You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
One of the interesting functionalities Heads now provides through config heads configs management is resetting/merging /etc/config.user(live) + /etc/config (stock).
This facilitates testing of different configurations on live system when unsafe booting since we invalidated measurements by going into recovery and modified PCR4, prohibiting release of the TPM Disk Unlock Key from TPM since measurements are invalidated.
For OS testings, where end user can modify /etc/config.user and then call config-gui.sh to inject that new config into cbfs, seal it on next reboot, only OS kernel options can be modified from compiled board config which is placed under /etc/config in rom:
That permits to tinker and tweak OS bootable kernel options, where Xen config tweaks still need to be manually modified inside of grub config and grub config needs to be regenerated
I was thinking of adding CONFIG_BOOT_XEN_ADD and CONFIG_BOOT_XEN_REMOVE options in the set.
One of the interesting functionalities Heads now provides through config heads configs management is resetting/merging /etc/config.user(live) + /etc/config (stock).
This facilitates testing of different configurations on live system when unsafe booting since we invalidated measurements by going into recovery and modified PCR4, prohibiting release of the TPM Disk Unlock Key from TPM since measurements are invalidated.
For OS testings, where end user can modify /etc/config.user and then call config-gui.sh to inject that new config into cbfs, seal it on next reboot, only OS kernel options can be modified from compiled board config which is placed under /etc/config in rom:
Example of current ADD/REMOVE board config options usable right now:
That permits to tinker and tweak OS bootable kernel options, where Xen config tweaks still need to be manually modified inside of grub config and grub config needs to be regenerated
I was thinking of adding
CONFIG_BOOT_XEN_ADDandCONFIG_BOOT_XEN_REMOVEoptions in the set.@MrChromebox ?
The text was updated successfully, but these errors were encountered: