Re: [PATCH] key_protector: Add systemd TPM2 Key Protector

2025-03-13 Thread Daniel Kiper
On Wed, Mar 12, 2025 at 08:40:36AM +0100, Yann Diorcet wrote: > Good idea, I will rework the patch with the few modifications that I talked > about. If you are going to do that may I ask you to split this patch into smaller ones doing only one logical thing at a time? Daniel

Re: [PATCH] key_protector: Add systemd TPM2 Key Protector

2025-03-12 Thread Gary Lin via Grub-devel
On Thu, Mar 06, 2025 at 10:15:09PM +0100, Diorcet Yann wrote: > The systemd TPM2 key protector is a module that enables the automatic > retrieval > of a fully-encrypted disk's unlocking key from a systemd token in luks2 > partition header. > > Inspired by the tpm2_key_protector module and the cryp

Re: [PATCH] key_protector: Add systemd TPM2 Key Protector

2025-03-09 Thread Diorcet Yann
Hello, I already made two updates: - A modification of this patch in order to make the tpm2-primary-alg optional according to https://github.com/systemd/systemd/blob/main/src/cryptsetup/cryptsetup-tokens/cryptsetup-token-systemd-tpm2.c#L320 - Another patch adding the support for a trusted SR