Thierry Laurion 4f2b1b68b0 initrd/bin/kexec-unseal-key: never show final PCRs content but in DEBUG mode/Recovery Shell ... Next steps on this is introspection and PCRs reconstruction helpers, which will output in DEBUG and be usable from recovery shell. We have to keep in mind that providing those tools is useful in DEBUG mode and for users having access to Recovery Shell. But currently, having access to cbmem -L output and final PCRs content is making it too easy for Evil Maid to know what needs to be hardcoded to pass measured boot. Signed-off-by: Thierry Laurion <insurgo@riseup.net>		2024-01-20 11:48:04 -05:00
..
.gnupg	gpg2: make sure dirmngr is not spawn to refresh keys under initrd/.gnupg/gpg.conf	2024-01-09 12:53:56 -05:00
bin	initrd/bin/kexec-unseal-key: never show final PCRs content but in DEBUG mode/Recovery Shell	2024-01-20 11:48:04 -05:00
etc	Uniformize vocabulary: LUKS TPM Disk Unlock Key & LUKS Disk Recovery Key	2024-01-20 11:47:35 -05:00
run/cryptsetup	[WIP] cross build json-c and cryptsetup	2020-10-28 15:28:05 +02:00
sbin	All TPM Extend additional context passed from console echo output to DEBUG. Put back console output as of master. TODO: decide what we do with tpmr extend output for the future. Hint: forward sealing of next flashed firmware measurements.	2023-11-06 15:53:17 -05:00
.ash_history	Merge pull request #1515 from tlaurion/inmemory_keygen-gpg_backup_usable_for_RSA_only-copy_to_card_working_for_RSA_only-gpg_auth_for_recovery_and_sub_boot	2023-11-13 16:05:26 -05:00
init	Merge pull request #1515 from tlaurion/inmemory_keygen-gpg_backup_usable_for_RSA_only-copy_to_card_working_for_RSA_only-gpg_auth_for_recovery_and_sub_boot	2023-11-13 16:05:26 -05:00
mount-boot	Add dual support for real bash and busybox's bash(ash)	2023-03-08 12:45:44 -05:00