Add TPM support to full disk encryption

Registered by Robert Ancell on 2014-11-23

Currently full disk encryption is performed by using a password encrypted key on the file system. If the system has a Trusted Platform Module (TPM) chip then use that for storing the key.

Blueprint information

Status:
Started
Approver:
None
Priority:
Undefined
Drafter:
Robert Ancell
Direction:
Needs approval
Assignee:
None
Definition:
Approved
Series goal:
Proposed for vivid
Implementation:
Started
Milestone target:
milestone icon ubuntu-15.04
Started by
Robert Ancell on 2014-11-23

Related branches

Sprints

Whiteboard

(?)

Work Items

Work items:
Create cryptsetup module to get key for decryption: TODO
Create command line tools to administer encryption password?: TODO
Create regression tests: TODO
Modify ubiquity to understand TPM and setup full disk encryption with it: TODO
Update appropriate documentation with new information about TPM: TODO
Security team review: TODO
Package and release into vivid: TODO
Main inclusion request: TODO
SRU to trusty / utopic: TODO

Dependency tree

* Blueprints in grey have been implemented.

This blueprint contains Public information 
Everyone can see this information.