From 257fa1ba5549831ee195a3355b948fe9185be05d5a18c22cc712642f929ac48c Mon Sep 17 00:00:00 2001
From: "Marc S. Weidner" <msw@coresecret.dev>
Date: Tue, 18 Nov 2025 15:58:03 +0000
Subject: [PATCH] V8.13.432.2025.11.18

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
---
 docs/MAN_CISS_ISO_BOOT_CHAIN.md | 61 +++++++++++++++++----------------
 1 file changed, 31 insertions(+), 30 deletions(-)

diff --git a/docs/MAN_CISS_ISO_BOOT_CHAIN.md b/docs/MAN_CISS_ISO_BOOT_CHAIN.md
index d26ed18..04553ac 100644
--- a/docs/MAN_CISS_ISO_BOOT_CHAIN.md
+++ b/docs/MAN_CISS_ISO_BOOT_CHAIN.md
@@ -224,38 +224,39 @@ dmsetup table --showkeys CHILD  # expect integrity hmac sha512 4096
 
 ```mermaid
 flowchart TD
-  subgraph ISO Build Time
-    direction TD
-      A["Embed and pin GPG FPR (into ISO & RootFS as needed)"] e00@--> B["Generate ISO-edge sha512sum.txt and .sig"];
-      B e01@--> C["Build filesystem.squashfs and wrap it into ciss_rootfs.crypt"];
-      e00@{ animation: fast }
-      e01@{ animation: fast }
-  end
 
-  subgraph ISO Boot Time
-    direction TD
-      C e02@--> D["0024 LUKS2, dm-integrity HMAC-SHA512"];
-      D e03@-->|SUCCESSFUL| E["ciss_rootfs.crypt opened"];
-      E e04@--> F["Mounting RootFS"];
-      F e05@--> G["0030 verification of authenticity and integrity via embedded and pinned GPG of ISO edge"];
-      G e06@-->|SUCCESSFUL| H["ISO edge verified"];
-      H e07@--> I["0042 post-decrypt-attestation of RootFS"];
-      I e08@-->|SUCCESSFUL| J["RootFS attestation successful"];
-      e02@{ animation: fast }
-      e03@{ animation: fast }
-      e04@{ animation: fast }
-      e05@{ animation: fast }
-      e06@{ animation: fast }
-      e07@{ animation: fast }
-      e08@{ animation: fast }
-  end
+subgraph ISO Build Time
+direction TD
+A["Embed and pin GPG FPR (into ISO & RootFS as needed)"] e00@--> B["Generate ISO-edge sha512sum.txt and .sig"];
+B e01@--> C["Build filesystem.squashfs and wrap it into ciss_rootfs.crypt"];
+e00@{ animation: fast }
+e01@{ animation: fast }
+end
 
-  subgraph ISO Run Time
-    direction TD
-      J e09@--> K{{"CISS.debian.live.builder ISO running"}};
-      X{{"Boot process halted"}};
-      e09@{ animation: fast }
-  end
+subgraph ISO Boot Time
+direction TD
+C e02@--> D["0024 LUKS2, dm-integrity HMAC-SHA512"];
+D e03@-->|SUCCESSFUL| E["ciss_rootfs.crypt opened"];
+E e04@--> F["Mounting RootFS"];
+F e05@--> G["0030 verification of authenticity and integrity via embedded and pinned GPG of ISO edge"];
+G e06@-->|SUCCESSFUL| H["ISO edge verified"];
+H e07@--> I["0042 post-decrypt-attestation of RootFS"];
+I e08@-->|SUCCESSFUL| J["RootFS attestation successful"];
+e02@{ animation: fast }
+e03@{ animation: fast }
+e04@{ animation: fast }
+e05@{ animation: fast }
+e06@{ animation: fast }
+e07@{ animation: fast }
+e08@{ animation: fast }
+end
+
+subgraph ISO Run Time
+direction TD
+J e09@--> K{{"CISS.debian.live.builder ISO running"}};
+X{{"Boot process halted"}};
+e09@{ animation: fast }
+end
 
 D -- FAIL --> X;
 G -- FAIL --> X;