gui-init: Opt into skipping QR code scan for Librem boards only

Introduce CONFIG_TOTP_SKIP_QRCODE to skip this step and enable it on Librem boards. Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2025-01-18 02:39:59 +00:00 · 2023-06-23 08:18:59 -04:00 · 2023-06-23 08:18:59 -04:00 · f6134e9c35
commit f6134e9c35
parent 71243c1a13
10 changed files with 18 additions and 0 deletions
--- a/boards/librem_13v2/librem_13v2.config
+++ b/boards/librem_13v2/librem_13v2.config
@ -30,6 +30,7 @@ CONFIG_LINUX_USB=y
 export CONFIG_TPM=y
 export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
 export CONFIG_TOTP_SKIP_QRCODE=y
 export CONFIG_BOOTSCRIPT=/bin/gui-init
 export CONFIG_BOOT_REQ_HASH=n
 export CONFIG_BOOT_REQ_ROLLBACK=n
--- a/boards/librem_13v4/librem_13v4.config
+++ b/boards/librem_13v4/librem_13v4.config
@ -30,6 +30,7 @@ CONFIG_LINUX_USB=y
 export CONFIG_TPM=y
 export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
 export CONFIG_TOTP_SKIP_QRCODE=y
 export CONFIG_BOOTSCRIPT=/bin/gui-init
 export CONFIG_BOOT_REQ_HASH=n
 export CONFIG_BOOT_REQ_ROLLBACK=n
--- a/boards/librem_14/librem_14.config
+++ b/boards/librem_14/librem_14.config
@ -28,6 +28,7 @@ CONFIG_LINUX_USB=y
 export CONFIG_TPM=y
 export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
 export CONFIG_TOTP_SKIP_QRCODE=y
 export CONFIG_BOOTSCRIPT=/bin/gui-init
 export CONFIG_BOOT_REQ_HASH=n
--- a/boards/librem_15v3/librem_15v3.config
+++ b/boards/librem_15v3/librem_15v3.config
@ -30,6 +30,7 @@ CONFIG_LINUX_USB=y
 export CONFIG_TPM=y
 export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
 export CONFIG_TOTP_SKIP_QRCODE=y
 export CONFIG_BOOTSCRIPT=/bin/gui-init
 export CONFIG_BOOT_REQ_HASH=n
 export CONFIG_BOOT_REQ_ROLLBACK=n
--- a/boards/librem_15v4/librem_15v4.config
+++ b/boards/librem_15v4/librem_15v4.config
@ -30,6 +30,7 @@ CONFIG_LINUX_USB=y
 export CONFIG_TPM=y
 export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
 export CONFIG_TOTP_SKIP_QRCODE=y
 export CONFIG_BOOTSCRIPT=/bin/gui-init
 export CONFIG_BOOT_REQ_HASH=n
 export CONFIG_BOOT_REQ_ROLLBACK=n
--- a/boards/librem_l1um/librem_l1um.config
+++ b/boards/librem_l1um/librem_l1um.config
@ -28,6 +28,7 @@ CONFIG_LINUX_USB=y
 export CONFIG_TPM=y
 export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
 export CONFIG_TOTP_SKIP_QRCODE=y
 export CONFIG_BOOTSCRIPT=/bin/gui-init
 export CONFIG_BOOT_REQ_HASH=n
--- a/boards/librem_l1um_v2/librem_l1um_v2.config
+++ b/boards/librem_l1um_v2/librem_l1um_v2.config
@ -32,6 +32,7 @@ CONFIG_TPM2_TSS=y
 CONFIG_OPENSSL=y
 CONFIG_PRIMARY_KEY_TYPE=ecc
 export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
 export CONFIG_TOTP_SKIP_QRCODE=y
 export CONFIG_BOOTSCRIPT=/bin/gui-init
 export CONFIG_BOOT_REQ_HASH=n
--- a/boards/librem_mini/librem_mini.config
+++ b/boards/librem_mini/librem_mini.config
@ -29,6 +29,7 @@ CONFIG_LINUX_USB=y
 export CONFIG_TPM=n
 export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
 export CONFIG_TOTP_SKIP_QRCODE=y
 export CONFIG_BOOTSCRIPT=/bin/gui-init
 export CONFIG_BOOT_REQ_HASH=n
--- a/boards/librem_mini_v2/librem_mini_v2.config
+++ b/boards/librem_mini_v2/librem_mini_v2.config
@ -31,6 +31,7 @@ CONFIG_LINUX_USB=y
 export CONFIG_TPM=n
 export CONFIG_TPM_NO_LUKS_DISK_UNLOCK=y
 export CONFIG_TOTP_SKIP_QRCODE=y
 export CONFIG_BOOTSCRIPT=/bin/gui-init
 export CONFIG_BOOT_REQ_HASH=n
--- a/initrd/bin/gui-init
+++ b/initrd/bin/gui-init
@ -159,7 +159,16 @@ generate_totp_hotp()
  elif echo -e "Generating new TOTP secret...\n\n" && /bin/seal-totp "$BOARD_NAME" "$tpm_password"; then
    echo
    if [ -x /bin/hotp_verification ]; then
      if [ "$CONFIG_TOTP_SKIP_QRCODE" != y ]; then
        echo "Once you have scanned the QR code, hit Enter to configure your HOTP USB Security Dongle (e.g. Librem Key or Nitrokey)"
        read
      fi
      /bin/seal-hotpkey
    else
      if [ "$CONFIG_TOTP_SKIP_QRCODE" != y ]; then
        echo "Once you have scanned the QR code, hit Enter to continue"
        read
      fi
    fi
    # clear screen
    printf "\033c"