ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2025-01-18 02:39:59 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Revert "Use HOTP TPM counter instead of Heads when signing, if present"

Browse Source 
This reverts commit c42084406d.
This commit is contained in:
Kyle Rankin 2018-06-19 16:28:37 -07:00
parent c42084406d
commit 7dde5c2aca
No known key found for this signature in database
GPG Key ID: 555577116BFA74B9
1 changed files with 4 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
initrd/bin/gui-init
View File

@ -78,14 +78,7 @@ update_checksums()
# sign and auto-roll config counter
extparam=
if [ "$CONFIG_TPM" = "y" ]; then
if [ -x /bin/libremkey_hotp_verification ]; then
check_tpm_counter /boot/kexec_hotp_counter hotp \
|| die "Unable to find/create TPM counter"
counter="$TPM_COUNTER"
extparam="-c $counter"
else
extparam=-u
fi
extparam=-u
fi
kexec-sign-config -p /boot $extparam \
|| die "Failed to sign default config"
@ -248,6 +241,9 @@ while true; do
|| die "Unable to find/create tpm counter"
counter="$TPM_COUNTER"
increment_tpm_counter $counter \
|| die "Unable to increment tpm counter"
sha256sum /tmp/counter-$counter > /boot/kexec_rollback.txt \
|| die "Unable to create rollback file"
mount -o ro,remount /boot