наб
0f2642ba92
Provide blank Esys_Create{Primary,}() metadata
...
This was yielding
Couldn't create primary encryption key: tpm:parameter(3):structure is the wrong size
errors on ASRock X670E Pro RS + AMD Ryzen 5 7600X: just kill it;
it's unclear if it's remotely useful besides adding some needless salt
Reported and validated by Lars Strojny:
https://twitter.com/lstrojny/status/1599182208752766976
2022-12-04 00:57:36 +01:00
наб
d950de0ae4
Actually copy in the CreatePrimary parameters to the right slots
...
This mimicks tpm2-tools; I don't think it matters any, since I'm pretty
sure these are just unused for our application, but
2022-12-04 00:32:44 +01:00
наб
b811862e0a
swtpm is in Debian now :)
2022-12-03 22:15:22 +01:00
наб
02195933bc
Use SHA256 as the default name algorithm for the TPM2 primary key
...
This mirrors an analogous change in tpm2-tools
5900ed818f3c1e7173b3
2022-12-03 21:32:50 +01:00
наб
023ffc98ae
0..23 -> [0, 23]
2022-12-03 21:19:40 +01:00
наб
af6835d586
Recommend new Debian repo signing
2022-11-04 00:01:00 +01:00
наб
005ee41545
sort | uniq -> LC_ALL=C sort -u
2022-10-29 22:52:43 +02:00
наб
29c58cfe9b
awk -> cut
2022-10-29 22:50:57 +02:00
наб
62e896642b
Silence SHA256_*() OpenSSL API deprecation warnings for now
2022-09-30 21:07:12 +02:00
наб
aef018ba1e
Fix builds with less header-leaky libstdc++es
2022-09-30 20:08:27 +02:00
наб
d26a07511f
Correct tilda in manuals
2022-09-30 20:00:07 +02:00
наб
fa91ff6c67
-P-pa4
2022-06-17 23:16:11 +02:00
наб
3651105e0f
Accept TZPFMS_{VERSION,DATE} from environment in Makefile
2021-12-20 20:23:14 +01:00
наб
b45a331747
Add out/systemd to release bundle. Spin auth token
2021-12-20 20:21:46 +01:00
наб
af6928d525
Add zfs-mount-generator integration
...
Funny moment: https://twitter.com/nabijaczleweli/status/1472986504272261124
2021-12-20 19:28:13 +01:00
наб
ce3560b797
Fix -[yu] typo in z-t-list.8 OPTIONS
2021-12-20 17:34:39 +01:00
наб
00703a1517
Upcast time_t to i64
2021-11-29 16:20:40 +01:00
наб
32da9f7c81
Fix TZPFMS_VERSION injexion into manuals
2021-11-28 20:02:22 +01:00
наб
1937610e54
struct timespec::tv_nsec is the syscall long, not actual long!
2021-11-28 18:17:00 +01:00
наб
5d7ebf3d19
Fix -flto[=full] -Wl,--as-needed not working on sid anymore(?)
2021-11-28 18:06:37 +01:00
наб
503ac72235
Proof zfs-tpm1x-change-key.8
2021-11-28 17:13:15 +01:00
наб
e0b0de31b9
Don't force POSIXLY_CORRECT. Reject extraneous argument
2021-11-28 01:40:23 +01:00
наб
49f0a05c33
Add PCR binding. password => passphrase in manuals
...
All logically distinct modes are now:
TPM1.X: passphraseless, PCRs, passphrase, passphrase & PCRs
TPM2: passphraseless, PCRs, passphrase, passphrase | PCRs
TPM2 sees a backward-incompatible ";pcr list" addition to its handle
Cf. https://twitter.com/nabijaczleweli/status/1463707170793562117
2021-11-28 01:33:58 +01:00
наб
de9b591546
Include tpm2_dictionarylockout like tpm_resetdalock
2021-11-27 22:46:40 +01:00
наб
c9cd46ab95
Build with -g by default. Don't strip
2021-11-25 22:49:47 +01:00
наб
303ea58c2f
Import parse_uint() from voreutils. Summarise all .sos. Fix systemd integration in README to match. Flatten hV adding
2021-11-25 16:33:26 +01:00
наб
09748712fb
Note libzfs 2.1 works
2021-11-24 18:55:55 +01:00
наб
2757a01c92
Remove SEE ALSOs that were just the git.sr.ht link
2021-11-24 13:37:04 +01:00
наб
a4cc3cd7e0
Use actual dataset names instead of owo/uwu/awa/&c. in zfs-tpm-list.8
2021-11-24 13:35:09 +01:00
наб
98bd432a50
Final-proof passphrase.h
2021-11-24 13:23:22 +01:00
наб
4e41ae1f14
Add TZPFMS_PASSPHRASE_HELPER{,_MAN} make tunables
2021-11-20 13:12:01 +01:00
наб
f02bf1c094
Proof password.h round 2
2021-11-20 12:13:11 +01:00
наб
ea0a5bd52e
Proof passphrase.h. Fix helper for empty output, fortify against ENOMEM and mmap(2) error
2021-11-19 00:37:08 +01:00
наб
8df40d5506
Fix lib[std]c++ dependency by initialising helper path explicitly
2021-11-15 19:12:19 +01:00
наб
12189bc0d5
Change TPM2 creation metadata to 'UNIX.ns dataset version' from 'dataset RFC3339 version' ‒ there's only 64 bytes to play with
2021-11-15 19:04:40 +01:00
наб
9c8ee8d68c
Add $TZPFMS_PASSPHRASE_HELPER. Always include the TPM back-end and/or dataset name in password what-fors
2021-11-15 18:59:07 +01:00
наб
74ec450e16
Preprocess with pp.awk, fixing space columnation
2021-11-12 19:41:38 +01:00
наб
a0ca4c3a97
apt-get on CI
2021-11-10 18:40:30 +01:00
наб
d8d29927c7
Proof manuals
2021-11-10 18:34:47 +01:00
наб
c1ab9a5a1a
Fold print; return err; into return print, err;
2021-11-10 15:02:43 +01:00
наб
dc8bc7acb7
Use proper PRI* macros for foreign types
2021-11-10 14:48:07 +01:00
наб
d5107f9415
Clean up shell in tandem with https://github.com/openzfs/zfs/pull/12652
2021-10-21 23:57:47 +02:00
наб
01fa1b6031
No authors -> no gsfonts. Also what's a state
2021-10-15 23:37:30 +02:00
наб
9817d9d8ae
Remove authors list
2021-10-15 23:33:45 +02:00
наб
6ae9df1c95
Rewrite manual in mdoc
2021-10-15 23:16:04 +02:00
наб
5b0685ec94
src:zfs-linux 2.0.0-1~exp1 works
2021-01-06 15:40:54 +01:00
наб
3174a66e9e
Note the Debian package
2020-12-08 19:40:19 +01:00
наб
1a5f1f9498
Note initrd regens for TPM1.X
2020-12-08 18:14:35 +01:00
наб
7841412225
Take a stance on some TODOs
2020-12-08 17:48:33 +01:00
наб
af3e91c77d
Test and unfuck TPM1.X + dracut
...
Tested on a Toshiba R700
2020-12-07 20:30:35 +01:00
