Skip to content

Commit

Permalink
Give wwan microservice access to the config partition
Browse files Browse the repository at this point in the history 
mmagent from the wwan microservice uses GetCipherCredentials to decrypt
username/password for a cellular network. Internally, this depends on
IsTpmEnabled() function, which determines the status of TPM by checking
for the presence/absence of /config/device.cert.pem and
/config/device.key.pem. This means that wwan container should have the
config partition mounted as well, otherwise IsTpmEnabled() may return
incorrect value and cause the decryption to fail.

Signed-off-by: Milan Lenco <milan@zededa.com>
(cherry picked from commit 2dcaf10)
  • Loading branch information
@milan-zededa
milan-zededa committed Feb 9, 2024
1 parent 4972221 commit de7d908
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions pkg/wwan/build.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ config:
- /lib/modules:/lib/modules
- /dev:/dev
- /run:/run
- /config:/config
- /:/hostfs
- /persist:/persist:rshared,rbind
net: host
Expand Down

0 comments on commit de7d908

Please sign in to comment.