Add TPM support to full disk encryption
Registered by
Robert Ancell
Currently full disk encryption is performed by using a password encrypted key on the file system. If the system has a Trusted Platform Module (TPM) chip then use that for storing the key.
Blueprint information
- Status:
- Started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- Robert Ancell
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- Approved
- Series goal:
- Proposed for vivid
- Implementation:
- Started
- Milestone target:
- ubuntu-15.04
- Started by
- Robert Ancell
- Completed by
Related branches
Related bugs
Sprints
Whiteboard
(?)
Work Items
Work items:
Create cryptsetup module to get key for decryption: TODO
Create command line tools to administer encryption password?: TODO
Create regression tests: TODO
Modify ubiquity to understand TPM and setup full disk encryption with it: TODO
Update appropriate documentation with new information about TPM: TODO
Security team review: TODO
Package and release into vivid: TODO
Main inclusion request: TODO
SRU to trusty / utopic: TODO
Dependency tree
* Blueprints in grey have been implemented.