From 9fb998bef056c8f8de99d91c1ebfb1a653f0bfef Mon Sep 17 00:00:00 2001
From: Trammell Hudson <hudson@trmm.net>
Date: Thu, 3 Nov 2016 16:45:50 -0400
Subject: [PATCH] check PGP signatures on xen, kernel and initrd (partial fix
 for #43)

---
 initrd/start-xen | 29 +++++++++++++++++++++++++----
 1 file changed, 25 insertions(+), 4 deletions(-)

diff --git a/initrd/start-xen b/initrd/start-xen
index db49603a..f5aa7038 100755
--- a/initrd/start-xen
+++ b/initrd/start-xen
@@ -1,9 +1,30 @@
 #!/bin/sh
 mount -o ro -t ext4 /dev/sda1 /boot
 
-exec kexec \
+die() { echo >&2 "$*"; exit 1; }
+
+XEN=/boot/xen-4.6.3.gz
+INITRD=/boot/initramfs-4.4.14-11.pvops.qubes.x86_64.img
+KERNEL=/boot/vmlinuz-4.4.14-11.pvops.qubes.x86_64
+
+echo "+++ Checking $XEN"
+gpgv "${XEN}.asc" "${XEN}" || die "Xen signature failed"
+echo "+++ Checking $INITRD"
+
+gpgv "${INITRD}.asc" "${INITRD}" || die "Initrd signature failed"
+
+echo "+++ Checking $KERNEL"
+gpgv "${KERNEL}.asc" "${KERNEL}" || die "Kernel signature failed"
+
+# should also check xen command line arguments!
+# should also check kernel command line arguments!
+
+kexec \
 	-l \
-	--module "/boot/vmlinuz-4.1.13-9.pvops.qubes.x86_64 placeholder root=/dev/mapper/qubes_dom0-root ro i915.preliminary_hw_support=1 rd.lvm.lv=qubes_dom0/root rd.luks.uuid=luks-0f662ac6-2939-48fe-bc95-f5a7e3d6fefb vconsole.font=latarcyrheb-sun16 rd.lvm.lv=qubes_dom0/swap rhgb" \
-	--module "/boot/initramfs-4.1.13-9.pvops.qubes.x86_64.img" \
+	--module "${KERNEL} root=LABEL=root rhgb" \
+	--module "${INITRD}" \
 	--command-line "no-real-mode reboot=no console=vga dom0_mem=min:1024M dom0_mem=max:4096M" \
-	/boot/xen-4.6.3.gz
+	"${XEN}"
+
+
+echo "Ready to start Xen: run 'kexec -e' to execute it"