mirror of
https://github.com/linuxboot/heads.git
synced 2024-12-20 21:43:11 +00:00
445ca053fb
- Based on initial server board - Uses whiptail as opposed to fbwhiptail (was slow and output fuzzy) - Simple fix to have dual KVM(BMC) and vga output for consoles Reasoning for dropping fbwhiptail support is that: - it is impossible to output framebuffer content through remote BMC console. - A workstation board config could output to fbwhiptail for VGA and give remote recovery shell access through BMC - If someone shows interest for that, qemu-coreboot-tpm boards can be used as reference. - slowness/fuzzyness of fbwhiptail output through AST would still need to be fixed in kernel drivers. Not a priority here. Limitation: - Since whiptail is sent to both consoles: - If one console goes to recovery shell, recovery shell access invalidate TPM PCR4 measurements. - The other console won't be aware that TPM measurements were invalidated, and will consequently: - not be able to unseal TOTP if refreshed - not be able to unseal TPM disk unlock key on default boot - A reboot will fix this. |
||
---|---|---|
.. | ||
talos-2.config |