ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2025-04-07 19:34:26 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add back TPM config counter section to gui-init

Browse Source 
The section in gui-init that modifies the Heads TPM counter when signing
config was accidentally removed. This change adds that section back.
This commit is contained in:
Kyle Rankin 2018-06-19 13:03:01 -07:00
parent 31cf85b707
commit 2cacb15729
No known key found for this signature in database
GPG Key ID: 555577116BFA74B9
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
initrd/bin/gui-init
View File

@ -75,7 +75,12 @@ update_checksums()
# We don't need them after the user decides to sign
rm -f /boot/kexec_package_trigger*
kexec-sign-config -p /boot \
# sign and auto-roll config counter
extparam=
if [ "$CONFIG_TPM" = "y" ]; then
extparam=-u
fi
kexec-sign-config -p /boot $extparam \
|| die "Failed to sign default config"
# switch back to ro mode