ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-18 20:47:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
c42084406d
heads/initrd
History
Kyle Rankin c42084406d
Use HOTP TPM counter instead of Heads when signing, if present 
TPM v1.2 has a limitation in that only a single monotonic counter can be
incremented between reboots [1]. So in the event we are using HOTP
monotonic counters, we need to reference those for the Heads rollback
counter when we update file signatures in /boot, otherwise the increment
stage at kexec-sign-config will fail since at each boot, the HOTP
monotonic counter has already been incremented.

[1] https://projects.csail.mit.edu/tc/tpmj/UsersGuide.html#inccounter
2018-06-19 16:18:10 -07:00
..
bin Use HOTP TPM counter instead of Heads when signing, if present 2018-06-19 16:18:10 -07:00
etc Add Librem Key support to Heads 2018-06-19 12:27:27 -07:00
sbin "$@" does not expand correctly in test expressions, use "$*" instead (issue #181) 2017-04-11 06:31:25 -04:00
.ash_history preload the recovery shell command line history 2016-09-26 13:51:10 -04:00
init Read and measure an EFI file into initrd during init 2018-04-29 19:58:44 -07:00
mount-boot extract and verify gpg signature on the boot script 2016-08-06 17:13:22 -04:00