types/persist: add AttestationKey (#17281)
Extend Persist with AttestationKey to record a hardware-backed attestation key for the node's identity. Add a flag to tailscaled to allow users to control the use of hardware-backed keys to bind node identity to individual machines. Updates tailscale/corp#31269 Change-Id: Idcf40d730a448d85f07f1bebf387f086d4c58be3 Signed-off-by: Patrick O'Doherty <patrick@tailscale.com>
This commit is contained in:
Patrick O'Doherty
committed by
GitHub
GitHub
parent
a2dc517d7d
commit
e45557afc0
@@ -40,6 +40,8 @@ var infoOnce = sync.OnceValue(info)
|
||||
func init() {
|
||||
feature.Register("tpm")
|
||||
feature.HookTPMAvailable.Set(tpmSupported)
|
||||
feature.HookHardwareAttestationAvailable.Set(tpmSupported)
|
||||
|
||||
hostinfo.RegisterHostinfoNewHook(func(hi *tailcfg.Hostinfo) {
|
||||
hi.TPM = infoOnce()
|
||||
})
|
||||
|
||||
Reference in New Issue
Block a user