mirror of
https://github.com/linuxboot/heads.git
synced 2024-12-30 09:48:56 +00:00
4910c1188f
Changes: - As per master: when TOTP cannot unseal TOTP, user is prompted to either reset or regenerate TOTP - Now, when either is done and a previous TPM Disk Unlock Key was setuped, the user is guided into: - Regenerating checksums and signing them - Regenerating TPM disk Unlock Key and resealing TPM disk Unlock Key with passphrase into TPM - LUKS header being modified, user is asked to resign kexec.sig one last time prior of being able to default boot - When no previous Disk Unlock Key was setuped, the user is guided into: - The above, plus - Detection of LUKS containers,suggesting only relevant partitions - Addition of TRACE and DEBUG statements to troubleshoot actual vs expected behavior while coding - Were missing under TPM Disk Unlock Key setup codepaths - Fixes for #645 : We now check if only one slots exists and we do not use it if its slot1. - Also shows in DEBUG traces now Unrelated staged changes - ash_functions: warn and die now contains proper spacing and eye attaction - all warn and die calls modified if containing warnings and too much punctuation - unify usage of term TPM Disk Unlock Key and Disk Recovery Key
19 lines
408 B
Bash
Executable File
19 lines
408 B
Bash
Executable File
#!/bin/bash
|
|
. /etc/functions
|
|
|
|
TRACE "Under /bin/flashrom-kgpe-d16-openbmc.sh"
|
|
|
|
ROM="$1"
|
|
if [ -z "$1" ]; then
|
|
die "Usage: $0 /media/kgpe-d16-openbmc.rom"
|
|
fi
|
|
|
|
cp "$ROM" /tmp/kgpe-d16-openbmc.rom
|
|
sha256sum /tmp/kgpe-d16-openbmc.rom
|
|
|
|
flashrom --programmer="ast1100:spibus=2,cpu=reset" -c "S25FL128P......0" -w /tmp/kgpe-d16-openbmc.rom \
|
|
|| die "$ROM: Flash failed"
|
|
|
|
warn "Reboot and hopefully it works"
|
|
exit 0
|