Skip to content

Commit

Permalink
Merge pull request #107 from jandryuk/s9-chroot-write-pcrs
Browse files Browse the repository at this point in the history 
S9: OXT-1351: seal-system: Run write_config_pcrs from chroot
  • Loading branch information
@jean-edouard
jean-edouard authored Jun 6, 2019
2 parents 5832b42 + f954959 commit 86d391c
Showing 1 changed file with 6 additions and 3 deletions.
9 changes: 6 additions & 3 deletions part2/stages/Functions/install-main
View file
Original file line number Diff line number Diff line change
Expand Up @@ -476,18 +476,21 @@ seal_system() {
if is_mounted ${DOM0_MOUNT}/config ; then
echo "seal_system: /config is mounted, forward sealing key" >&2

# Update config.pcrs in case it has changed
write_config_pcrs "${DOM0_MOUNT}"

if [ "$(uname -m)" = "i686" ]; then
mount_upgrade_compat || return 1
# Update config.pcrs in case it has changed
do_cmd chroot ${UPGRADE_MOUNT} \
sh -c '. /usr/lib/openxt/ml-functions ; write_config_pcrs' >&2
do_cmd /etc/init.d/trousers stop >&2
do_cmd chroot ${UPGRADE_MOUNT} \
/usr/sbin/seal-system -f -r ${ROOT_DEV} >&2
do_cmd /etc/init.d/trousers start >&2
umount_upgrade_compat
do_cmd lvremove -f /dev/xenclient/upgradecompat >&2
else
# Update config.pcrs in case it has changed
do_cmd chroot ${DOM0_MOUNT} \
sh -c '. /usr/lib/openxt/ml-functions ; write_config_pcrs' >&2
do_cmd /etc/init.d/trousers stop >&2
do_cmd chroot ${DOM0_MOUNT} \
/usr/sbin/seal-system -f -r ${ROOT_DEV} >&2
Expand Down

0 comments on commit 86d391c

Please sign in to comment.