| 15 May 2023 |
 GenericNerdyUsername | * idk if this is more of a question for https://matrix.to/#/#secure-boot:nixos.org, but https://uapi-group.org/specifications/specs/linux_tpm_pcr_registry/ says PCR 7 changes when UEFI SecureBoot mode is enabled/disabled, or firmware certificates (PK, KEK, db, dbx, …) are updated. | 20:40:43 |
| GenericNerdyUsername | Or rather, how do I prevent this being a problem in the future? | 20:41:06 |
| GenericNerdyUsername | (Im setting up full disk encryption with the key stored in the tpm) | 20:41:18 |
 Julian Stecklina | As long as you have another key to unlock the volume and reenroll its key, you should be fine | 21:41:09 |
 baloo | https://trustedcomputinggroup.org/wp-content/uploads/TCG_TPM2_r1p59_Part1_Architecture_pub.pdf#page=158 :) | 21:43:28 |
| baloo | just add another layer of crypto | 21:44:26 |
| baloo | now you just need to add support for EA policies to ... everything? | 21:45:46 |
| 25 May 2023 |
|  raitobezarius changed their display name from raitobezarius to disko in NixOS 23.11 when. | 13:32:34 |
| raitobezarius changed their display name from disko in NixOS 23.11 when to raitobezarius. | 13:37:35 |
| 27 May 2023 |
|  NixOS Moderation Botchanged room power levels. | 16:40:45 |
| 1 Jun 2023 |
|  Federico Damián Schonborn joined the room. | 11:58:28 |
| 2 Jun 2023 |
|  ckie (they/them) changed their display name from ckie (they/them; limited keyboard usage, voice preferred) to ckie (they/them). | 22:21:24 |
| 4 Jun 2023 |
|  eliaselias joined the room. | 09:05:47 |
| Federico Damián Schonborn changed their profile picture. | 17:40:15 |
| 13 Jun 2023 |
| Federico Damián Schonborn changed their profile picture. | 20:55:36 |
| 14 Jun 2023 |
|  Ronny left the room. | 15:14:41 |
| 25 Jun 2023 |
 hexa | https://github.com/tpm2-software/tpm2-tss/security/advisories/GHSA-4j3v-fh23-vx67 | 22:56:37 |
| 26 Jun 2023 |
| raitobezarius | baloo: ^ | 08:32:23 |
| 27 Jun 2023 |
| baloo | wait, opened since Jan 19?! | 03:31:52 |
| baloo | fixed in 4.0.1 | 03:33:20 |
| baloo | some idiot patched tpm2-tss to wire in the modules with their full path >< | 15:38:38 |
| baloo | I can't remember how I was running tests manually | 15:38:49 |
| hexa | can someone update it? | 15:47:08 |
| hexa | we are on 3.2.0 on master | 15:47:12 |
| baloo | yeah yeah, I'm working on it | 15:47:18 |
| baloo | (I'm the idiot I was referring to previously) | 15:47:33 |
| hexa | good luck with yourself | 15:47:52 |
| hexa | hope they learn | 15:47:56 |
| baloo | some of the challenge with tpm2-tss is the pluggable backends | 15:48:09 |
| baloo | you load tabrmd and that will load PREFIX/lib/libtss2-tcti-tabrmd.so.0 | 15:48:45 |
