| Message ID | 20230224162832.327030-4-Quirin.Gylstorff@siemens.com (mailing list archive) |
|---|---|
| State | Changes Requested |
| Headers | show |
| Series | Encrypt Partition in initramfs | expand |
On 24.02.23 17:28, Quirin Gylstorff wrote: > From: Quirin Gylstorff <quirin.gylstorff@siemens.com> > > Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> > --- > Kconfig | 8 ++++++++ > 1 file changed, 8 insertions(+) > > diff --git a/Kconfig b/Kconfig > index cd24ce2..b8fa16a 100644 > --- a/Kconfig > +++ b/Kconfig > @@ -189,4 +189,12 @@ config KAS_INCLUDE_SWUPDATE_SECBOOT > default "kas/opt/ebg-swu.yml" if IMAGE_SWUPDATE && !IMAGE_SECURE_BOOT > default "kas/opt/ebg-secure-boot-snakeoil.yml" if IMAGE_SECURE_BOOT > > +config IMAGE_TPM2_ENCRYPTION > + bool "Encrypt partitions on first boot with TPM2" > + depends on TARGET_QEMU_AMD64 Here would be one good place for the "demo-only" warning. A help section could elaborate. And/or the README. Jan > + > +config KAS_INCLUDE_TPM2_ENCRYPTION > + string > + default "kas/opt/tpm.yml" if IMAGE_TPM2_ENCRYPTION > + > endif
diff --git a/Kconfig b/Kconfig index cd24ce2..b8fa16a 100644 --- a/Kconfig +++ b/Kconfig @@ -189,4 +189,12 @@ config KAS_INCLUDE_SWUPDATE_SECBOOT default "kas/opt/ebg-swu.yml" if IMAGE_SWUPDATE && !IMAGE_SECURE_BOOT default "kas/opt/ebg-secure-boot-snakeoil.yml" if IMAGE_SECURE_BOOT +config IMAGE_TPM2_ENCRYPTION + bool "Encrypt partitions on first boot with TPM2" + depends on TARGET_QEMU_AMD64 + +config KAS_INCLUDE_TPM2_ENCRYPTION + string + default "kas/opt/tpm.yml" if IMAGE_TPM2_ENCRYPTION + endif