mirror of
https://github.com/token2/snapd.git
synced 2026-03-13 11:15:47 -07:00
a3a2c22af3
* Bump vendored github.com/canonical/go-tpm2 * Bump vendored github.com/snapcore/secboot * snap-bootstrap: add classic runmode Add function for encrypted classic runmode mount points. Use it for creating encrypted cloud images, which use cloudimg-rootfs label. * snap-bootstrap: Prepare TPM Create a SRK with a custom template supplied via the ESP if it exists when booting in a classic mode. * Fix typo * vendor: update to new secboot, tpm2, etc. Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com> * snap-bootstrap: Fix formatting Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com> * vendor: update tcglog-parser Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com> * update comment * secboot: Test TpmPrepare * secboot: add CVM Tpm Provisioning For CVM TPM Provisioning currently uses custom SRK without lockout. Add such prepare mode. Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com> * snap-bootstrap: Support umount option to systemd-mount It is useful to sometimes unmount mount points after they have been mounted. This will be used in CVM to unmount ubuntu-seed partition, such that classic system can mount it by itself later. * CVM * cmd/snap-bootstrap: add unit test for CVM mounts * style fixups * Fix nosecboot build * CVM: switch from SysrootDir to DataDir, which core-initrd can use for classic * Switch to mountNonDataPartitionMatchingKernelDisk that waits for disk to appear * Mock SecbootProvisionTPMCVM * Add ModeRunCVM test case * Rename ProvisionTPMCVM to ProvisionForCVM for ease of reading * Improve comment * Rename CVM's runModeKey to runModeCVMKey Such that it is different from other variable names used in other functions. * golang style * ProvisionForCVM only needs to be called once Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@canonical.com> Co-authored-by: Chris Coulson <chris.coulson@canonical.com>