Re: TPM2 Support in bootloader / kernel in order to retrieve GELI passphrase

Reply: Tomek CEDRO : "Re: TPM2 Support in bootloader / kernel in order to retrieve GELI passphrase"
In reply to: Stanislaw Adaszewski : "Re: TPM2 Support in bootloader / kernel in order to retrieve GELI passphrase"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Stanislaw Adaszewski <s.adaszewski_at_gmail.com>
Date: Sat, 29 Oct 2022 13:48:01 UTC

Since for the moment there does not seem to be that much
traction for integrating it upstream, I have created a separate
Git repository:

https://github.com/sadaszewski/freebsd-patch-geli-password-from-tpm2

which can somewhat intelligently patch any FreeBSD source
tree and allows to build the TPM2-passphrase-aware bootloader
and kernel.

I hope this will facilitate use by people who actually
want/need it. I will also start putting some unit tests in there,
in particular for the TPM code using swtpm +
libtss2-tcti-swtpm - hopefully in the future all of it can be
mostly test-covered.

Soon, I will also throw in some scripts that automate the
TPM2 setup.

Best regards,

--
S.