I'm looking at the steps in https://github.com/shpedoikal/tpm-luks/wiki) to use TPM LUKS on a roots. Our goal is to seal the roots to PCRs. I built my Linux image so that the /boot is in a partition. Our Linux builds are created with Yocto. We do not have any initramfs file in our builds. We boot with bzImage. The steps in the web link are not applicable to us since we have no initramfs. But we have all the scripts associated with tpm-luks-init. We have tpm-luks.conf and tpm-luks-gen-tgrub-pcr-values. We also have trousers installed and use TrustedGRUB-1.1.5
My question is do we still need to have initramfs to go through the process of sealing the rootfs to PCRs? thanks Bill ------------------------------------------------------------------------------ Android is increasing in popularity, but the open development platform that developers love is also attractive to malware creators. Download this white paper to learn more about secure code signing practices that can help keep Android apps secure. http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk _______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
