From: Jóhann B. Guðmundsson <johannbg@gmail.com>
Date: Thu, 29 Apr 2021 12:07:59 +0000 (+0000)
Subject: feat(tpm2-tss): introducing the tpm2-tss module
X-Git-Tag: 054~62
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8743b0735692ab3f333815ba311cecdc29d45ecd;p=thirdparty%2Fdracut.git

feat(tpm2-tss): introducing the tpm2-tss module

Introducing the tpm2-tss module
---

diff --git a/dracut.spec b/dracut.spec
index 028f59b1c..f384a3a6a 100644
--- a/dracut.spec
+++ b/dracut.spec
@@ -367,6 +367,7 @@ echo 'dracut_rescue_image="yes"' > $RPM_BUILD_ROOT%{dracutlibdir}/dracut.conf.d/
 %{dracutlibdir}/modules.d/90qemu
 %{dracutlibdir}/modules.d/91crypt-gpg
 %{dracutlibdir}/modules.d/91crypt-loop
+%{dracutlibdir}/modules.d/91tpm2-tss
 %{dracutlibdir}/modules.d/95debug
 %{dracutlibdir}/modules.d/95fstab-sys
 %{dracutlibdir}/modules.d/95lunmask
diff --git a/modules.d/91tpm2-tss/module-setup.sh b/modules.d/91tpm2-tss/module-setup.sh
new file mode 100755
index 000000000..e17938309
--- /dev/null
+++ b/modules.d/91tpm2-tss/module-setup.sh
@@ -0,0 +1,63 @@
+#!/bin/bash
+# This file is part of dracut.
+# SPDX-License-Identifier: GPL-2.0-or-later
+
+# Prerequisite check(s) for module.
+check() {
+
+    # Return 255 to only include the module, if another module requires it.
+    return 255
+
+}
+
+# Module dependency requirements.
+depends() {
+
+    # This module has external dependency on other module(s).
+    echo systemd-sysusers systemd-udev
+    # Return 0 to include the dependent module(s) in the initramfs.
+    return 0
+
+}
+
+# Install kernel module(s).
+installkernel() {
+    instmods '=drivers/char/tpm'
+}
+
+# Install the required file(s) and directories for the module in the initramfs.
+install() {
+
+    inst_multiple -o \
+        "$sysusers"/tpm2-tss.conf \
+        "$tmpfilesdir"/tpm2-tss-fapi.conf \
+        "$udevrulesdir"/60-tpm-udev.rules \
+        tpm2_pcrread tpm2_pcrextend tpm2_createprimary tpm2_createpolicy \
+        tpm2_create tpm2_load tpm2_unseal tpm2
+
+    # Install library file(s)
+    _arch=${DRACUT_ARCH:-$(uname -m)}
+    inst_libdir_file \
+        {"tls/$_arch/",tls/,"$_arch/",}"libtss2-esys.so.*" \
+        {"tls/$_arch/",tls/,"$_arch/",}"libtss2-fapi.so.*" \
+        {"tls/$_arch/",tls/,"$_arch/",}"libtss2-mu.so.*" \
+        {"tls/$_arch/",tls/,"$_arch/",}"libtss2-rc.so.*" \
+        {"tls/$_arch/",tls/,"$_arch/",}"libtss2-sys.so.*" \
+        {"tls/$_arch/",tls/,"$_arch/",}"libtss2-tcti-cmd.so.*" \
+        {"tls/$_arch/",tls/,"$_arch/",}"libtss2-tcti-device.so.*" \
+        {"tls/$_arch/",tls/,"$_arch/",}"libtss2-tcti-mssim.so.*" \
+        {"tls/$_arch/",tls/,"$_arch/",}"libtss2-tcti-swtpm.so.*" \
+        {"tls/$_arch/",tls/,"$_arch/",}"libtss2-tctildr.so.*" \
+        {"tls/$_arch/",tls/,"$_arch/",}"libcryptsetup.so.*" \
+        {"tls/$_arch/",tls/,"$_arch/",}"libcurl.so.*" \
+        {"tls/$_arch/",tls/,"$_arch/",}"libjson-c.so.*"
+
+    # Install the hosts local user configurations if enabled.
+    if [[ $hostonly ]]; then
+        inst_multiple -H -o \
+            "$udevrulesdir"/60-tpm-udev.rules \
+            /etc/tpm2-tss/fapi-config.json \
+            "/etc/tpm2-tss/fapi-profiles/*.json"
+    fi
+
+}