ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-19 21:17:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

config-gui.sh: permit io386 platform locking to be dynamically disabled at runtime

Browse Source 
ash_functions: make sure /tmp/config is sourced before going to recovery shell
TODO: revisit https://source.puri.sm/firmware/pureboot/-/blob/Release-27/initrd/bin/config-gui.sh#L33 to have proper config store later on
This commit is contained in:
Thierry Laurion 2023-06-18 17:08:45 -04:00
parent 39bb6ea313
commit 995a6931f1
No known key found for this signature in database
GPG Key ID: E7B4A71658E36A93
2 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
initrd/bin/config-gui.sh
View File

@ -10,6 +10,20 @@ TRACE "Under /bin/config-gui.sh"
param=$1
while true; do
dynamic_config_options=(
'b' ' Change the /boot device'
's' ' Save the current configuration to the running BIOS' \
'r' ' Clear GPG key(s) and reset all user settings' \
)
if [ "$CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE" = "y" ];then
dynamic_config_options+=(
't' ' Deactivate Platform Locking to permit OS write access to firmware'
)
fi
dynamic_config_options+=(
'x' ' Return to Main Menu'
)
if [ ! -z "$param" ]; then
# use first char from parameter
menu_choice=${param::1}
@ -18,16 +32,19 @@ while true; do
unset menu_choice
whiptail $BG_COLOR_MAIN_MENU --title "Config Management Menu" \
--menu "This menu lets you change settings for the current BIOS session.\n\nAll changes will revert after a reboot,\n\nunless you also save them to the running BIOS." 0 80 10 \
'b' ' Change the /boot device' \
's' ' Save the current configuration to the running BIOS' \
'r' ' Clear GPG key(s) and reset all user settings' \
'x' ' Return to Main Menu' \
"${dynamic_config_options[@]}" \
2>/tmp/whiptail || recovery "GUI menu failed"
menu_choice=$(cat /tmp/whiptail)
fi
case "$menu_choice" in
"t" )
unset CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE
replace_config /etc/config.user "CONFIG_FINALIZE_PLATFORM_LOCKING_PRESKYLAKE" "n"
combine_configs
. /tmp/config
;;
"x" )
exit 0
;;

1
initrd/etc/ash_functions
View File

@ -57,6 +57,7 @@ recovery() {
# ensure /tmp/config exists for recovery scripts that depend on it
touch /tmp/config
. /tmp/config
if [ "$CONFIG_TPM" = "y" ]; then
tpmr extend -ix 4 -ic recovery