Date: Sat, 29 Oct 2022 15:48:01 +0200 From: Stanislaw Adaszewski <s.adaszewski@gmail.com> To: FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: TPM2 Support in bootloader / kernel in order to retrieve GELI passphrase Message-ID: <CADxsEsT8-=a2uZkTwBr56pVrx05ZPmCcybJrAGpt76GnAMYUOw@mail.gmail.com> In-Reply-To: <CADxsEsTDfzJS0e0M8Cqyd_P%2BjRwiU5NJg8VOEd0mgOV=kLuqgQ@mail.gmail.com> References: <CADxsEsRbt6xj1TOHVMMC3jhT%2BCfqZqX479JvdNyM31eAQh1%2BtA@mail.gmail.com> <CANCZdfphx9ZwL4j1deR9LLMBTatqVH%2B_PtkGp8ReQtWzp6T24Q@mail.gmail.com> <CADxsEsQKWrt5w%2B-Xo11QnDb_z5j%2BXkxC5q09%2BZnbMX1VLwAwYA@mail.gmail.com> <CADxsEsSiWF2W9axytK_QXyS-_rEABuOoCJCAku19kF%2B-GxAmBw@mail.gmail.com> <CADxsEsQ0hrPSfEXE4Dt28AWt9mWHu-qieYo0jpnMie=VeRZHnA@mail.gmail.com> <CADxsEsTDfzJS0e0M8Cqyd_P%2BjRwiU5NJg8VOEd0mgOV=kLuqgQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Since for the moment there does not seem to be that much traction for integrating it upstream, I have created a separate Git repository: https://github.com/sadaszewski/freebsd-patch-geli-password-from-tpm2 which can somewhat intelligently patch any FreeBSD source tree and allows to build the TPM2-passphrase-aware bootloader and kernel. I hope this will facilitate use by people who actually want/need it. I will also start putting some unit tests in there, in particular for the TPM code using swtpm + libtss2-tcti-swtpm - hopefully in the future all of it can be mostly test-covered. Soon, I will also throw in some scripts that automate the TPM2 setup. Best regards, -- S.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADxsEsT8-=a2uZkTwBr56pVrx05ZPmCcybJrAGpt76GnAMYUOw>