* [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage @ 2024-07-10 5:33 'Rakesh Kumar' via isar-users 2024-07-10 11:21 ` 'Jan Kiszka' via isar-users 2024-07-23 7:37 ` Uladzimir Bely 0 siblings, 2 replies; 9+ messages in thread From: 'Rakesh Kumar' via isar-users @ 2024-07-10 5:33 UTC (permalink / raw) To: isar-users; +Cc: jan.kiszka, cedric.hombourger, Rakesh Kumar To ensure proper initialization of the fTPM and tee-supplicant services before the root filesystem is mounted, we are relocating their initialization to the local-top section of initramfs. This change ensures that the encrypted filesystems are properly initialized and ready for use before the root filesystem is mounted at local-bottom stage. Reason for local-top: * Early Initialization: The local-top scripts run before the root filesystem is mounted. This timing is essential for encrypted root filesystems since the decryption process must be completed before the filesystem can be accessed. * Dependency Handling: The encryption setup requires initializing dependencies such as fTPM (firmware Trusted Platform Module) devices. Performing these tasks early in the boot process ensures that all necessary components are in place before the root filesystem is mounted. Signed-off-by: Rakesh Kumar <kumar.rakesh@siemens.com> --- .../initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb | 4 ++-- .../initramfs-tee-supplicant-hook_0.1.bb | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb index db38e618..82fec1bb 100644 --- a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb +++ b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools" do_install[cleandirs] += " \ ${D}/usr/share/initramfs-tools/hooks \ - ${D}/usr/share/initramfs-tools/scripts/local-bottom" + ${D}/usr/share/initramfs-tools/scripts/local-top" do_install() { install -m 0755 "${WORKDIR}/tee-ftpm.hook" \ "${D}/usr/share/initramfs-tools/hooks/tee-ftpm" install -m 0755 "${WORKDIR}/tee-ftpm.script" \ - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee-ftpm" + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-ftpm" } diff --git a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb index 3768b8e0..a7a19bee 100644 --- a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb +++ b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools, tee-supplicant, procps" do_install[cleandirs] += " \ ${D}/usr/share/initramfs-tools/hooks \ - ${D}/usr/share/initramfs-tools/scripts/local-bottom" + ${D}/usr/share/initramfs-tools/scripts/local-top" do_install() { install -m 0755 "${WORKDIR}/tee-supplicant.hook" \ "${D}/usr/share/initramfs-tools/hooks/tee-supplicant" install -m 0755 "${WORKDIR}/tee-supplicant.script" \ - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee-supplicant" + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-supplicant" } -- 2.39.2 -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/isar-users/20240710053335.2163596-1-kumar.rakesh%40siemens.com. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage 2024-07-10 5:33 [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage 'Rakesh Kumar' via isar-users @ 2024-07-10 11:21 ` 'Jan Kiszka' via isar-users 2024-07-10 12:30 ` 'Rakesh Kumar' via isar-users ` (2 more replies) 2024-07-23 7:37 ` Uladzimir Bely 1 sibling, 3 replies; 9+ messages in thread From: 'Jan Kiszka' via isar-users @ 2024-07-10 11:21 UTC (permalink / raw) To: Rakesh Kumar, isar-users, Quirin Gylstorff; +Cc: cedric.hombourger On 10.07.24 07:33, Rakesh Kumar wrote: > To ensure proper initialization of the fTPM and tee-supplicant services before > the root filesystem is mounted, we are relocating their initialization to the > local-top section of initramfs. This change ensures that the encrypted filesystems > are properly initialized and ready for use before the root filesystem is mounted at > local-bottom stage. Close but not fully correct: The rootfs is mounted AFTER the top stage and BEFORE bottom. > > Reason for local-top: > > * Early Initialization: The local-top scripts run before the root filesystem is mounted. > This timing is essential for encrypted root filesystems since the decryption process must be > completed before the filesystem can be accessed. > > * Dependency Handling: The encryption setup requires initializing dependencies such as > fTPM (firmware Trusted Platform Module) devices. Performing these tasks early in the boot process > ensures that all necessary components are in place before the root filesystem is mounted. This will still need some isar-cip-core patch in order to add a PREREQ on fTPM if a concrete target using fTPM for disk encryption. But Quirin just had another idea, leaving the stage to him now. :) Jan > > Signed-off-by: Rakesh Kumar <kumar.rakesh@siemens.com> > --- > .../initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb | 4 ++-- > .../initramfs-tee-supplicant-hook_0.1.bb | 4 ++-- > 2 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb > index db38e618..82fec1bb 100644 > --- a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb > +++ b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools" > > do_install[cleandirs] += " \ > ${D}/usr/share/initramfs-tools/hooks \ > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" > + ${D}/usr/share/initramfs-tools/scripts/local-top" > > do_install() { > install -m 0755 "${WORKDIR}/tee-ftpm.hook" \ > "${D}/usr/share/initramfs-tools/hooks/tee-ftpm" > install -m 0755 "${WORKDIR}/tee-ftpm.script" \ > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee-ftpm" > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-ftpm" > } > diff --git a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb > index 3768b8e0..a7a19bee 100644 > --- a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb > +++ b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools, tee-supplicant, procps" > > do_install[cleandirs] += " \ > ${D}/usr/share/initramfs-tools/hooks \ > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" > + ${D}/usr/share/initramfs-tools/scripts/local-top" > > do_install() { > install -m 0755 "${WORKDIR}/tee-supplicant.hook" \ > "${D}/usr/share/initramfs-tools/hooks/tee-supplicant" > install -m 0755 "${WORKDIR}/tee-supplicant.script" \ > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee-supplicant" > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-supplicant" > } -- Siemens AG, Technology Linux Expert Center -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/isar-users/fa89edf3-30be-4692-baa1-9c69876c96d4%40siemens.com. ^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage 2024-07-10 11:21 ` 'Jan Kiszka' via isar-users @ 2024-07-10 12:30 ` 'Rakesh Kumar' via isar-users 2024-07-10 12:39 ` Rakesh Kumar 2024-07-22 5:43 ` 'Kumar, Rakesh' via isar-users 2 siblings, 0 replies; 9+ messages in thread From: 'Rakesh Kumar' via isar-users @ 2024-07-10 12:30 UTC (permalink / raw) To: isar-users; +Cc: jan.kiszka, cedric.hombourger, Rakesh Kumar To ensure proper initialization of the fTPM and tee-supplicant services before the root filesystem is mounted, we are relocating their initialization to the local-top section of initramfs. This change ensures that the encrypted root filesystems are properly initialized and mounted before the local-bottom scripts run. Reason for local-top: * Early Initialization: The local-top scripts run before the root filesystem is mounted. This timing is essential for encrypted root filesystems since the decryption process must be completed before the filesystem can be accessed. * Dependency Handling: The encryption setup requires initializing dependencies such as fTPM (firmware Trusted Platform Module) devices. Performing these tasks early in the boot process ensures that all necessary components are in place before the root filesystem is mounted. Signed-off-by: Rakesh Kumar <kumar.rakesh@siemens.com> --- .../initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb | 4 ++-- .../initramfs-tee-supplicant-hook_0.1.bb | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb index db38e618..82fec1bb 100644 --- a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb +++ b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools" do_install[cleandirs] += " \ ${D}/usr/share/initramfs-tools/hooks \ - ${D}/usr/share/initramfs-tools/scripts/local-bottom" + ${D}/usr/share/initramfs-tools/scripts/local-top" do_install() { install -m 0755 "${WORKDIR}/tee-ftpm.hook" \ "${D}/usr/share/initramfs-tools/hooks/tee-ftpm" install -m 0755 "${WORKDIR}/tee-ftpm.script" \ - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee-ftpm" + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-ftpm" } diff --git a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb index 3768b8e0..a7a19bee 100644 --- a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb +++ b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant-hook_0.1.bb @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools, tee-supplicant, procps" do_install[cleandirs] += " \ ${D}/usr/share/initramfs-tools/hooks \ - ${D}/usr/share/initramfs-tools/scripts/local-bottom" + ${D}/usr/share/initramfs-tools/scripts/local-top" do_install() { install -m 0755 "${WORKDIR}/tee-supplicant.hook" \ "${D}/usr/share/initramfs-tools/hooks/tee-supplicant" install -m 0755 "${WORKDIR}/tee-supplicant.script" \ - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee-supplicant" + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-supplicant" } -- 2.39.2 -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/isar-users/20240710123046.2174029-1-kumar.rakesh%40siemens.com. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage 2024-07-10 11:21 ` 'Jan Kiszka' via isar-users 2024-07-10 12:30 ` 'Rakesh Kumar' via isar-users @ 2024-07-10 12:39 ` Rakesh Kumar 2024-07-13 14:55 ` Rakesh Kumar 2024-07-22 5:43 ` 'Kumar, Rakesh' via isar-users 2 siblings, 1 reply; 9+ messages in thread From: Rakesh Kumar @ 2024-07-10 12:39 UTC (permalink / raw) To: isar-users [-- Attachment #1.1: Type: text/plain, Size: 4349 bytes --] thanks, Jan Kiszka, for pointing that out! I have made the corrections in git message now. Regards, Rakesh On Wednesday, July 10, 2024 at 4:51:11 PM UTC+5:30 Jan Kiszka wrote: > On 10.07.24 07:33, Rakesh Kumar wrote: > > To ensure proper initialization of the fTPM and tee-supplicant services > before > > the root filesystem is mounted, we are relocating their initialization > to the > > local-top section of initramfs. This change ensures that the encrypted > filesystems > > are properly initialized and ready for use before the root filesystem is > mounted at > > local-bottom stage. > > Close but not fully correct: The rootfs is mounted AFTER the top stage > and BEFORE bottom. > > > > > Reason for local-top: > > > > * Early Initialization: The local-top scripts run before the root > filesystem is mounted. > > This timing is essential for encrypted root filesystems since the > decryption process must be > > completed before the filesystem can be accessed. > > > > * Dependency Handling: The encryption setup requires initializing > dependencies such as > > fTPM (firmware Trusted Platform Module) devices. Performing these tasks > early in the boot process > > ensures that all necessary components are in place before the root > filesystem is mounted. > > This will still need some isar-cip-core patch in order to add a PREREQ > on fTPM if a concrete target using fTPM for disk encryption. But Quirin > just had another idea, leaving the stage to him now. :) > > Jan > > > > > Signed-off-by: Rakesh Kumar <kumar....@siemens.com> > > --- > > .../initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb | 4 ++-- > > .../initramfs-tee-supplicant-hook_0.1.bb | 4 ++-- > > 2 files changed, 4 insertions(+), 4 deletions(-) > > > > diff --git a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/ > initramfs-tee-ftpm-hook_0.1.bb > b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/ > initramfs-tee-ftpm-hook_0.1.bb > > index db38e618..82fec1bb 100644 > > --- a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/ > initramfs-tee-ftpm-hook_0.1.bb > > +++ b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/ > initramfs-tee-ftpm-hook_0.1.bb > > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools" > > > > do_install[cleandirs] += " \ > > ${D}/usr/share/initramfs-tools/hooks \ > > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" > > + ${D}/usr/share/initramfs-tools/scripts/local-top" > > > > do_install() { > > install -m 0755 "${WORKDIR}/tee-ftpm.hook" \ > > "${D}/usr/share/initramfs-tools/hooks/tee-ftpm" > > install -m 0755 "${WORKDIR}/tee-ftpm.script" \ > > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee-ftpm" > > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-ftpm" > > } > > diff --git a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/ > initramfs-tee-supplicant-hook_0.1.bb > b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/ > initramfs-tee-supplicant-hook_0.1.bb > > index 3768b8e0..a7a19bee 100644 > > --- a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/ > initramfs-tee-supplicant-hook_0.1.bb > > +++ b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/ > initramfs-tee-supplicant-hook_0.1.bb > > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools, tee-supplicant, > procps" > > > > do_install[cleandirs] += " \ > > ${D}/usr/share/initramfs-tools/hooks \ > > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" > > + ${D}/usr/share/initramfs-tools/scripts/local-top" > > > > do_install() { > > install -m 0755 "${WORKDIR}/tee-supplicant.hook" \ > > "${D}/usr/share/initramfs-tools/hooks/tee-supplicant" > > install -m 0755 "${WORKDIR}/tee-supplicant.script" \ > > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee-supplicant" > > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-supplicant" > > } > > -- > Siemens AG, Technology > Linux Expert Center > > -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/isar-users/325084db-4440-4e5b-835c-8bb74a088f92n%40googlegroups.com. [-- Attachment #1.2: Type: text/html, Size: 8294 bytes --] ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage 2024-07-10 12:39 ` Rakesh Kumar @ 2024-07-13 14:55 ` Rakesh Kumar 0 siblings, 0 replies; 9+ messages in thread From: Rakesh Kumar @ 2024-07-13 14:55 UTC (permalink / raw) To: isar-users [-- Attachment #1.1: Type: text/plain, Size: 4645 bytes --] Hi all, Any update on this patch? Rakesh On Wednesday, July 10, 2024 at 6:57:20 PM UTC+5:30 Rakesh Kumar wrote: > thanks, Jan Kiszka, for pointing that out! I have made the corrections > in git message now. > > > > > Regards, > Rakesh > > On Wednesday, July 10, 2024 at 4:51:11 PM UTC+5:30 Jan Kiszka wrote: > >> On 10.07.24 07:33, Rakesh Kumar wrote: >> > To ensure proper initialization of the fTPM and tee-supplicant services >> before >> > the root filesystem is mounted, we are relocating their initialization >> to the >> > local-top section of initramfs. This change ensures that the encrypted >> filesystems >> > are properly initialized and ready for use before the root filesystem >> is mounted at >> > local-bottom stage. >> >> Close but not fully correct: The rootfs is mounted AFTER the top stage >> and BEFORE bottom. >> >> > >> > Reason for local-top: >> > >> > * Early Initialization: The local-top scripts run before the root >> filesystem is mounted. >> > This timing is essential for encrypted root filesystems since the >> decryption process must be >> > completed before the filesystem can be accessed. >> > >> > * Dependency Handling: The encryption setup requires initializing >> dependencies such as >> > fTPM (firmware Trusted Platform Module) devices. Performing these tasks >> early in the boot process >> > ensures that all necessary components are in place before the root >> filesystem is mounted. >> >> This will still need some isar-cip-core patch in order to add a PREREQ >> on fTPM if a concrete target using fTPM for disk encryption. But Quirin >> just had another idea, leaving the stage to him now. :) >> >> Jan >> >> > >> > Signed-off-by: Rakesh Kumar <kumar....@siemens.com> >> > --- >> > .../initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb | 4 ++-- >> > .../initramfs-tee-supplicant-hook_0.1.bb | 4 ++-- >> > 2 files changed, 4 insertions(+), 4 deletions(-) >> > >> > diff --git a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/ >> initramfs-tee-ftpm-hook_0.1.bb >> b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/ >> initramfs-tee-ftpm-hook_0.1.bb >> > index db38e618..82fec1bb 100644 >> > --- a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/ >> initramfs-tee-ftpm-hook_0.1.bb >> > +++ b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/ >> initramfs-tee-ftpm-hook_0.1.bb >> > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools" >> > >> > do_install[cleandirs] += " \ >> > ${D}/usr/share/initramfs-tools/hooks \ >> > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" >> > + ${D}/usr/share/initramfs-tools/scripts/local-top" >> > >> > do_install() { >> > install -m 0755 "${WORKDIR}/tee-ftpm.hook" \ >> > "${D}/usr/share/initramfs-tools/hooks/tee-ftpm" >> > install -m 0755 "${WORKDIR}/tee-ftpm.script" \ >> > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee-ftpm" >> > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-ftpm" >> > } >> > diff --git a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/ >> initramfs-tee-supplicant-hook_0.1.bb >> b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/ >> initramfs-tee-supplicant-hook_0.1.bb >> > index 3768b8e0..a7a19bee 100644 >> > --- a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/ >> initramfs-tee-supplicant-hook_0.1.bb >> > +++ b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/ >> initramfs-tee-supplicant-hook_0.1.bb >> > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools, tee-supplicant, >> procps" >> > >> > do_install[cleandirs] += " \ >> > ${D}/usr/share/initramfs-tools/hooks \ >> > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" >> > + ${D}/usr/share/initramfs-tools/scripts/local-top" >> > >> > do_install() { >> > install -m 0755 "${WORKDIR}/tee-supplicant.hook" \ >> > "${D}/usr/share/initramfs-tools/hooks/tee-supplicant" >> > install -m 0755 "${WORKDIR}/tee-supplicant.script" \ >> > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee-supplicant" >> > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-supplicant" >> > } >> >> -- >> Siemens AG, Technology >> Linux Expert Center >> >> -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/isar-users/70361b22-2139-4644-9946-c0e7c482f767n%40googlegroups.com. [-- Attachment #1.2: Type: text/html, Size: 8612 bytes --] ^ permalink raw reply [flat|nested] 9+ messages in thread
* RE: [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage 2024-07-10 11:21 ` 'Jan Kiszka' via isar-users 2024-07-10 12:30 ` 'Rakesh Kumar' via isar-users 2024-07-10 12:39 ` Rakesh Kumar @ 2024-07-22 5:43 ` 'Kumar, Rakesh' via isar-users 2024-07-22 8:52 ` Uladzimir Bely 2 siblings, 1 reply; 9+ messages in thread From: 'Kumar, Rakesh' via isar-users @ 2024-07-22 5:43 UTC (permalink / raw) To: Kiszka, Jan, isar-users, quirin.gylstorff; +Cc: cedric.hombourger Hi all, Any updates on this patch. If this patch needs any correction/improvement then please give your inputs on this. Regards, Rakesh -----Original Message----- From: Kiszka, Jan (T CED) <jan.kiszka@siemens.com> Sent: 10 July 2024 16:51 To: Kumar, Rakesh (DI CTO FDS CES LX PBU 1) <kumar.rakesh@siemens.com>; isar-users@googlegroups.com; Gylstorff, Quirin (T CED OES-DE) <quirin.gylstorff@siemens.com> Cc: Hombourger, Cedric (DI CTO FDS CES LX) <cedric.hombourger@siemens.com> Subject: Re: [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage On 10.07.24 07:33, Rakesh Kumar wrote: > To ensure proper initialization of the fTPM and tee-supplicant > services before the root filesystem is mounted, we are relocating > their initialization to the local-top section of initramfs. This > change ensures that the encrypted filesystems are properly initialized > and ready for use before the root filesystem is mounted at local-bottom stage. Close but not fully correct: The rootfs is mounted AFTER the top stage and BEFORE bottom. > > Reason for local-top: > > * Early Initialization: The local-top scripts run before the root filesystem is mounted. > This timing is essential for encrypted root filesystems since the decryption process must be > completed before the filesystem can be accessed. > > * Dependency Handling: The encryption setup requires initializing dependencies such as > fTPM (firmware Trusted Platform Module) devices. Performing these tasks early in the boot process > ensures that all necessary components are in place before the root filesystem is mounted. This will still need some isar-cip-core patch in order to add a PREREQ on fTPM if a concrete target using fTPM for disk encryption. But Quirin just had another idea, leaving the stage to him now. :) Jan > > Signed-off-by: Rakesh Kumar <kumar.rakesh@siemens.com> > --- > .../initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb | 4 ++-- > .../initramfs-tee-supplicant-hook_0.1.bb | 4 ++-- > 2 files changed, 4 insertions(+), 4 deletions(-) > > diff --git > a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-ho > ok_0.1.bb > b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-ho > ok_0.1.bb > index db38e618..82fec1bb 100644 > --- > a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-ho > ok_0.1.bb > +++ b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftp > +++ m-hook_0.1.bb > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools" > > do_install[cleandirs] += " \ > ${D}/usr/share/initramfs-tools/hooks \ > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" > + ${D}/usr/share/initramfs-tools/scripts/local-top" > > do_install() { > install -m 0755 "${WORKDIR}/tee-ftpm.hook" \ > "${D}/usr/share/initramfs-tools/hooks/tee-ftpm" > install -m 0755 "${WORKDIR}/tee-ftpm.script" \ > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee-ftpm" > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-ftpm" > } > diff --git > a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-s > upplicant-hook_0.1.bb > b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-s > upplicant-hook_0.1.bb > index 3768b8e0..a7a19bee 100644 > --- > a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-tee-s > upplicant-hook_0.1.bb > +++ b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs-t > +++ ee-supplicant-hook_0.1.bb > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools, tee-supplicant, procps" > > do_install[cleandirs] += " \ > ${D}/usr/share/initramfs-tools/hooks \ > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" > + ${D}/usr/share/initramfs-tools/scripts/local-top" > > do_install() { > install -m 0755 "${WORKDIR}/tee-supplicant.hook" \ > "${D}/usr/share/initramfs-tools/hooks/tee-supplicant" > install -m 0755 "${WORKDIR}/tee-supplicant.script" \ > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee-supplicant" > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-supplicant" > } -- Siemens AG, Technology Linux Expert Center -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/isar-users/SG2PR06MB5189A49EE62C2C306267649297A82%40SG2PR06MB5189.apcprd06.prod.outlook.com. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage 2024-07-22 5:43 ` 'Kumar, Rakesh' via isar-users @ 2024-07-22 8:52 ` Uladzimir Bely 2024-07-22 13:31 ` Rakesh Kumar 0 siblings, 1 reply; 9+ messages in thread From: Uladzimir Bely @ 2024-07-22 8:52 UTC (permalink / raw) To: Kumar, Rakesh, Kiszka, Jan, isar-users, quirin.gylstorff On Mon, 2024-07-22 at 05:43 +0000, 'Kumar, Rakesh' via isar-users wrote: > Hi all, > > Any updates on this patch. > > If this patch needs any correction/improvement then please give your > inputs on this. > We are going to check the patch in CI and merge as usually. A delay in testing is due, among other things, to the lack of "v2" suffix in new patch version. So, in e-mail hierarchy it still looks like first version of the patch under discussion. Please further use "v2", "v3... when sending new versions of the patches. > Regards, > Rakesh > > -----Original Message----- > From: Kiszka, Jan (T CED) <jan.kiszka@siemens.com> > Sent: 10 July 2024 16:51 > To: Kumar, Rakesh (DI CTO FDS CES LX PBU 1) > <kumar.rakesh@siemens.com>; isar-users@googlegroups.com; Gylstorff, > Quirin (T CED OES-DE) <quirin.gylstorff@siemens.com> > Cc: Hombourger, Cedric (DI CTO FDS CES LX) > <cedric.hombourger@siemens.com> > Subject: Re: [PATCH] initramfs: move fTPM and tee-supplicant > initialization to local-top stage > > On 10.07.24 07:33, Rakesh Kumar wrote: > > To ensure proper initialization of the fTPM and tee-supplicant > > services before the root filesystem is mounted, we are relocating > > their initialization to the local-top section of initramfs. This > > change ensures that the encrypted filesystems are properly > > initialized > > and ready for use before the root filesystem is mounted at local- > > bottom stage. > > Close but not fully correct: The rootfs is mounted AFTER the top > stage and BEFORE bottom. > > > > > Reason for local-top: > > > > * Early Initialization: The local-top scripts run before the root > > filesystem is mounted. > > This timing is essential for encrypted root filesystems since the > > decryption process must be > > completed before the filesystem can be accessed. > > > > * Dependency Handling: The encryption setup requires initializing > > dependencies such as > > fTPM (firmware Trusted Platform Module) devices. Performing these > > tasks early in the boot process > > ensures that all necessary components are in place before the > > root filesystem is mounted. > > This will still need some isar-cip-core patch in order to add a > PREREQ on fTPM if a concrete target using fTPM for disk encryption. > But Quirin just had another idea, leaving the stage to him now. :) > > Jan > > > > > Signed-off-by: Rakesh Kumar <kumar.rakesh@siemens.com> > > --- > > .../initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb | 4 > > ++-- > > .../initramfs-tee-supplicant-hook_0.1.bb | 4 > > ++-- > > 2 files changed, 4 insertions(+), 4 deletions(-) > > > > diff --git > > a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee- > > ftpm-ho > > ok_0.1.bb > > b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee- > > ftpm-ho > > ok_0.1.bb > > index db38e618..82fec1bb 100644 > > --- > > a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee- > > ftpm-ho > > ok_0.1.bb > > +++ b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee- > > ftp > > +++ m-hook_0.1.bb > > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools" > > > > do_install[cleandirs] += " \ > > ${D}/usr/share/initramfs-tools/hooks \ > > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" > > + ${D}/usr/share/initramfs-tools/scripts/local-top" > > > > do_install() { > > install -m 0755 "${WORKDIR}/tee-ftpm.hook" \ > > "${D}/usr/share/initramfs-tools/hooks/tee-ftpm" > > install -m 0755 "${WORKDIR}/tee-ftpm.script" \ > > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee- > > ftpm" > > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee- > > ftpm" > > } > > diff --git > > a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs- > > tee-s > > upplicant-hook_0.1.bb > > b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs- > > tee-s > > upplicant-hook_0.1.bb > > index 3768b8e0..a7a19bee 100644 > > --- > > a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs- > > tee-s > > upplicant-hook_0.1.bb > > +++ b/meta/recipes-initramfs/initramfs-tee-supplicant- > > hook/initramfs-t > > +++ ee-supplicant-hook_0.1.bb > > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools, tee- > > supplicant, procps" > > > > do_install[cleandirs] += " \ > > ${D}/usr/share/initramfs-tools/hooks \ > > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" > > + ${D}/usr/share/initramfs-tools/scripts/local-top" > > > > do_install() { > > install -m 0755 "${WORKDIR}/tee-supplicant.hook" \ > > "${D}/usr/share/initramfs-tools/hooks/tee-supplicant" > > install -m 0755 "${WORKDIR}/tee-supplicant.script" \ > > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee- > > supplicant" > > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee- > > supplicant" > > } > > -- > Siemens AG, Technology > Linux Expert Center > -- Best regards, Uladzimir. -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/isar-users/5a0e3e458a2e951d09b435c96e05bb0cd0f4c5e1.camel%40ilbers.de. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage 2024-07-22 8:52 ` Uladzimir Bely @ 2024-07-22 13:31 ` Rakesh Kumar 0 siblings, 0 replies; 9+ messages in thread From: Rakesh Kumar @ 2024-07-22 13:31 UTC (permalink / raw) To: isar-users [-- Attachment #1.1: Type: text/plain, Size: 5956 bytes --] Sure Uladzimir, I will take care of that going forward. thanks! Regards, Rakesh On Monday, July 22, 2024 at 2:22:35 PM UTC+5:30 Uladzimir Bely wrote: > On Mon, 2024-07-22 at 05:43 +0000, 'Kumar, Rakesh' via isar-users > wrote: > > Hi all, > > > > Any updates on this patch. > > > > If this patch needs any correction/improvement then please give your > > inputs on this. > > > > We are going to check the patch in CI and merge as usually. A delay in > testing is due, among other things, to the lack of "v2" suffix in new > patch version. So, in e-mail hierarchy it still looks like first > version of the patch under discussion. Please further use "v2", "v3... > when sending new versions of the patches. > > > > Regards, > > Rakesh > > > > -----Original Message----- > > From: Kiszka, Jan (T CED) <jan.k...@siemens.com> > > Sent: 10 July 2024 16:51 > > To: Kumar, Rakesh (DI CTO FDS CES LX PBU 1) > > <kumar....@siemens.com>; isar-...@googlegroups.com; Gylstorff, > > Quirin (T CED OES-DE) <quirin.g...@siemens.com> > > Cc: Hombourger, Cedric (DI CTO FDS CES LX) > > <cedric.h...@siemens.com> > > Subject: Re: [PATCH] initramfs: move fTPM and tee-supplicant > > initialization to local-top stage > > > > On 10.07.24 07:33, Rakesh Kumar wrote: > > > To ensure proper initialization of the fTPM and tee-supplicant > > > services before the root filesystem is mounted, we are relocating > > > their initialization to the local-top section of initramfs. This > > > change ensures that the encrypted filesystems are properly > > > initialized > > > and ready for use before the root filesystem is mounted at local- > > > bottom stage. > > > > Close but not fully correct: The rootfs is mounted AFTER the top > > stage and BEFORE bottom. > > > > > > > > Reason for local-top: > > > > > > * Early Initialization: The local-top scripts run before the root > > > filesystem is mounted. > > > This timing is essential for encrypted root filesystems since the > > > decryption process must be > > > completed before the filesystem can be accessed. > > > > > > * Dependency Handling: The encryption setup requires initializing > > > dependencies such as > > > fTPM (firmware Trusted Platform Module) devices. Performing these > > > tasks early in the boot process > > > ensures that all necessary components are in place before the > > > root filesystem is mounted. > > > > This will still need some isar-cip-core patch in order to add a > > PREREQ on fTPM if a concrete target using fTPM for disk encryption. > > But Quirin just had another idea, leaving the stage to him now. :) > > > > Jan > > > > > > > > Signed-off-by: Rakesh Kumar <kumar....@siemens.com> > > > --- > > > .../initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb | 4 > > > ++-- > > > .../initramfs-tee-supplicant-hook_0.1.bb | 4 > > > ++-- > > > 2 files changed, 4 insertions(+), 4 deletions(-) > > > > > > diff --git > > > a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee- > > > ftpm-ho > > > ok_0.1.bb > > > b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee- > > > ftpm-ho > > > ok_0.1.bb > > > index db38e618..82fec1bb 100644 > > > --- > > > a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee- > > > ftpm-ho > > > ok_0.1.bb > > > +++ b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee- > > > ftp > > > +++ m-hook_0.1.bb > > > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools" > > > > > > do_install[cleandirs] += " \ > > > ${D}/usr/share/initramfs-tools/hooks \ > > > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" > > > + ${D}/usr/share/initramfs-tools/scripts/local-top" > > > > > > do_install() { > > > install -m 0755 "${WORKDIR}/tee-ftpm.hook" \ > > > "${D}/usr/share/initramfs-tools/hooks/tee-ftpm" > > > install -m 0755 "${WORKDIR}/tee-ftpm.script" \ > > > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee- > > > ftpm" > > > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee- > > > ftpm" > > > } > > > diff --git > > > a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs- > > > tee-s > > > upplicant-hook_0.1.bb > > > b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs- > > > tee-s > > > upplicant-hook_0.1.bb > > > index 3768b8e0..a7a19bee 100644 > > > --- > > > a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs- > > > tee-s > > > upplicant-hook_0.1.bb > > > +++ b/meta/recipes-initramfs/initramfs-tee-supplicant- > > > hook/initramfs-t > > > +++ ee-supplicant-hook_0.1.bb > > > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools, tee- > > > supplicant, procps" > > > > > > do_install[cleandirs] += " \ > > > ${D}/usr/share/initramfs-tools/hooks \ > > > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" > > > + ${D}/usr/share/initramfs-tools/scripts/local-top" > > > > > > do_install() { > > > install -m 0755 "${WORKDIR}/tee-supplicant.hook" \ > > > "${D}/usr/share/initramfs-tools/hooks/tee-supplicant" > > > install -m 0755 "${WORKDIR}/tee-supplicant.script" \ > > > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee- > > > supplicant" > > > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee- > > > supplicant" > > > } > > > > -- > > Siemens AG, Technology > > Linux Expert Center > > > > -- > Best regards, > Uladzimir. > > > > -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/isar-users/1520ebfe-5e48-4866-b4be-c9090a17e1fcn%40googlegroups.com. [-- Attachment #1.2: Type: text/html, Size: 10467 bytes --] ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage 2024-07-10 5:33 [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage 'Rakesh Kumar' via isar-users 2024-07-10 11:21 ` 'Jan Kiszka' via isar-users @ 2024-07-23 7:37 ` Uladzimir Bely 1 sibling, 0 replies; 9+ messages in thread From: Uladzimir Bely @ 2024-07-23 7:37 UTC (permalink / raw) To: Rakesh Kumar, isar-users On Wed, 2024-07-10 at 11:03 +0530, 'Rakesh Kumar' via isar-users wrote: > To ensure proper initialization of the fTPM and tee-supplicant > services before > the root filesystem is mounted, we are relocating their > initialization to the > local-top section of initramfs. This change ensures that the > encrypted filesystems > are properly initialized and ready for use before the root filesystem > is mounted at > local-bottom stage. > > Reason for local-top: > > * Early Initialization: The local-top scripts run before the root > filesystem is mounted. > This timing is essential for encrypted root filesystems since the > decryption process must be > completed before the filesystem can be accessed. > > * Dependency Handling: The encryption setup requires initializing > dependencies such as > fTPM (firmware Trusted Platform Module) devices. Performing these > tasks early in the boot process > ensures that all necessary components are in place before the root > filesystem is mounted. > > Signed-off-by: Rakesh Kumar <kumar.rakesh@siemens.com> > --- > .../initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb | 4 > ++-- > .../initramfs-tee-supplicant-hook_0.1.bb | 4 > ++-- > 2 files changed, 4 insertions(+), 4 deletions(-) > > diff --git a/meta/recipes-initramfs/initramfs-tee-ftpm- > hook/initramfs-tee-ftpm-hook_0.1.bb b/meta/recipes- > initramfs/initramfs-tee-ftpm-hook/initramfs-tee-ftpm-hook_0.1.bb > index db38e618..82fec1bb 100644 > --- a/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee- > ftpm-hook_0.1.bb > +++ b/meta/recipes-initramfs/initramfs-tee-ftpm-hook/initramfs-tee- > ftpm-hook_0.1.bb > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools" > > do_install[cleandirs] += " \ > ${D}/usr/share/initramfs-tools/hooks \ > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" > + ${D}/usr/share/initramfs-tools/scripts/local-top" > > do_install() { > install -m 0755 "${WORKDIR}/tee-ftpm.hook" \ > "${D}/usr/share/initramfs-tools/hooks/tee-ftpm" > install -m 0755 "${WORKDIR}/tee-ftpm.script" \ > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee- > ftpm" > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee-ftpm" > } > diff --git a/meta/recipes-initramfs/initramfs-tee-supplicant- > hook/initramfs-tee-supplicant-hook_0.1.bb b/meta/recipes- > initramfs/initramfs-tee-supplicant-hook/initramfs-tee-supplicant- > hook_0.1.bb > index 3768b8e0..a7a19bee 100644 > --- a/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs- > tee-supplicant-hook_0.1.bb > +++ b/meta/recipes-initramfs/initramfs-tee-supplicant-hook/initramfs- > tee-supplicant-hook_0.1.bb > @@ -17,11 +17,11 @@ DEBIAN_DEPENDS = "initramfs-tools, tee- > supplicant, procps" > > do_install[cleandirs] += " \ > ${D}/usr/share/initramfs-tools/hooks \ > - ${D}/usr/share/initramfs-tools/scripts/local-bottom" > + ${D}/usr/share/initramfs-tools/scripts/local-top" > > do_install() { > install -m 0755 "${WORKDIR}/tee-supplicant.hook" \ > "${D}/usr/share/initramfs-tools/hooks/tee-supplicant" > install -m 0755 "${WORKDIR}/tee-supplicant.script" \ > - "${D}/usr/share/initramfs-tools/scripts/local-bottom/tee- > supplicant" > + "${D}/usr/share/initramfs-tools/scripts/local-top/tee- > supplicant" > } > -- > 2.39.2 > Applied v2 to next, thanks. -- Best regards, Uladzimir. -- You received this message because you are subscribed to the Google Groups "isar-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to isar-users+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/isar-users/e5cf41d3a2a12ec0b26c7d920cf8138073b7e8ea.camel%40ilbers.de. ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2024-07-23 7:37 UTC | newest] Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2024-07-10 5:33 [PATCH] initramfs: move fTPM and tee-supplicant initialization to local-top stage 'Rakesh Kumar' via isar-users 2024-07-10 11:21 ` 'Jan Kiszka' via isar-users 2024-07-10 12:30 ` 'Rakesh Kumar' via isar-users 2024-07-10 12:39 ` Rakesh Kumar 2024-07-13 14:55 ` Rakesh Kumar 2024-07-22 5:43 ` 'Kumar, Rakesh' via isar-users 2024-07-22 8:52 ` Uladzimir Bely 2024-07-22 13:31 ` Rakesh Kumar 2024-07-23 7:37 ` Uladzimir Bely
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox