From a0272270fe1afadef95426a08f8384f78571ac2b Mon Sep 17 00:00:00 2001 From: Jonathon Hall Date: Fri, 10 Mar 2023 15:39:54 -0500 Subject: [PATCH] gui-init, kexec-unseal-key: Move PCR debugging output to DEBUG calls These were still writing some debugging output containing flags and PCRs even when debug was not enabled. Use DEBUG. Signed-off-by: Jonathon Hall --- initrd/bin/gui-init | 8 ++++---- initrd/bin/kexec-unseal-key | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/initrd/bin/gui-init b/initrd/bin/gui-init index 47298a56..9f2dbb8f 100755 --- a/initrd/bin/gui-init +++ b/initrd/bin/gui-init @@ -184,10 +184,10 @@ update_totp() return 1 # Already asked to skip to menu from a prior error fi - echo "DEBUG: CONFIG_TPM: $CONFIG_TPM" - echo "DEBUG: CONFIG_TPM2_TOOLS: $CONFIG_TPM2_TOOLS" - echo "DEBUG: Show PCRs" - pcrs + DEBUG "CONFIG_TPM: $CONFIG_TPM" + DEBUG "CONFIG_TPM2_TOOLS: $CONFIG_TPM2_TOOLS" + DEBUG "Show PCRs" + DEBUG "$(pcrs)" whiptail $BG_COLOR_ERROR --title "ERROR: TOTP Generation Failed!" \ --menu " ERROR: Heads couldn't generate the TOTP code.\n diff --git a/initrd/bin/kexec-unseal-key b/initrd/bin/kexec-unseal-key index a7bf49c4..3c9ab21e 100755 --- a/initrd/bin/kexec-unseal-key +++ b/initrd/bin/kexec-unseal-key @@ -20,10 +20,10 @@ if [ -z "$key_file" ]; then key_file="/tmp/secret/secret.key" fi -echo "DEBUG: CONFIG_TPM: $CONFIG_TPM" -echo "DEBUG: CONFIG_TPM2_TOOLS: $CONFIG_TPM2_TOOLS" -echo "DEBUG: Show PCRs" -pcrs +DEBUG "CONFIG_TPM: $CONFIG_TPM" +DEBUG "CONFIG_TPM2_TOOLS: $CONFIG_TPM2_TOOLS" +DEBUG "Show PCRs" +DEBUG "$(pcrs)" for tries in 1 2 3; do read -s -p "Enter unlock password (blank to abort): " tpm_password