "$TOTP_SECRET" \
 || die "Unable to unseal totp secret"
 
-rm -f "$TOTP_SEALED"
+shred -n 10 -z -u "$TOTP_SEALED"
 
 if ! totp -q < "$TOTP_SECRET"; then
-	rm -f "$TOTP_SECRET"
+	shred -n 10 -z -u "$TOTP_SECRET"
 	die 'Unable to compute TOTP hash?'
 fi
 
-rm -f "$TOTP_SECRET"
+shred -n 10 -z -u "$TOTP_SECRET"
 exit 0

initrd/etc/functions

@@ -15,6 +15,7 @@ recovery() {
 
 	# Remove any temporary secret files that might be hanging around
 	# but recreate the directory so that new tools can use it.
+	shred -n 10 -z -u /tmp/secret/* 2> /dev/null
 	rm -rf /tmp/secret
 	mkdir -p /tmp/secret
 
@@ -234,7 +235,7 @@ replace_config() {
 # then copy any remaining settings from the existing config file, minus the option you changed
 	grep -v "^export ${CONFIG_OPTION}=" ${CONFIG_FILE} | grep -v "^${CONFIG_OPTION}=" >> ${CONFIG_FILE}.tmp || true
   sort ${CONFIG_FILE}.tmp | uniq > ${CONFIG_FILE}
-	rm -f ${CONFIG_FILE}.tmp
+	shred -n 10 -z -u ${CONFIG_FILE}.tmp
 }
 combine_configs() {
 	cat /etc/config* > /tmp/config