ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2025-02-20 17:22:53 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
heads/initrd/bin
History
Kyle Rankin c42084406d
Use HOTP TPM counter instead of Heads when signing, if present 
TPM v1.2 has a limitation in that only a single monotonic counter can be
incremented between reboots [1]. So in the event we are using HOTP
monotonic counters, we need to reference those for the Heads rollback
counter when we update file signatures in /boot, otherwise the increment
stage at kexec-sign-config will fail since at each boot, the HOTP
monotonic counter has already been incremented.

[1] https://projects.csail.mit.edu/tc/tpmj/UsersGuide.html#inccounter
2018-06-19 16:18:10 -07:00
..
cbfs-init
Read and measure an EFI file into initrd during init
2018-04-29 19:58:44 -07:00
flash-gui.sh
Add option to flash cleaned ROM to GUI
2018-05-28 11:38:04 -07:00
flash.sh
Make x230 board option a glob to match x230-flash option
2018-05-18 14:04:00 -07:00
flashrom-kgpe-d16-openbmc.sh
Re-add the flashrom script for kgpe-d16-openbmc
2018-05-11 14:23:48 -07:00
generic-init
Ensure recovery for failed default boot
2017-09-02 14:13:29 -04:00
gpgv
Enable gpg with card support (issue #32)
2017-04-05 17:59:49 -04:00
gui-init
Use HOTP TPM counter instead of Heads when signing, if present
2018-06-19 16:18:10 -07:00
kexec-boot
Moved network init to a separate bootscript
2018-03-10 15:40:07 -08:00
kexec-insert-key
Allow boot without unseal of TPM LUKS key
2017-09-02 14:13:29 -04:00
kexec-iso-init
Add additional kernel command line options for ISO boot
2018-05-19 10:52:49 -07:00
kexec-parse-boot
Strip invalid leading/trailing '/' from script params
2017-09-02 14:13:29 -04:00
kexec-save-default
Cleanup of init to support server and desktop
2018-02-25 11:51:19 -08:00
kexec-save-key
Allow TPM LUKS key to be set during default selection
2017-09-02 14:13:29 -04:00
kexec-seal-key
Read and measure CBFS files into initrd during init
2018-04-20 09:29:57 -07:00
kexec-select-boot
Merge branch 'skip_sig_checks' of https://github.com/kylerankin/heads
2018-04-30 16:39:20 -04:00
kexec-sign-config
Add OHCI and UHCI drivers to initrd.
2018-02-15 22:59:22 +08:00
kexec-unseal-key
Allow boot without unseal of TPM LUKS key
2017-09-02 14:13:29 -04:00
key-init
Separate trusted ISO signers from trusted config signers
2018-05-17 19:52:11 -07:00
mount-usb
Cleanup of init to support server and desktop
2018-02-25 11:51:19 -08:00
network-init-recovery
Add all supported network modules to network-init-recovery
2018-04-20 09:29:57 -07:00
poweroff
Ensure recovery for failed default boot
2017-09-02 14:13:29 -04:00
qubes-measure-luks
qubes init script and improved TPM disk encryption with LUKS headers (issue #123 and #6)
2017-04-01 23:02:00 -04:00
reboot
Ensure recovery for failed default boot
2017-09-02 14:13:29 -04:00
seal-libremkey
Add Librem Key support to Heads
2018-06-19 12:27:27 -07:00
seal-totp
Read and measure CBFS files into initrd during init
2018-04-20 09:29:57 -07:00
tpm-reset
helper to do a forcible TPM reset (issue #27)
2017-04-12 06:45:15 -04:00
uefi-init
Read and measure an EFI file into initrd during init
2018-04-29 19:58:44 -07:00
unseal-hotp
Add Librem Key support to Heads
2018-06-19 12:27:27 -07:00
unseal-totp
print and update the timestamp on the TOTP while waiting for disk unlock code
2017-04-12 08:28:31 -04:00
usb-init
Cleanup of init to support server and desktop
2018-02-25 11:51:19 -08:00
usb-scan
Add a whiptail GUI to usb-scan
2018-05-02 14:29:27 -07:00
wget-measure.sh
wget and measure files into the PCR
2017-03-27 18:03:29 -04:00
x230-flash.init
load usb-storage module in x230-flash.init
2017-04-16 17:37:14 -04:00