forked from pool/grub2
53da76e569
- Update to the latest upstreaming TPM2 patches
* 0001-key_protector-Add-key-protectors-framework.patch
- Replace 0001-protectors-Add-key-protectors-framework.patch
* 0002-tpm2-Add-TPM-Software-Stack-TSS.patch
- Merge other TSS patches
* 0001-tpm2-Add-TPM2-types-structures-and-command-constants.patch
* 0002-tpm2-Add-more-marshal-unmarshal-functions.patch
* 0003-tpm2-Implement-more-TPM2-commands.patch
* 0003-key_protector-Add-TPM2-Key-Protector.patch
- Replace 0003-protectors-Add-TPM2-Key-Protector.patch
* 0004-cryptodisk-Support-key-protectors.patch
* 0005-util-grub-protect-Add-new-tool.patch
* 0001-tpm2-Support-authorized-policy.patch
- Replace 0004-tpm2-Support-authorized-policy.patch
* 0001-tpm2-Add-extra-RSA-SRK-types.patch
* 0001-tpm2-Implement-NV-index.patch
- Replace 0001-protectors-Implement-NV-index.patch
* 0002-cryptodisk-Fallback-to-passphrase.patch
* 0003-cryptodisk-wipe-out-the-cached-keys-from-protectors.patch
* 0004-diskfilter-look-up-cryptodisk-devices-first.patch
- Refresh affected patches
* 0001-Improve-TPM-key-protection-on-boot-interruptions.patch
* grub2-bsc1220338-key_protector-implement-the-blocklist.patch
- New manpage for grub2-protect
OBS-URL: https://build.opensuse.org/request/show/1174325
OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=504
44 lines
1.4 KiB
Diff
44 lines
1.4 KiB
Diff
From e62b26f9765e309691e014f322d4b02b220956a1 Mon Sep 17 00:00:00 2001
|
|
From: Patrick Colp <patrick.colp@oracle.com>
|
|
Date: Sun, 30 Jul 2023 12:58:18 -0700
|
|
Subject: [PATCH 2/4] cryptodisk: Fallback to passphrase
|
|
|
|
If a protector is specified, but it fails to unlock the disk, fall back
|
|
to asking for the passphrase. However, an error was set indicating that
|
|
the protector(s) failed. Later code (e.g., LUKS code) fails as
|
|
`grub_errno` is now set. Print the existing errors out first, before
|
|
proceeding with the passphrase.
|
|
|
|
Signed-off-by: Patrick Colp <patrick.colp@oracle.com>
|
|
Signed-off-by: Gary Lin <glin@suse.com>
|
|
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
|
|
---
|
|
grub-core/disk/cryptodisk.c | 7 ++++++-
|
|
1 file changed, 6 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c
|
|
index af4104178..f9842f776 100644
|
|
--- a/grub-core/disk/cryptodisk.c
|
|
+++ b/grub-core/disk/cryptodisk.c
|
|
@@ -1193,11 +1193,16 @@ grub_cryptodisk_scan_device_real (const char *name,
|
|
source->name, source->partition != NULL ? "," : "",
|
|
part != NULL ? part : N_("UNKNOWN"), dev->uuid);
|
|
grub_free (part);
|
|
- goto error;
|
|
}
|
|
|
|
if (!cargs->key_len)
|
|
{
|
|
+ if (grub_errno)
|
|
+ {
|
|
+ grub_print_error ();
|
|
+ grub_errno = GRUB_ERR_NONE;
|
|
+ }
|
|
+
|
|
/* Get the passphrase from the user, if no key data. */
|
|
askpass = 1;
|
|
part = grub_partition_get_name (source->partition);
|
|
--
|
|
2.35.3
|
|
|