2 # Execute a script to recover the SEV supplied secret and use it to
3 # decrypt a luks volume. For security, the kernel must be on an encrypted
4 # volume so reboot if none are found.
6 # Copyright (C) 2020 James Bottomley, IBM Corporation.
8 # SPDX-License-Identifier: BSD-2-Clause-Patent
12 echo "Entering grub config"
15 echo "Failed to locate anything in the SEV secret area, prompting for password"
20 echo "Failed to mount root securely, retrying with password prompt"
25 for f in (crypto*); do
26 if [ -e $f/boot/grub/grub.cfg ]; then
28 set prefix=($root)/boot/grub
32 if [ x$root = x ]; then
33 echo "Failed to find any grub configuration on the encrypted volume"
37 # rest of modules to get boot to work
45 echo "Transferring to ${prefix}/grub.cfg"
46 source $prefix/grub.cfg