ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-19 04:57:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8dd1082808
heads/initrd/bin/flash-gui.sh

226 lines
8.0 KiB
Bash
Raw Normal View History

Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
#!/bin/sh
#
set -e -o pipefail
. /etc/functions
. /etc/config
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
mount_usb(){
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
# Mount the USB boot device
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
if ! grep -q /media /proc/mounts ; then
mount-usb "$CONFIG_USB_BOOT_DEV" || USB_FAILED=1
if [ $USB_FAILED -ne 0 ]; then
if [ ! -e "$CONFIG_USB_BOOT_DEV" ]; then
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
whiptail --title 'USB Drive Missing' \
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
--msgbox "Insert your USB drive and press Enter to continue." 16 60 USB_FAILED=0
mount-usb "$CONFIG_USB_BOOT_DEV" || USB_FAILED=1
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
fi
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
if [ $USB_FAILED -ne 0 ]; then
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
whiptail $CONFIG_ERROR_BG_COLOR --title 'ERROR: Mounting /media Failed' \
--msgbox "Unable to mount $CONFIG_USB_BOOT_DEV" 16 60
fi
fi
fi
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
}
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
file_selector() {
FILE=""
FILE_LIST=$1
MENU_MSG=${2:-"Choose the file"}
# create file menu options
if [ `cat "$FILE_LIST" | wc -l` -gt 0 ]; then
option=""
while [ -z "$option" ]
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
do
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
MENU_OPTIONS=""
n=0
while read option
do
n=`expr $n + 1`
option=$(echo $option | tr " " "_")
MENU_OPTIONS="$MENU_OPTIONS $n ${option}"
done < $FILE_LIST
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
MENU_OPTIONS="$MENU_OPTIONS a Abort"
whiptail --clear --title "Select your File" \
--menu "${MENU_MSG} [1-$n, a to abort]:" 20 120 8 \
-- $MENU_OPTIONS \
2>/tmp/whiptail || die "Aborting"
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
option_index=$(cat /tmp/whiptail)
if [ "$option_index" = "a" ]; then
option="a"
return
fi
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
option=`head -n $option_index $FILE_LIST | tail -1`
if [ "$option" == "a" ]; then
return
fi
done
if [ -n "$option" ]; then
FILE=$option
fi
else
whiptail $CONFIG_ERROR_BG_COLOR --title 'ERROR: No Files Found' \
--msgbox "No Files found matching the pattern. Aborting." 16 60
exit 1
fi
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
}
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
while true; do
unset menu_choice
whiptail --clear --title "BIOS Management Menu" \
--menu 'Select the BIOS function to perform' 20 90 10 \
'f' ' Flash the BIOS with a new ROM' \
Add option to flash cleaned ROM to GUI
2018-05-28 18:38:04 +00:00
'c' ' Flash the BIOS with a new cleaned ROM' \
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
'a' ' Add GPG key to BIOS image' \
'r' ' Add GPG key to running BIOS' \
'x' ' Exit' \
2>/tmp/whiptail || recovery "GUI menu failed"
menu_choice=$(cat /tmp/whiptail)
case "$menu_choice" in
"x" )
exit 0
;;
Add option to flash cleaned ROM to GUI
2018-05-28 18:38:04 +00:00
f|c )
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
if (whiptail --title 'Flash the BIOS with a new ROM' \
--yesno "This requires you insert a USB drive containing:\n* Your BIOS image (*.rom)\n\nAfter you select this file, this program will reflash your BIOS\n\nDo you want to proceed?" 16 90) then
mount_usb
if grep -q /media /proc/mounts ; then
find /media -name '*.rom' > /tmp/filelist.txt
file_selector "/tmp/filelist.txt" "Choose the ROM to flash"
if [ "$FILE" == "" ]; then
return
else
ROM=$FILE
fi
if (whiptail --title 'Flash ROM?' \
--yesno "This will replace your old ROM with $ROM\n\nDo you want to proceed?" 16 90) then
Add option to flash cleaned ROM to GUI
2018-05-28 18:38:04 +00:00
if [ "$menu_choice" == "c" ]; then
/bin/flash.sh -c $ROM
else
/bin/flash.sh $ROM
fi
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
whiptail --title 'ROM Flashed Successfully' \
--msgbox "$ROM flashed successfully. Press Enter to reboot" 16 60
umount /media
/bin/reboot
else
exit
fi
fi
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
fi
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
;;
"a" )
if (whiptail --title 'ROM and GPG public key required' \
--yesno "This requires you insert a USB drive containing:\n* Your GPG public key (*.key or *.asc)\n* Your BIOS image (*.rom)\n\nAfter you select these files, this program will reflash your BIOS\n\nDo you want to proceed?" 16 90) then
mount_usb
if grep -q /media /proc/mounts ; then
find /media -name '*.key' > /tmp/filelist.txt
find /media -name '*.asc' >> /tmp/filelist.txt
file_selector "/tmp/filelist.txt" "Choose your GPG public key"
if [ "$FILE" == "" ]; then
return
else
PUBKEY=$FILE
fi
find /media -name '*.rom' > /tmp/filelist.txt
file_selector "/tmp/filelist.txt" "Choose the ROM to load your key onto"
if [ "$FILE" == "" ]; then
return
else
ROM=$FILE
fi
cat $PUBKEY | gpg --import
cp $ROM /tmp/gpg-gui.rom
gpg2 pubring extension change from gpg to kbx
2018-11-15 00:39:11 +00:00
if (cbfs -o /tmp/gpg-gui.rom -l | grep -q "heads/initrd/.gnupg/pubring.kbx") then
cbfs -o /tmp/gpg-gui.rom -d "heads/initrd/.gnupg/pubring.kbx"
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
fi
gpg2 pubring extension change from gpg to kbx
2018-11-15 00:39:11 +00:00
cbfs -o /tmp/gpg-gui.rom -a "heads/initrd/.gnupg/pubring.kbx" -f /.gnupg/pubring.kbx
GPG2 required changes for key and trustdb generation and inclusion in rom .ash_history: add examples to generate keys and otrust in rom flash-gui: export otrust and import it in rom key-init: import otrust.txt if present to supress warning about user public key being untrusted
2019-01-26 17:20:31 +00:00
#TODO: Remove this? Not useful in GPG2
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
if (cbfs -o /tmp/gpg-gui.rom -l | grep -q "heads/initrd/.gnupg/trustdb.gpg") then
cbfs -o /tmp/gpg-gui.rom -d "heads/initrd/.gnupg/trustdb.gpg"
fi
cbfs -o /tmp/gpg-gui.rom -a "heads/initrd/.gnupg/trustdb.gpg" -f /.gnupg/trustdb.gpg
GPG2 required changes for key and trustdb generation and inclusion in rom .ash_history: add examples to generate keys and otrust in rom flash-gui: export otrust and import it in rom key-init: import otrust.txt if present to supress warning about user public key being untrusted
2019-01-26 17:20:31 +00:00
if (cbfs -o /tmp/gpg-gui.rom -l | grep -q "heads/initrd/.gnupg/otrust.txt") then
cbfs -o /tmp/gpg-gui.rom -d "heads/initrd/.gnupg/otrust.txt"
fi
cbfs -o /tmp/gpg-gui.rom -a "heads/initrd/.gnupg/otrust.txt" -f /.gnupg/otrust.txt
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
if (whiptail --title 'Flash ROM?' \
--yesno "This will replace your old ROM with $ROM\n\nDo you want to proceed?" 16 90) then
/bin/flash.sh /tmp/gpg-gui.rom
whiptail --title 'ROM Flashed Successfully' \
Add trivial word-wrapping for long output line
2018-05-23 23:14:44 +00:00
--msgbox "$ROM flashed successfully.\n\nIf your keys have changed, be sure to re-sign all files in /boot\nafter you reboot.\n\nPress Enter to reboot" 16 60
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
umount /media
/bin/reboot
else
exit 0
fi
fi
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
fi
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
;;
"r" )
if (whiptail --title 'GPG public key required' \
--yesno "Flashing the running BIOS requires you insert a USB drive containing:\n* Your GPG public key (*.key or *.asc)\n\nAfter you select this file, this program will copy and reflash your BIOS\n\nDo you want to proceed?" 16 90) then
mount_usb
if grep -q /media /proc/mounts ; then
find /media -name '*.key' > /tmp/filelist.txt
find /media -name '*.asc' >> /tmp/filelist.txt
file_selector "/tmp/filelist.txt" "Choose your GPG public key"
PUBKEY=$FILE
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
/bin/flash.sh -r /tmp/gpg-gui.rom
if [ ! -s /tmp/gpg-gui.rom ]; then
whiptail $CONFIG_ERROR_BG_COLOR --title 'ERROR: BIOS Read Failed!' \
--msgbox "Unable to read BIOS" 16 60
exit 1
fi
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
cat $PUBKEY | gpg --import
gpg2 pubring extension change from gpg to kbx
2018-11-15 00:39:11 +00:00
if (cbfs -o /tmp/gpg-gui.rom -l | grep -q "heads/initrd/.gnupg/pubring.kbx") then
cbfs -o /tmp/gpg-gui.rom -d "heads/initrd/.gnupg/pubring.kbx"
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
fi
gpg2 pubring extension change from gpg to kbx
2018-11-15 00:39:11 +00:00
cbfs -o /tmp/gpg-gui.rom -a "heads/initrd/.gnupg/pubring.kbx" -f /.gnupg/pubring.kbx
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
if (cbfs -o /tmp/gpg-gui.rom -l | grep -q "heads/initrd/.gnupg/trustdb.gpg") then
cbfs -o /tmp/gpg-gui.rom -d "heads/initrd/.gnupg/trustdb.gpg"
fi
cbfs -o /tmp/gpg-gui.rom -a "heads/initrd/.gnupg/trustdb.gpg" -f /.gnupg/trustdb.gpg
if (whiptail --title 'Update ROM?' \
--yesno "This will reflash your BIOS with the updated version\n\nDo you want to proceed?" 16 90) then
/bin/flash.sh /tmp/gpg-gui.rom
whiptail --title 'BIOS Updated Successfully' \
Add trivial word-wrapping for long output line
2018-05-23 23:14:44 +00:00
--msgbox "BIOS updated successfully.\n\nIf your keys have changed, be sure to re-sign all files in /boot\nafter you reboot.\n\nPress Enter to reboot" 16 60
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
umount /media
/bin/reboot
else
exit 0
fi
fi
fi
;;
"g" )
confirm_gpg_card
echo "********************************************************************************"
echo "*"
echo "* INSTRUCTIONS:"
echo "* Type 'admin' and then 'generate' and follow the prompts to generate a GPG key."
echo "*"
echo "********************************************************************************"
gpg --card-edit
;;
esac
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
Add BIOS ROM editing features to flash GUI In addition to being able to flash a ROM from the GUI, it would also be useful for a user to be able to add a GPG key to their keyring using the flashing tool. This change adds the ability for a user to edit both a ROM located on a USB key and also edit the running BIOS by using flashrom to make a local copy of the running BIOS, edit it, then reflash it. This also supports the upcoming delete feature in CBFS for circumstances where keyring files already exist within CBFS.
2018-05-17 22:31:23 +00:00
done
Split flash GUI into separate script To keep the flash logic simpler the GUI logic has been split into a flash-gui.sh program so flash.sh behaves closer to the original flashrom scripts it was based from. I've also removed the previous flashrom scripts and incorporated their options into flash.sh. Finally I set CONFIG_BOARD via the Makefile instead of setting a duplicate option in each board's config.
2018-05-11 21:08:31 +00:00
exit 0
Reference in New Issue Copy Permalink