Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 265903 Details for
Bug 358967
sys-kernel/genkernel - TpmCrypt support
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
TpmCrypt patch for genkernel
genkernel_tpmcrypt.patch (text/plain), 6.17 KB, created by
Philipp Deppenwiese
on 2011-03-15 04:04:31 UTC
(
hide
)
Description:
TpmCrypt patch for genkernel
Filename:
MIME Type:
Creator:
Philipp Deppenwiese
Created:
2011-03-15 04:04:31 UTC
Size:
6.17 KB
patch
obsolete
>diff -urN /usr/share/genkernel/defaults/initrd.scripts genkernel/defaults/initrd.scripts >--- /usr/share/genkernel/defaults/initrd.scripts 2011-03-14 23:52:50.409039604 +0100 >+++ genkernel/defaults/initrd.scripts 2011-03-14 23:27:33.906815366 +0100 >@@ -940,6 +940,39 @@ > fi > } > >+startTrousers() >+{ >+ /sbin/ifconfig lo 127.0.0.1 up >+ chown tss:tss /dev/tpm0 >+ chmod 600 /dev/tpm0 >+ /sbin/tcsd >+ if [ "$?" -eq '0' ] >+ then >+ good_msg "Starting Trousers" >+ else >+ bad_msg "Can't starting trousers" >+ fi >+} >+ >+startTpmCrypt() >+{ >+ #Starting Trousers >+ startTrousers >+ >+ #Starting tpmcrypt keyprovider daemon >+ if [ ! -e /var/run/tpmcrypt/server.socket ] >+ then >+ /sbin/tpmcrypt_keyproviderd -p >+ good_msg "TpmCrypt Enviroment started successfully" >+ else >+ bad_msg "Can't start TpmCrypt Enviroment" >+ exec sh >+ fi >+ >+ #Starting Login >+ /bin/tpmcrypt_mount >+} >+ > sdelay() { > # Sleep a specific number of seconds if SDELAY is set > if [ "${SDELAY}" ] >diff -urN /usr/share/genkernel/defaults/linuxrc genkernel/defaults/linuxrc >--- /usr/share/genkernel/defaults/linuxrc 2011-03-14 23:52:50.409039604 +0100 >+++ genkernel/defaults/linuxrc 2011-03-14 23:27:19.606794399 +0100 >@@ -181,6 +181,10 @@ > iscsi_noibft) > ISCSI_NOIBFT=1 > ;; >+ #TpmCrypt and Trousers >+ tpmcrypt) >+ TPMCRYPT=1 >+ ;; > # Crypto > crypt_root\=*) > CRYPT_ROOT=`parse_opt "${x}"` >@@ -354,6 +358,17 @@ > mkdir -p "${NEW_ROOT}" > CHROOT="${NEW_ROOT}" > >+if [ "${CDROOT}" != 1 ] >+then >+ if [ "${TPMCRYPT}" = '1' ] >+ then >+ startTpmCrypt >+ fi >+fi >+ >+#LVM Rescan >+startVolumes >+ > # Run debug shell if requested > rundebugshell > >diff -urN /usr/share/genkernel/gen_cmdline.sh genkernel/gen_cmdline.sh >--- /usr/share/genkernel/gen_cmdline.sh 2011-03-14 23:52:50.439039648 +0100 >+++ genkernel/gen_cmdline.sh 2011-03-14 23:26:55.186758582 +0100 >@@ -92,6 +92,7 @@ > echo " ramdisk" > echo " --luks Include LUKS support" > echo " --> 'emerge cryptsetup-luks' with USE=-dynamic" >+ echo " --tpmcrypt Include TpmCrypt support" > echo " --gpg Include GPG-armored LUKS key support" > echo " --no-busybox Do not include busybox in the initramfs." > echo " --unionfs Include support for unionfs" >@@ -520,6 +521,10 @@ > CMD_LUKS=1 > print_info 2 "CMD_LUKS: ${CMD_LUKS}" > ;; >+ --tpmcrypt) >+ CMD_TPMCRYPT=1 >+ print_info 2 "CMD_TPMCRYPT: ${CMD_TPMCRYPT}" >+ ;; > --gpg) > CMD_GPG=1 > print_info 2 "CMD_GPG: ${CMD_GPG}" >diff -urN /usr/share/genkernel/gen_determineargs.sh genkernel/gen_determineargs.sh >--- /usr/share/genkernel/gen_determineargs.sh 2011-03-14 23:52:50.449039674 +0100 >+++ genkernel/gen_determineargs.sh 2011-03-14 23:37:53.607724288 +0100 >@@ -112,11 +112,12 @@ > set_config_with_override 1 DMRAID CMD_DMRAID > set_config_with_override 1 ISCSI CMD_ISCSI > set_config_with_override 1 BUSYBOX CMD_BUSYBOX "yes" >- set_config_with_override 1 UNIONFS CMD_UNIONFS >- set_config_with_override 1 NETBOOT CMD_NETBOOT >- set_config_with_override 2 REAL_ROOT CMD_REAL_ROOT >+ set_config_with_override 1 UNIONFS CMD_UNIONFS >+ set_config_with_override 1 NETBOOT CMD_NETBOOT >+ set_config_with_override 2 REAL_ROOT CMD_REAL_ROOT > set_config_with_override 1 DISKLABEL CMD_DISKLABEL > set_config_with_override 1 LUKS CMD_LUKS >+ set_config_with_override 1 TPMCRYPT CMD_TPMCRYPT > set_config_with_override 1 GPG CMD_GPG > set_config_with_override 1 MDADM CMD_MDADM > set_config_with_override 1 MULTIPATH CMD_MULTIPATH >diff -urN /usr/share/genkernel/gen_initramfs.sh genkernel/gen_initramfs.sh >--- /usr/share/genkernel/gen_initramfs.sh 2011-03-14 23:52:50.459039681 +0100 >+++ genkernel/gen_initramfs.sh 2011-03-14 23:48:31.428659765 +0100 >@@ -435,6 +435,58 @@ > rm -r "${TEMP}/initramfs-luks-temp/" > } > >+append_tpmcrypt() { >+ if [ -d "${TEMP}/initramfs-tpmcrypt-temp" ] >+ then >+ rm -r "${TEMP}/initramfs-tpmcrypt-temp" >+ fi >+ >+ mkdir -p "${TEMP}/initramfs-tpmcrypt-temp/sbin" >+ mkdir -p "${TEMP}/initramfs-tpmcrypt-temp/bin" >+ mkdir -p "${TEMP}/initramfs-tpmcrypt-temp/lib/" >+ mkdir -p "${TEMP}/initramfs-tpmcrypt-temp/etc/tpmcrypt" >+ mkdir -p "${TEMP}/initramfs-tpmcrypt-temp/var/run/tpmcrypt" >+ mkdir -p "${TEMP}/initramfs-tpmcrypt-temp/var/log/" >+ >+ cd "${TEMP}/initramfs-tpmcrypt-temp" >+ >+ if isTrue ${TPMCRYPT} >+ then >+ if [ -e /usr/sbin/tcsd ] >+ then >+ print_info 1 "Including TrouSers support" >+ cp /usr/sbin/tcsd ${TEMP}/initramfs-tpmcrypt-temp/sbin >+ chmod +x "${TEMP}/initramfs-tpmcrypt-temp/sbin/tcsd" >+ sed '/^system_ps_file/ d' /etc/tcsd.conf > ${TEMP}/initramfs-tpmcrypt-temp/etc/tcsd.conf >+ echo "system_ps_file = /etc/tpmcrypt/tpmcrypt.data" >> ${TEMP}/initramfs-tpmcrypt-temp/etc/tcsd.conf >+ if is_static /bin/tpmcrypt_mount && is_static /sbin/tpmcrypt_keyproviderd >+ then >+ print_info 1 "Not implemented" >+ else >+ print_info 1 "Including TpmCrypt support" >+ cp /usr/bin/tpmcrypt_mount ${TEMP}/initramfs-tpmcrypt-temp/bin/ >+ chmod +x "${TEMP}/initramfs-tpmcrypt-temp/bin/tpmcrypt_mount" >+ cp /usr/sbin/tpmcrypt_keyproviderd ${TEMP}/initramfs-tpmcrypt-temp/sbin/ >+ chmod +x "${TEMP}/initramfs-tpmcrypt-temp/sbin/tpmcrypt_keyproviderd" >+ cp /var/log/tpmcrypt.log ${TEMP}/initramfs-tpmcrypt-temp/var/log/ >+ chmod 660 "${TEMP}/initramfs-tpmcrypt-temp/var/log/tpmcrypt.log" >+ cp -a -L /usr/lib/libtspi.so.1 ${TEMP}/initramfs-tpmcrypt-temp/lib/ >+ cp -a -L /usr/lib/libgmp.so.3 ${TEMP}/initramfs-tpmcrypt-temp/lib/ >+ fi >+ else >+ print_info 1 "No TrouSers found" >+ print_info 1 "Not including TpmCrypt and TrouSers" >+ >+ fi >+ fi >+ >+ find . -print | cpio ${CPIO_ARGS} --append -F "${CPIO}" \ >+ || gen_die "appending TpmCrypt to cpio" >+ >+ cd "${TEMP}" >+ rm -r "${TEMP}/initramfs-tpmcrypt-temp/" >+} >+ > append_firmware() { > if [ -z "${FIRMWARE_FILES}" -a ! -d "${FIRMWARE_DIR}" ] > then >@@ -672,6 +724,7 @@ > append_data 'evms' "${EVMS}" > append_data 'mdadm' "${MDADM}" > append_data 'luks' "${LUKS}" >+ append_data 'tpmcrypt' "${TPMCRYPT}" > append_data 'multipath' "${MULTIPATH}" > append_data 'gpg' "${GPG}" >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=265903">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 358967
: 265903
