Thierry Laurion adda59c675 LUKS header change validation at both sealing and unsealing of TPM Disk Unlock Key. ... Fixes linuxboot#1092. Supersedes linuxboot#1093 - Cherry-picks ed1c23a (credit to @hardened-vault) thank you!) - Addresses and correct self-review under linuxboot#1093 (@hardened-vault: you don't answer often here!) - kexec-unseal-key: Warn a user who attempts to default boot while his Disk Unlock Key passphrase fails to unseal because LUKS headers changed. (linuxboot#1093 (comment)) - kexec-seal-key: Identical as in ed1c23a - kexec-add-key: Tell the user that the Headers did not change when changing TPM released Disk Unlock Key (Through changing default boot at Options->Boot Options -> Show OS boot options: select a new boot option and set a Disk Unlock Key in TPM, accept to modify disk and sign /boot options) - Here, we cancel the diff output shown on screen linuxboot#1093 (comment) - And we change the warning given to the user to past tense "Headers of LUKS containers to be unlocked via TPM Disk Unlock Key passphrase did not change." Signed-off-by: Thierry Laurion <insurgo@riseup.net>		2024-04-11 14:44:07 -04:00
..
.gnupg	gpg2: make sure dirmngr is not spawn to refresh keys under initrd/.gnupg/gpg.conf	2024-01-09 12:53:56 -05:00
bin	LUKS header change validation at both sealing and unsealing of TPM Disk Unlock Key.	2024-04-11 14:44:07 -04:00
etc	Update tails.key	2024-04-04 02:42:02 +02:00
run/cryptsetup	[WIP] cross build json-c and cryptsetup	2020-10-28 15:28:05 +02:00
sbin	insmod: uniformize module name and lsmod output prior of comapring if module already insmodded (ehci-hcd.ko module name is ehci_hcd...)	2024-02-23 01:29:55 -05:00
.ash_history	Merge pull request #1515 from tlaurion/inmemory_keygen-gpg_backup_usable_for_RSA_only-copy_to_card_working_for_RSA_only-gpg_auth_for_recovery_and_sub_boot	2023-11-13 16:05:26 -05:00
init	init: Adding checks for sysfs and runtime panic_on_oom=1	2024-04-02 17:17:09 -04:00
mount-boot	Add dual support for real bash and busybox's bash(ash)	2023-03-08 12:45:44 -05:00