mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-11 23:49:30 -05:00
bdba9d8ba6
* build: correct toolchain order * build: gazelle-update-repos * build: use pregenerated proto for dependencies * update bazeldnf * deps: tpm simulator * Update Google trillian module * cli: add stamping as alternative build info source * bazel: add go_test wrappers, mark special tests and select testing deps * deps: add libvirt deps * deps: go-libvirt patches * deps: cloudflare circl patches * bazel: add go_test wrappers, mark special tests and select testing deps * bazel: keep gazelle overrides * bazel: cleanup bazelrc * bazel: switch CMakeLists.txt to use bazel * bazel: fix injection of version information via stamping * bazel: commit all build files * dev-docs: document bazel usage * deps: upgrade zig-cc for go 1.20 * bazel: update Perl for macOS arm64 & Linux arm64 support * bazel: use static perl toolchain for OpenSSL * bazel: use static protobuf (protoc) toolchain * deps: add git and go to nix deps Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| cmd | ||
| internal | ||
| recoverproto | ||
| README.md | ||
disk-mapper
The disk-mapper is a binary that runs during the initramfs of a Constellation node.
If running on a new node, it handles setting up the node's state disk by creating an integrity protected encrypted partition.
On a rebooting node, the disk-mapper handles recovery of the node by requesting a decryption key for its state disk. Once the disk is decrypted, the measurement salt is read from disk and used to extend a PCR to mark the node as initialized.
Testing
Integration test is available in disk-mapper/test/integration_test.go.
The integration test requires root privileges since it uses dm-crypt.
Build and run the test:
go test -c -tags=integration ./disk-mapper/internal/test/
sudo ./test.test