[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v19 00/33] Automatic Disk Unlock with TPM2
From: |
Stefan Berger |
Subject: |
Re: [PATCH v19 00/33] Automatic Disk Unlock with TPM2 |
Date: |
Fri, 13 Sep 2024 10:32:39 -0400 |
User-agent: |
Mozilla Thunderbird |
On 9/6/24 5:10 AM, Gary Lin wrote:
GIT repo for v19: https://github.com/lcp/grub2/tree/tpm2-unlock-v19
This patch series is based on "Automatic TPM Disk Unlock"(*1) posted by
Hernan Gatta to introduce the key protector framework and TPM2 stack
to GRUB2, and this could be a useful feature for the systems to
implement full disk encryption.
To support TPM 2.0 Key File format(*2), patch 1~7,9-16 are grabbed from
Daniel Axtens's "appended signature secure boot support" (*3) to import
libtasn1 into grub2. Besides, the libtasn1 version is upgraded to
4.19.0 instead of 4.16.0 in the original patch.
I was going to try it out now (on a ppc64 machine) but fail to configure
it. The configure and build work on tip of master.
> git clean -xdf ; ./bootstrap && ./configure --prefix=/usr
[...]
Using python3...
Importing unicode...
Importing libgcrypt...
Importing libtasn1...
cp: cannot stat 'grub-core/lib/libtasn1/lib/*.[ch]': No such file or
directory
running: AUTOPOINT=true LIBTOOLIZE=true autoreconf --verbose --install
--force -I m4 --no-recursive
autoreconf: Entering directory `.'
autoreconf: running: true --force
autoreconf: running: aclocal -I m4 --force -I m4
autoreconf: configure.ac: tracing
autoreconf: configure.ac: not using Libtool
autoreconf: running: /usr/bin/autoconf --include=m4 --force
autoreconf: running: /usr/bin/autoheader --include=m4 --force
autoreconf: running: automake --add-missing --copy --force-missing
configure.ac:50: installing 'build-aux/config.guess'
configure.ac:50: installing 'build-aux/config.sub'
configure.ac:56: installing 'build-aux/install-sh'
configure.ac:56: installing 'build-aux/missing'
automake: error: cannot open < Makefile.util.am: No such file or directory
autoreconf: automake failed with exit status: 1
./bootstrap: autoreconf failed
Bisecting the series of patches with the above command line run at each
step leads to:
70fff1f0d04f576921619fddaf066d1f2c73255c is the first bad commit
commit 70fff1f0d04f576921619fddaf066d1f2c73255c
Author: Daniel Axtens <dja@axtens.net>
Date: Fri Sep 6 17:11:07 2024 +0800
libtasn1: compile into asn1 module
Create a wrapper file that specifies the module license.
Set up the makefile so it is built.
Signed-off-by: Daniel Axtens <dja@axtens.net>
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
autogen.sh | 19 +++++++++++++++++++
grub-core/Makefile.core.def | 15 +++++++++++++++
grub-core/lib/libtasn1_wrap/wrap.c | 27 +++++++++++++++++++++++++++
3 files changed, 61 insertions(+)
create mode 100644 grub-core/lib/libtasn1_wrap/wrap.c
- [PATCH v19 27/33] cryptodisk: Fallback to passphrase, (continued)
- [PATCH v19 27/33] cryptodisk: Fallback to passphrase, Gary Lin, 2024/09/06
- [PATCH v19 28/33] cryptodisk: wipe out the cached keys from protectors, Gary Lin, 2024/09/06
- [PATCH v19 29/33] diskfilter: look up cryptodisk devices first, Gary Lin, 2024/09/06
- [PATCH v19 30/33] tpm2_key_protector: Add grub-emu support, Gary Lin, 2024/09/06
- [PATCH v19 31/33] tests: Add tpm2_key_protector_test, Gary Lin, 2024/09/06
- [PATCH v19 32/33] cryptodisk: Document the '-P' option, Gary Lin, 2024/09/06
- [PATCH v19 33/33] docs: Document TPM2 key protector, Gary Lin, 2024/09/06
- Re: [PATCH v19 00/33] Automatic Disk Unlock with TPM2,
Stefan Berger <=
- Re: [PATCH v19 00/33] Automatic Disk Unlock with TPM2, Gary Lin, 2024/09/19