shpedoikal / tpm-luks Public
master
Commits on May 23, 2013
-
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedMay 23, 2013
Commits on May 20, 2013
-
Signed-off-by: Kent Yoder <shpedoikal@gmail.com>
Kent Yoder committedMay 20, 2013
Commits on Apr 15, 2013
-
tpm-luks: add support for -a, add a key to LUKS device from NVRAM
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedApr 15, 2013 -
tpm-luks: allow reading from authless and ownerauth indexes
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedApr 15, 2013 -
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedApr 15, 2013 -
Support for different NV perms; support for reading authless indexes
Updated tpm-luks to allow any combination of NV perms and passing the well known password. Also updated Fedora 17's dract scripts to allow reading authless indexes. Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedApr 15, 2013
Commits on Apr 10, 2013
-
Not-really-signed-off-by: Ryan Harper <ryanh@linux.vnet.ibm.com> Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Ryan Harper authored and Kent Yoder committedApr 10, 2013
Commits on Nov 27, 2012
-
tpm-luks: fix passing in a slot id on create
Passing in an explicit slot id didn't work on a create operation. Tweak README. Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 27, 2012 -
conf: generate tpm-luks.conf correctly
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 27, 2012 -
yum update hook: add comment on updates to the grub package
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 27, 2012 -
remove debug switch from RHEL cryptroot-ask-tpm.sh
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 27, 2012
Commits on Nov 26, 2012
-
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 26, 2012 -
tpm-luks: updates for tpm-luks
- Support NVRAM area of any size - Add PCRs 8 & 9 to the tgrub root of trust - Only calculate the root of trust for the default grub menu.lst entry - Update tpm-luks-init and tpm-luks-update to operate on tpm-luks.conf entries only. Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 26, 2012 -
tpm-luks: move to use /dev/shm as the tmpfs mount
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 26, 2012 -
tpm-luks: moving towards a new design for secrets bound to PCRs
The script used to generate future PCR values is root of trust specific. Right now the only supported root of trust is based on Trusted GrUB. Since tpm-luks.conf references tgrub PCR setup, move that info into the tgrub-specific script to make way for a root of trust-agnostic model. Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 26, 2012
Commits on Nov 12, 2012
-
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 12, 2012 -
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 12, 2012 -
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 12, 2012 -
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 12, 2012
Commits on Nov 9, 2012
Commits on Nov 6, 2012
-
tpm-luks-init: add some status messages
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 6, 2012 -
swtpm-utils/Makefile.am: install binaries in /usr/bin by default
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 6, 2012
Commits on Nov 5, 2012
-
tpm-luks-gen-tgrub-pcr-values: check for PCR measurement file existence
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 5, 2012 -
Makefile.am: set sysconfdir to /etc
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 5, 2012 -
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 5, 2012 -
tpm-luks-gen-tgrub-pcr-values: added comment
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 5, 2012 -
tpm-luks.conf: add drtm-authorities-details profile
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 5, 2012 -
Don't pass arguments to dracut, let it use the dracut tpm-luks.conf file. Also, don't pass -p to tpm-luks if the NVRAM permissions file was actually created by tpm-luks-gen-tgrub-pcr-values. Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 5, 2012 -
tpm-luks-update: only migrate if NV permissions changed
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 5, 2012 -
tpm-luks-parse-config.in: hard-code to store conf file in /etc
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 5, 2012 -
tpm-luks: add -q for random source
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 5, 2012 -
tpm-luks: move tmpfs mount to /dev/shm
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 5, 2012
Commits on Nov 2, 2012
-
tpm-luks: lots of small updates
Signed-off-by: Kent Yoder <key@linux.vnet.ibm.com>
Kent Yoder committedNov 2, 2012

