The patch series "Automatic TPM Disk Unlock" posted by Hernan Gatta
introduces the key protector framework and TPM2 stack to GRUB2, and it's
a useful feature for the systems to implement full disk encryption.
However, it seems the development was stalled for a while, and I'd like
to push it forward
The arguments, except the buffer, of the marshal functions are the pure
inputs. Also, the TPM2 command parameters are supposed not changed by
the command. Declare those arguments as 'const' so that the compiler can
help to detect the undesired change on those arguments. Besides, when
looking up the
Sometimes TPM may return TPM_RC_RETRY for some reason, and the only
thing we can do is to send the command again. To avoid pending in the
while loop indefinitely, just try to send the command 3 times.
Signed-off-by: Gary Lin
---
grub-core/tpm2/tpm2.c | 33 -
1 fil
There are some parameters of TPM2 commmands allowing to be empty such
as 'encryptedSalt' of 'TPM2_StartAuthSession' and 'pcrDigest' of
'TPM2_PolicyPCR'. Instead of forcing the user of those functions to
declare an empty variable, we can just pack a u16 zero to fabricate an
empty variable when the u
Per "TCG TPM2 Part3 Commands", 'persistentHandle' of TPM2_EvictControl
is in the parameter area, i.e. after the authorization command. Adjust
the order of the arguments to match the spec definition.
Signed-off-by: Gary Lin
---
grub-core/tpm2/tpm2.c | 2 +-
include/grub/tpm2/inte
Based on the patch from Olaf Kirch
The sealed key is the subject to change and measuring the file into PCR9
makes the prediction of PCR9 value impossible. This commit opens the
file with GRUB_FILE_TYPE_SIGNATURE to avoid the measurement.
Signed-off-by: Gary Lin
---
grub-core/tpm2/module.c | 4
Since the NULL 'encryptedSalt' of 'TPM2_StartAuthSession' is handled as
an empty TPM2B structure, there is no need to declare an empty salt.
As for 'nonceTPM', we don't use in the following TPM2 commands, so we
can safely ignore it.
Signed-off-by: Gary Lin
---
grub-core/tpm2/module.c | 6 ++
When the caller of TPM2_PCR_Read() passes a valid authorization command,
we should pack it into the 'in' buffer before sending the command.
Signed-off-by: Gary Lin
---
grub-core/tpm2/tpm2.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/grub-core/tpm2/tpm2.c b/grub-core/tpm2/tpm2.c
index
From: Hernan Gatta
To utilize the key protectors framework, there must be a way to protect
full-disk encryption keys in the first place. The grub-protect tool includes
support for the TPM2 key protector but other protectors that require setup ahead
of time can be supported in the future.
For the
From: Hernan Gatta
Add a new parameter to cryptomount to support the key protectors framework: -k.
The parameter is used to automatically retrieve a key from specified key
protectors. The parameter may be repeated to specify any number of key
protectors. These are tried in order until one provide
Some command parameters should not be NULL. Add the conditional check to
avoid the potential NULL pointer reference.
Besides, for TPM2_StartAuthSession, when 'tpmKey' is 'TPM_RH_NULL', the
size of 'encryptedSalt' must be 0 per "TCG TPM2 Part3 Commands".
Signed-off-by: Gary Lin
---
grub-core/tpm
From: Hernan Gatta
A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to compose,
submit, and parse TPM commands and responses.
A limited number of TPM commands may be accessed via the EFI TCG2 protocol. This
protocol exposes functionality that is primarily geared toward TPM usa
From: Michael Chang
The error "no cryptodisk module can handle this device" may happen even
encrypted disk were correctly formatted and required modules were loaded.
It is casued by missing break to the loop in which cryptodisk modules are
iterated to find the one matching target's disk format.
From: Hernan Gatta
A key protector encapsulates functionality to retrieve an unlocking key for a
fully-encrypted disk from a specific source. A key protector module registers
itself with the key protectors framework when it is loaded and unregisters when
unloaded. Additionally, a key protector ma
From: Hernan Gatta
The TPM2 key protector is a module that enables the automatic retrieval of a
fully-encrypted disk's unlocking key from a TPM 2.0.
The theory of operation is such that the module accepts various arguments, most
of which are optional and therefore possess reasonable defaults. On
On Tue, Feb 14, 2023 at 4:41 AM Daniel Kiper wrote:
>
> On Thu, Feb 09, 2023 at 04:27:11PM -0800, Atish Patra wrote:
> > On Thu, Feb 2, 2023 at 12:12 PM Daniel Kiper
> > wrote:
> > >
> > > On Fri, Jan 20, 2023 at 05:17:13PM -0800, Atish Patra wrote:
> > > > The arch specific image header details
This prevents load_all_modules from failing when called before any
modules have been loaded. Failures in GDB user-defined functions cause
any function which called them to also fail.
Signed-off-by: Glenn Washburn
---
grub-core/gdb_grub.in | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
This series is the first 3 patches of the previous series "GDB script fixes
and improvements", which I think it better to break into separate logical
series. These are (most of) the fixes from that that series that stand alone.
Glenn
Glenn Washburn (3):
gdb: Fix redirection issue in dump_module
GDB logging is redirected to write .segments.tmp, which means that GDB
will wrap lines longer than what it thinks is the screen width
(typically 80 characters). When wrapping does occur it causes gmodule.pl
to misbehave. So disable line wrapping by using GDB's "with" command so
that its guaranteed
An error in any GDB command causes it to immediately abort with an error,
this includes any command that calls that command. This leads to an issue
in dump_module_sections where an error causes the command to exit without
turning off file redirection. The user then ends up with a GDB command
line w
On EFI platforms where EFI calls do not require a wrapper (notably i386-efi
and arm64-efi), the func argument needs to be wrapped in parenthesis to
allow valid syntax when func is an expression which evaluates to a function
pointer. On EFI platforms that do need a wrapper, this was never an issue
b
On Tue, 21 Feb 2023 14:56:18 +0100
John Paul Adrian Glaubitz wrote:
> Hi Glenn!
>
> On Tue, 2023-02-21 at 10:58 +0100, John Paul Adrian Glaubitz wrote:
> > > Do you have installed all the packages that are installed in that
> > > build log? Are you applying all the patches or just building from
On Mon, Feb 20, 2023 at 08:15:35AM -0800, Oliver Steffen wrote:
> Thank you for the comments, Daniel.
>
> Quoting Daniel Kiper (2023-02-15 19:27:03)
> > On Mon, Jan 16, 2023 at 12:40:53PM +0100, Oliver Steffen wrote:
> > > Add a new module named boot_loader_interface, which provides a command
> >
>
Hi Glenn!
On Tue, 2023-02-21 at 10:58 +0100, John Paul Adrian Glaubitz wrote:
> > Do you have installed all the packages that are installed in that build
> > log? Are you applying all the patches or just building from 2.06 git?
>
> Building from git, no patches applied. Will try openSUSE Tumbelwe
Hi Glenn!
On Mon, 2023-02-20 at 21:29 -0600, Glenn Washburn wrote:
> It looks like the debian build log[1] for sid has the same messages, up
> to here. The package goes on to build successfully.
Yes, but the Debian build does not seem to run the bootstrap script which
is probably why the problem
25 matches
Mail list logo
