ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-19 21:17:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

kexec-select-boot+kexec-save-default: Quiet mode; remove last rollback counters printed to console

Browse Source 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
This commit is contained in:
Thierry Laurion 2024-12-16 17:47:25 -05:00
parent 81c6b00e9b
commit bd0871b683
No known key found for this signature in database
GPG Key ID: 9A53E1BB3FF00461
2 changed files with 3 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
initrd/bin/kexec-save-default
View File

@ -277,7 +277,7 @@ if [ ! -d $paramsdir ]; then
fi
if [ "$CONFIG_TPM2_TOOLS" = "y" ]; then
sha256sum /tmp/secret/primary.handle >"$PRIMHASH_FILE" ||
sha256sum /tmp/secret/primary.handle >"$PRIMHASH_FILE" >/dev/null 2>&1 ||
die "ERROR: Failed to Hash TPM2 primary key handle!"
DEBUG "TPM2 primary key handle hash saved to $PRIMHASH_FILE"
fi

6
initrd/bin/kexec-select-boot
View File

@ -61,7 +61,7 @@ paramsdir="${paramsdir%%/}"
PRIMHASH_FILE="$paramsdir/kexec_primhdl_hash.txt"
if [ "$CONFIG_TPM2_TOOLS" = "y" ]; then
if [ -r "$PRIMHASH_FILE" ]; then
sha256sum -c "$PRIMHASH_FILE" ||
sha256sum -c "$PRIMHASH_FILE" >/dev/null 2>&1 ||
{
echo "FATAL: Hash of TPM2 primary key handle mismatch!"
warn "If you have not intentionally regenerated TPM2 primary key,"
@ -116,8 +116,6 @@ verify_rollback_counter() {
TRACE_FUNC
TPM_COUNTER=$(grep counter $TMP_ROLLBACK_FILE | cut -d- -f2)
DEBUG "TPM_COUNTER: $TPM_COUNTER found in $TMP_ROLLBACK_FILE"
if [ -z "$TPM_COUNTER" ]; then
die "$TMP_ROLLBACK_FILE: TPM counter not found?"
fi
@ -125,7 +123,7 @@ verify_rollback_counter() {
read_tpm_counter $TPM_COUNTER >/dev/null 2>&1 ||
die "Failed to read TPM counter"
sha256sum -c $TMP_ROLLBACK_FILE ||
sha256sum -c $TMP_ROLLBACK_FILE >/dev/null 2>&1 ||
die "Invalid TPM counter state. TPM Reset required"
valid_rollback="y"