failed to run fde-reveal-key if prefer-unencrypted defined in model assertion
Bug #2043557 reported by
Aristo Chen
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
OEM Priority Project |
New
|
Undecided
|
Unassigned | ||
snapd |
Confirmed
|
Medium
|
Unassigned |
Bug Description
Hi,
I have definied `storage-safety: prefer-unencrypted` in the model assertion, and tested with the following different scenario
1. fde-reveal-key and optee-os are removed, and device boots fine
2. fde-reveal-key and optee-os are not removed, and device boots fine
3. fde-reveal-key not removed and optee-os removed, the device does not boot
and here is the log(https:/
Does it make sense for snapd to check the model assertion before running reveal-key?
tags: | added: oem-priority |
To post a comment you must log in.
Hi, thanks for raising this. It is confirmed the issue and also that there is a workaround for that.