From bd0871b6838c95fc490daeb1a45f2189df5f9e24 Mon Sep 17 00:00:00 2001 From: Thierry Laurion Date: Mon, 16 Dec 2024 17:47:25 -0500 Subject: [PATCH] kexec-select-boot+kexec-save-default: Quiet mode; remove last rollback counters printed to console Signed-off-by: Thierry Laurion --- initrd/bin/kexec-save-default | 2 +- initrd/bin/kexec-select-boot | 6 ++---- 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/initrd/bin/kexec-save-default b/initrd/bin/kexec-save-default index 828e7d98..24f3b207 100755 --- a/initrd/bin/kexec-save-default +++ b/initrd/bin/kexec-save-default @@ -277,7 +277,7 @@ if [ ! -d $paramsdir ]; then fi if [ "$CONFIG_TPM2_TOOLS" = "y" ]; then - sha256sum /tmp/secret/primary.handle >"$PRIMHASH_FILE" || + sha256sum /tmp/secret/primary.handle >"$PRIMHASH_FILE" >/dev/null 2>&1 || die "ERROR: Failed to Hash TPM2 primary key handle!" DEBUG "TPM2 primary key handle hash saved to $PRIMHASH_FILE" fi diff --git a/initrd/bin/kexec-select-boot b/initrd/bin/kexec-select-boot index 7a45c9f8..d6b33d6c 100755 --- a/initrd/bin/kexec-select-boot +++ b/initrd/bin/kexec-select-boot @@ -61,7 +61,7 @@ paramsdir="${paramsdir%%/}" PRIMHASH_FILE="$paramsdir/kexec_primhdl_hash.txt" if [ "$CONFIG_TPM2_TOOLS" = "y" ]; then if [ -r "$PRIMHASH_FILE" ]; then - sha256sum -c "$PRIMHASH_FILE" || + sha256sum -c "$PRIMHASH_FILE" >/dev/null 2>&1 || { echo "FATAL: Hash of TPM2 primary key handle mismatch!" warn "If you have not intentionally regenerated TPM2 primary key," @@ -116,8 +116,6 @@ verify_rollback_counter() { TRACE_FUNC TPM_COUNTER=$(grep counter $TMP_ROLLBACK_FILE | cut -d- -f2) - DEBUG "TPM_COUNTER: $TPM_COUNTER found in $TMP_ROLLBACK_FILE" - if [ -z "$TPM_COUNTER" ]; then die "$TMP_ROLLBACK_FILE: TPM counter not found?" fi @@ -125,7 +123,7 @@ verify_rollback_counter() { read_tpm_counter $TPM_COUNTER >/dev/null 2>&1 || die "Failed to read TPM counter" - sha256sum -c $TMP_ROLLBACK_FILE || + sha256sum -c $TMP_ROLLBACK_FILE >/dev/null 2>&1 || die "Invalid TPM counter state. TPM Reset required" valid_rollback="y"