confluent

mirror of https://github.com/xcat2/confluent.git synced 2024-11-22 01:22:00 +00:00

History

Jarrod Johnson 3c41c52d77 Rework TPM usage in SUSE diskless For one, need to detect stale TPM value and clear them. For another, seal to PCR 15 and extend after unlock, so that the booted system is unable to retrieve the data from the TPM (e.g. a plain user by default is allowed to unseal data if there's no policy, so use a policy and extend the state away before boot)	2021-06-24 11:09:37 -04:00
..
initramfs/lib/dracut/hooks/cmdline	Rework TPM usage in SUSE diskless	2021-06-24 11:09:37 -04:00
profiles/default/scripts	Handle space delimiting in nameservers	2021-06-23 12:35:54 -04:00

Jarrod Johnson 3c41c52d77 Rework TPM usage in SUSE diskless

For one, need to detect stale
TPM value and clear them.

For another, seal to PCR 15 and extend after unlock, so that the booted
system is unable to retrieve
the data from the TPM (e.g.
a plain user by default is allowed
to unseal data if there's no
policy, so use a policy and
extend the state away before boot)

2021-06-24 11:09:37 -04:00

initramfs/lib/dracut/hooks/cmdline

Rework TPM usage in SUSE diskless

2021-06-24 11:09:37 -04:00

profiles/default/scripts

Handle space delimiting in nameservers

2021-06-23 12:35:54 -04:00