Skip to content
  • Mike Hibler's avatar
    Make the secure boot path work with PXEWAIT. · ceeede28
    Mike Hibler authored
    When a node with the secure boot dongle is freed, it goes into PXEWAIT in
    the context of the secure MFS. Previously we remained in "secure mode"
    (i.e., did not terminate with a TPMSIGNOFF) while a node was in this state.
    If the next use of the node, just booted from the OS that was already on
    the disk, then we never signed off properly.
    
    Now we sign off before entering PXEWAIT. I thought that this would be the
    easiest alternative to fixing the problem..HaHaHa..not! Because now we have
    to restart the secure boot path (i.e., reboot) if the result of coming out
    of PXEWAIT is a request to reload the disk (i.e., if we are continuing the
    secure disk load path).
    
    Ideally this would have required only modifications to the state machines
    for SECUREBOOT/LOAD, but as you can see by the presence of stated.in in the
    modified files, this was not the case. The change required some additional
    "finesse" to get it working. See the comments in stated.in and bootinfo_mysql.c
    if you really care.
    ceeede28