Hi,
On Fri, Jun 07, 2024 at 09:12:12AM +0200, Lennart Poettering wrote:
> On Fr, 07.06.24 14:09, Mikko Rapeli (mikko.rap...@linaro.org) wrote:
>
> > > How is this supposed to work anyway? is the supplicant supposed to
> > > exit before initd transition, a
Hi,
On Thu, Jun 06, 2024 at 06:43:11PM +0200, Lennart Poettering wrote:
> On Do, 06.06.24 18:05, Mikko Rapeli (mikko.rap...@linaro.org) wrote:
>
> > Hi,
> >
> > The initrd side startup and shutdown of tee-supplicant works now correctly
> > with:
> >
>
Hi,
The initrd side startup and shutdown of tee-supplicant works now correctly
with:
[Unit]
Description=TEE Supplicant on %i
DefaultDependencies=no
After=dev-%i.device
Wants=dev-%i.device
Conflicts=shutdown.target
Before=systemd-pcrextend.socket systemd-pcrextend@.service
Hi,
On Fri, May 24, 2024 at 10:20:22AM +0200, Lennart Poettering wrote:
> On Fr, 24.05.24 10:12, Lennart Poettering (lenn...@poettering.net) wrote:
>
> > And that's really all.
> >
> > To summarize, a unit file like this:
> >
> > [Unit]
> > Description=TEE Supplicant on %i
> >
Hi,
On Fri, May 24, 2024 at 10:12:52AM +0200, Lennart Poettering wrote:
> On Fr, 24.05.24 10:10, Mikko Rapeli (mikko.rap...@linaro.org) wrote:
>
> > > > EnvironmentFile=-@sysconfdir@/default/tee-supplicant
> > > > ExecStart=@sbindir@/tee-supplicant $OP
Hi,
On Thu, May 23, 2024 at 06:00:07PM +0200, Lennart Poettering wrote:
> On Do, 23.05.24 10:54, Mikko Rapeli (mikko.rap...@linaro.org) wrote:
>
> > Hi,
> >
> > I'm running in circles and failing to start optee userspace daemon
> > tee-supplicant
> &
Hi,
I'm running in circles and failing to start optee userspace daemon
tee-supplicant
correctly with systemd in initrd.
In certain firmware/HW configurations with optee and firmware TPM trusted
application,
the setup needs tee-supplicant to start in initrd userspace before the fTPM
kernel
Hi,
On Tue, Apr 16, 2024 at 04:03:25PM +0200, Lennart Poettering wrote:
> On Di, 16.04.24 15:02, Mikko Rapeli (mikko.rap...@linaro.org) wrote:
>
> > Hi,
> >
> > On Mon, Apr 15, 2024 at 05:41:00PM +0200, Lennart Poettering wrote:
> > > Would be good to have t
Hi,
On Tue, Apr 16, 2024 at 04:03:25PM +0200, Lennart Poettering wrote:
> On Di, 16.04.24 15:02, Mikko Rapeli (mikko.rap...@linaro.org) wrote:
>
> > Hi,
> >
> > On Mon, Apr 15, 2024 at 05:41:00PM +0200, Lennart Poettering wrote:
> > > Would be good to have t
Hi,
On Mon, Apr 15, 2024 at 05:41:00PM +0200, Lennart Poettering wrote:
> Would be good to have that with systemd.log_target=debug, to see if
> tpm2.target even gets enqueued.
Here is the verbose log:
On Mon, Apr 15, 2024 at 05:45:49PM +0200, Lennart Poettering wrote:
> On Mo, 15.04.24 17:41, Lennart Poettering (lenn...@poettering.net) wrote:
>
> > > or the services needed for systemd-repart config with Encrypt=tpm2
> >
> > Ah, repart is interesting. We are missing the tpm2.target dependency
>
Hi,
On Mon, Apr 15, 2024 at 04:02:46PM +0200, Lennart Poettering wrote:
> On Mo, 15.04.24 10:38, Mikko Rapeli (mikko.rap...@linaro.org) wrote:
>
> > Hi,
> >
> > On Fri, Apr 12, 2024 at 05:03:18PM +0300, Aleksandar Kostadinov wrote:
> > > Shouldn't the kernel
Hi,
On Fri, Apr 12, 2024 at 05:03:18PM +0300, Aleksandar Kostadinov wrote:
> Shouldn't the kernel automatically load the necessary modues when
> devices are detected... given proper udev rules and module
> availability in the initrd filesystem? I guess it depends on how you
> build your initrd
On Tue, Apr 09, 2024 at 11:37:39AM +0300, Mikko Rapeli wrote:
> Hi,
>
> On Mon, Feb 19, 2024 at 11:53:14AM +0100, Lennart Poettering wrote:
> > For your usecase the new tpm2.target available in git main is what you
> > really should focus on: all TPM using services sh
Hi,
On Mon, Feb 19, 2024 at 11:53:14AM +0100, Lennart Poettering wrote:
> For your usecase the new tpm2.target available in git main is what you
> really should focus on: all TPM using services should order themselves
> after that. All stuff needed to make a TPM device appear should be
> placed
Hi,
On Tue, Feb 20, 2024 at 02:35:27PM +0100, Lennart Poettering wrote:
> On Di, 20.02.24 10:24, Mikko Rapeli (mikko.rap...@linaro.org) wrote:
>
> > Thanks, I will check this. It sounds like optee needs a similar dependency
> > generator.
> >
> > I wonder how many k
Hi,
On Mon, Feb 19, 2024 at 01:54:02PM +0300, Andrei Borzenkov wrote:
> On Mon, Feb 19, 2024 at 11:37 AM Mikko Rapeli wrote:
> >
> > Hi,
> >
> > On Fri, Feb 16, 2024 at 11:28:31AM +0200, Mikko Rapeli wrote:
> > > Hi,
> > >
> > > Fo
Hi,
On Mon, Feb 19, 2024 at 11:53:14AM +0100, Lennart Poettering wrote:
> On Mo, 19.02.24 10:36, Mikko Rapeli (mikko.rap...@linaro.org) wrote:
>
> > > After=dev-tpmrm0.device tee-supplicant@teepriv0.service
> > > Wants=dev-tpmrm0.device tee-supplicant@teepriv0.service
>
Hi,
On Mon, Feb 19, 2024 at 11:47:52AM +0100, Lennart Poettering wrote:
> On Fr, 16.02.24 11:28, Mikko Rapeli (mikko.rap...@linaro.org) wrote:
>
> > Support for fTPM devices is problematic. First, the kernel support must be
> > modules
> > but loading needs to be
Hi,
On Mon, Feb 19, 2024 at 11:18:13AM +0100, Lennart Poettering wrote:
> On Di, 16.01.24 16:06, Mikko Rapeli (mikko.rap...@linaro.org) wrote:
>
> > Hi,
> >
> > I have services which depend on a specific device node. How can I run
> > some recovery action
Hi,
On Fri, Feb 16, 2024 at 11:28:31AM +0200, Mikko Rapeli wrote:
> Hi,
>
> Following up to my previous question which worked around with
> Wants: and After: to dev-tpmrm0.device and tee-supplicant@teepriv0.service,
> which don't seem to work fully.
>
> In short, I wa
Hi,
Following up to my previous question which worked around with
Wants: and After: to dev-tpmrm0.device and tee-supplicant@teepriv0.service,
which don't seem to work fully.
In short, I want to support devices with and without TPM. The TPM device
can also be a firmware fTPM device which depends
Hi,
I have services which depend on a specific device node. How can I run
some recovery actions when the default 90s timeout for finding this
device is hit?
OnFailure= doesn't work as the service is not even started.
Specifically the case is about supporting TPM2 encrypted rootfs but falling
23 matches
Mail list logo