Add TPM2 support to confluent genesis

genesis/97genesis/cmdline.sh

@@ -12,4 +12,6 @@ echo root:x:0:0::/:/bin/bash >> /etc/passwd
 echo sshd:x:30:30:SSH User:/var/empty/sshd:/sbin/nologin >> /etc/passwd
 /usr/lib/systemd/systemd-udevd --daemon
 udevadm trigger
-tmux -L console new-sessiod /bin/rungenesis
+udevadm trigger --type=devices --action=add
+udevadm settle
+tmux -L console new-session /bin/rungenesis

genesis/97genesis/install-base

@@ -1,4 +1,7 @@
 #!/bin/sh
+dracut_install /usr/bin/clevis-encrypt-tpm2 /usr/bin/clevis-decrypt-tpm2 /usr/bin/jose /usr/bin/mktemp
+dracut_install /lib64/libtss2-tcti-device.so.0
+dracut_install /usr/bin/tpm2_create /usr/bin/tpm2_pcrlist /usr/bin/tpm2_createpolicy /usr/bin/tpm2_createprimary /usr/bin/tpm2_load /usr/bin/tpm2_unseal
 dracut_install curl openssl tar ipmitool cpio gzip lsmod ethtool
 dracut_install modprobe touch echo cut wc bash netstat uniq grep ip hostname
 dracut_install awk egrep dirname bc expr sort

genesis/buildgenesis.sh

@@ -0,0 +1,12 @@
+cd $(dirname $0)
+cp -a 97genesis /usr/lib/dracut/modules.d/
+cat /usr/lib/dracut/modules.d/97genesis/install-* > /usr/lib/dracut/modules.d/97genesis/install
+chmod +x /usr/lib/dracut/modules.d/97genesis/install
+mkdir -p boot/initramfs
+mkdir -p boot/efi/boot
+dracut --xz -N -m "genesis base" -f boot/initramfs/distribution $(uname -r)
+cp -f /boot/vmlinuz-$(uname -r) boot/kernel
+cp /boot/efi/EFI/BOOT/BOOTX64.EFI boot/efi/boot
+cp /boot/efi/EFI/centos/grubx64.efi boot/efi/boot/grubx64.efi
+rm -rf /usr/lib/dracut/modules.d/97genesis
+cd -