mirror of https://github.com/edgelesssys/constellation.git synced 2024-09-20 00:06:21 +00:00

History

Paul Meyer 149820fdce diskmapper: fix zap.Error without err (#2012 ) Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>		2023-07-05 10:07:05 +02:00
..
cmd	diskmapper: fix zap.Error without err (#2012 )	2023-07-05 10:07:05 +02:00
internal	attestation: add `awsSEVSNP` as new variant (#1900 )	2023-06-09 15:41:02 +02:00
recoverproto	bazel: trim path to *.pb.go files embedded in go libraries	2023-06-16 16:30:47 +02:00
README.md	dev-docs: Go package docs (#958 )	2023-01-19 15:57:50 +01:00

README.md

disk-mapper

The disk-mapper is a binary that runs during the initramfs of a Constellation node.

If running on a new node, it handles setting up the node's state disk by creating an integrity protected encrypted partition.

On a rebooting node, the disk-mapper handles recovery of the node by requesting a decryption key for its state disk. Once the disk is decrypted, the measurement salt is read from disk and used to extend a PCR to mark the node as initialized.

Testing

Integration test is available in disk-mapper/test/integration_test.go. The integration test requires root privileges since it uses dm-crypt. Build and run the test:

go test -c -tags=integration ./disk-mapper/internal/test/
sudo ./test.test