mirror of
https://github.com/linuxboot/heads.git
synced 2024-12-21 22:07:52 +00:00
215ff2a397
TPM2 must be prepared for shutdown, or it may track an auth failure for dictionary attack prevention (per the spec, to prevent an attack by attempting to authenticate and then powering off the TPM before it can update the nonvolatile counter). Add tpmr shutdown to prepare for shutdown (no-op on TPM1). Invoke it from poweroff and reboot. Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
19 lines
321 B
Bash
Executable File
19 lines
321 B
Bash
Executable File
#!/bin/bash
|
|
. /etc/functions
|
|
|
|
TRACE "Under /bin/poweroff"
|
|
|
|
# Shut down TPM
|
|
if [ "$CONFIG_TPM" = "y" ]; then
|
|
tpmr shutdown
|
|
fi
|
|
|
|
# Sync all mounted filesystems
|
|
echo s > /proc/sysrq-trigger
|
|
|
|
# Remount all mounted filesystems in read-only mode
|
|
echo u > /proc/sysrq-trigger
|
|
|
|
# Shut off the system
|
|
echo o > /proc/sysrq-trigger
|