diabonas
commented
5 years ago From reading the initramfs-tools man page, I think something like this should work:
/etc/initramfs-tools/hooks/tpm2-totp
#!/bin/sh
PREREQ='plymouth'
prereqs() {
echo "$PREREQ"
}
case $1 in
prereqs)
prereqs
exit 0
;;
esac
. /usr/share/initramfs-tools/hook-functions
copy_exec @LIBEXECDIR@/plymouth-tpm2-totp /bin
copy_modules_dir kernel/drivers/char/tpm/etc/initramfs-tools/scripts/init-premount/tpm2-totp
#!/bin/sh
PREREQ='plymouth'
prereqs() {
echo "$PREREQ"
}
case $1 in
prereqs)
prereqs
exit 0
;;
esac
for arg in $(cat /proc/cmdline); do
case "$arg" in
rd.tpm2-totp.nvindex=*)
nvindex="${arg#rd.tpm2-totp.nvindex=}"
;;
esac
done
TSS2_LOG=esys+error /bin/plymouth-tpm2-totp ${nvindex:+--nvindex "$nvindex"} &Note that this is completely untested since I don't have a distribution using initramfs-tools.
For integrating this into the build system, something similar to the existing mkinitcpio hooks should work:
configure.ac
AC_CHECK_PROG([mkinitramfs], [mkinitramfs], [yes])
AC_ARG_WITH([mkinitramfstoolsdir],
AS_HELP_STRING([--with-initramfstoolsdir=DIR], [directory for initramfs-tools scripts]),,
[AS_IF([test "x$mkinitramfs" = xyes], [with_initramfstoolsdir=$sysconfdir/initramfs-tools])])
AM_CONDITIONAL(HAVE_INITRAMFSTOOLS, [test -n "$with_initramfstoolsdir" -a "x$with_initramfstoolsdir" != xno])
AM_COND_IF([HAVE_INITRAMFSTOOLS],
[AC_SUBST([initramfstools_hooksdir], [$with_initramfstoolsdir/hooks])
AC_SUBST([initramfstools_scriptsdir], [$with_initramfstoolsdir/scripts/init-premount])
])Makefile.am
if HAVE_INITRAMFSTOOLS
if HAVE_PLYMOUTH
initramfstools_hooks_DATA = dist/initramfs-tools/hooks/tpm2-totp
initramfstools_scripts_DATA = dist/initramfs-tools/scripts/init-premount/tpm2-totp
endif # HAVE_PLYMOUTH
endif # HAVE_INITRAMFSTOOLS
EXTRA_DIST += dist/initramfs-tools/scripts/init-premount/tpm2-totp
In order to display the TOTP during boot on Debian/Ubuntu/..., add initramfs-tools hooks to add (plymouth-)tpm2-totp to the initramfs generated by these distributions.