ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2025-01-30 08:03:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
heads/initrd/bin
History
Kyle Rankin fe34aba719
Store HOTP counter directly in /boot instead of TPM 
The HOTP counter isn't a secret but is just used to prevent replay
attacks (the time-based counter in TOTP isn't a secret either) so it
doesn't need to be protected in the TPM and storing it as a TPM
monotonic counter was causing conflicts with the Heads configuration
counter as TPM 1.2 can only increment one counter per reboot.

This change moves the HOTP counter into the file in /boot that was
previously keeping track of the TPM counter id.
2018-06-20 09:20:39 -07:00
..
cbfs-init
Read and measure an EFI file into initrd during init
2018-04-29 19:58:44 -07:00
flash-gui.sh
Add option to flash cleaned ROM to GUI
2018-05-28 11:38:04 -07:00
flash.sh
Make x230 board option a glob to match x230-flash option
2018-05-18 14:04:00 -07:00
flashrom-kgpe-d16-openbmc.sh
Re-add the flashrom script for kgpe-d16-openbmc
2018-05-11 14:23:48 -07:00
generic-init
Ensure recovery for failed default boot
2017-09-02 14:13:29 -04:00
gpgv
Enable gpg with card support (issue #32)
2017-04-05 17:59:49 -04:00
gui-init
Store HOTP counter directly in /boot instead of TPM
2018-06-20 09:20:39 -07:00
kexec-boot
Moved network init to a separate bootscript
2018-03-10 15:40:07 -08:00
kexec-insert-key
Allow boot without unseal of TPM LUKS key
2017-09-02 14:13:29 -04:00
kexec-iso-init
Add additional kernel command line options for ISO boot
2018-05-19 10:52:49 -07:00
kexec-parse-boot
Strip invalid leading/trailing '/' from script params
2017-09-02 14:13:29 -04:00
kexec-save-default
Cleanup of init to support server and desktop
2018-02-25 11:51:19 -08:00
kexec-save-key
Allow TPM LUKS key to be set during default selection
2017-09-02 14:13:29 -04:00
kexec-seal-key
Read and measure CBFS files into initrd during init
2018-04-20 09:29:57 -07:00
kexec-select-boot
Merge branch 'skip_sig_checks' of https://github.com/kylerankin/heads
2018-04-30 16:39:20 -04:00
kexec-sign-config
Add OHCI and UHCI drivers to initrd.
2018-02-15 22:59:22 +08:00
kexec-unseal-key
Allow boot without unseal of TPM LUKS key
2017-09-02 14:13:29 -04:00
key-init
Separate trusted ISO signers from trusted config signers
2018-05-17 19:52:11 -07:00
mount-usb
Cleanup of init to support server and desktop
2018-02-25 11:51:19 -08:00
network-init-recovery
Add all supported network modules to network-init-recovery
2018-04-20 09:29:57 -07:00
poweroff
Ensure recovery for failed default boot
2017-09-02 14:13:29 -04:00
qubes-measure-luks
qubes init script and improved TPM disk encryption with LUKS headers (issue #123 and #6)
2017-04-01 23:02:00 -04:00
reboot
Ensure recovery for failed default boot
2017-09-02 14:13:29 -04:00
seal-libremkey
Store HOTP counter directly in /boot instead of TPM
2018-06-20 09:20:39 -07:00
seal-totp
Read and measure CBFS files into initrd during init
2018-04-20 09:29:57 -07:00
tpm-reset
helper to do a forcible TPM reset (issue #27)
2017-04-12 06:45:15 -04:00
uefi-init
Read and measure an EFI file into initrd during init
2018-04-29 19:58:44 -07:00
unseal-hotp
Store HOTP counter directly in /boot instead of TPM
2018-06-20 09:20:39 -07:00
unseal-totp
print and update the timestamp on the TOTP while waiting for disk unlock code
2017-04-12 08:28:31 -04:00
usb-init
Cleanup of init to support server and desktop
2018-02-25 11:51:19 -08:00
usb-scan
Add a whiptail GUI to usb-scan
2018-05-02 14:29:27 -07:00
wget-measure.sh
wget and measure files into the PCR
2017-03-27 18:03:29 -04:00
x230-flash.init
load usb-storage module in x230-flash.init
2017-04-16 17:37:14 -04:00