On Wed, May 29, 2024 at 04:54:13PM +0200, Lennart Poettering wrote:
> On Mi, 29.05.24 17:00, Andrei Borzenkov ([email protected]) wrote:
>
> > If you use pcrlock for more flexibility it will change into
> >
> > PolicyPCR(PCR1, PCR2, ...)
> > PolicyAuthorize
> > PolicyPCR(PCR3, PCR4, ...)
> > Pol
On Wed, May 29, 2024 at 10:36:28AM +0200, Lennart Poettering wrote:
> On Di, 28.05.24 17:36, Demi Marie Obenour ([email protected]) wrote:
>
> > > (you can of course include PolicyAuthorizeNV in the policy you sign
> > > for PolicyAuthorize, but that doesn#t work, since we want to pin th
On Mi, 29.05.24 17:00, Andrei Borzenkov ([email protected]) wrote:
> If you use pcrlock for more flexibility it will change into
>
> PolicyPCR(PCR1, PCR2, ...)
> PolicyAuthorize
> PolicyPCR(PCR3, PCR4, ...)
> PolicyOR(digest1, digest2, ...)
> PolicyAuthorizeNV
> Unseal
When you do this then the
On Tue, May 28, 2024 at 10:55 PM Lennart Poettering
wrote:
>
> On Di, 28.05.24 21:21, Andrei Borzenkov ([email protected]) wrote:
>
> > On 28.05.2024 17:49, Lennart Poettering wrote:
> > >
> > > systemd-cryptenroll supports pin, literal PCR, signed PCR — in any
> > > combination. (plus pcrlock,
On Wed, 29 May 2024 at 11:01, Andreas Svensson
wrote:
>
> Hello,
>
> I have a system that should keep the hardware watchdog active while
> rebooting the system. It has worked fine up to systemd version v254.
>
> I noticed that since systemd version v254 my system stops the hardware
> watchdog afte
On 5/29/24 11:22, Lennart Poettering wrote:
On Mi, 29.05.24 10:51, Andreas Svensson ([email protected]) wrote:
Hello,
I have a system that should keep the hardware watchdog active while
rebooting the system. It has worked fine up to systemd version v254.
I noticed that since systemd v
On Mi, 29.05.24 10:36, Lennart Poettering ([email protected]) wrote:
> But still, I am not ready to give up, there must be some other way I
> think, that I have missed so far.
I posted this on the tpm2-tss ML now:
https://lore.kernel.org/tpm2/ZlbtJ0jcy8rrUbUg@gardel-login/T/#u
Maybe they h
On Mi, 29.05.24 10:51, Andreas Svensson ([email protected]) wrote:
> Hello,
>
> I have a system that should keep the hardware watchdog active while
> rebooting the system. It has worked fine up to systemd version v254.
>
> I noticed that since systemd version v254 my system stops the hardw
Hello,
I have a system that should keep the hardware watchdog active while
rebooting the system. It has worked fine up to systemd version v254.
I noticed that since systemd version v254 my system stops the hardware
watchdog after systemd-shutdown completes. I think it's the
watchdog_free_dev
On Di, 28.05.24 17:36, Demi Marie Obenour ([email protected]) wrote:
> > (you can of course include PolicyAuthorizeNV in the policy you sign
> > for PolicyAuthorize, but that doesn#t work, since we want to pin the
> > local nvindex really, and allocate it localy, and the signer (i.e. the
10 matches
Mail list logo
