Fix HOTP verfication failure if LK admin pin/passphrase contains
spaces by quoting the variables when passed to functions.
Test: set LK admin pin to passphrase with spaces, generate
new TOTP/HOTP, verification passes.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Reading the file into a variable and then redirecting to stdin
via echo() can cause the binary data to be truncated, leading
to an invalid base32 value and failure to properly generate
and validate the HOTP code.
To resolve this, pass the file directly to hotp(), and ensure
it is removed properly regardless of success or failure to
prevent leakage.
Fixes "Invalid base32 string" error seen when attempting to
generate a new TOTP secret.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
These two patches add the capability for coreboot to generate
the RMRR ACPI tables needed for proper IOMMU support. These
patches allow us to use 'intel_iommu=on' vs 'iommu=pt'
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
crossgcc is now using gcc 8.1.0 which will compile without issues
if your host system has gcc 8.x
This is required if we are to build on a new system (such as latest Fedora)
Currently the Librem Key tests will time out after 40 seconds, which
adds to the boot time significantly if the user wants to boot without
inserting it. This patch changes that timeout to one second.
The Librem Key is a custom device USB-based security token Nitrokey is
producing for Purism and among other things it has custom firmware
created for use with Heads. In particular, when a board is configured
with CONFIG_LIBREMKEY, this custom firmware allows Heads to use the
sealed TOTP secret to also send an HOTP authentication to the Librem
Key. If the HOTP code is successful, the Librem Key will blink a green
LED, if unsuccessful it will blink red, thereby informing the user that
Heads has been tampered with without requiring them to use a phone to
validate the TOTP secret.
Heads will still use and show the TOTP secret, in case the user wants to
validate both codes (in case the Librem Key was lost or is no longer
trusted). It will also show the result of the HOTP verification (but not
the code itself), even though the user should trust only what the Librem
Key displays, so the user can confirm that both the device and Heads are
in sync. If HOTP is enabled, Heads will maintain a new TPM counter
separate from the Heads TPM counter that will increment each time HOTP
codes are checked.
This change also modifies the routines that update TOTP so that if
the Librem Key executables are present it will also update HOTP codes
and synchronize them with a Librem Key.
Fixes access to the EC through the Index I/O interface
Fixes AC and DC LoadLine values to avoid overheating problems
Fix Turbo mode value from EC
Change version name to have '-heads' suffix
Add a new series of patches which add measurement support for skylake,
add IOMMU for skylake, fix TPM support, and add support for TPM for
the Librem 13v2 and Librem 15v3 hardware.
This modifies the segment at 0x0 so that it contains enough of a fake
Extended BIOS Data Area at addresses 0x40e and 0x413 that Xen can
correctly locate its trampoline code.
Since custom Xen is no longer required, we can remove the module,
the patches and all of the references to it in the board definition
files.
This allows flashrom to work on the r630 NERF server, but
also increases the size of the flashrom executable significantly
since it brings in all chipset and flash types.
This development branch builds a NERF firmware for the Dell R630
server. It does not use coreboot; instead it branches directly
from the vendor's PEI core into Linux and the Heads runtime
that is setup to be run as an EFI executable.
Reduce the size of flashrom by commenting out most flash chips,
boards and programmers.
Wrapper script to make it easier to rewrite the ROM on the x230
using the flashrom layout.
Keep the entire 12 MB ROM for flashing.
Remove unused tools (crash kernel and vmcore).
Replace "%Lx" scanf formatting with "%"SCNxPTR in /proc/iommem
reading code. This might be a musl bug since it works with glibc
sscanf.
This resolves issue #73 by replacing the use of log10() with
an integer version so that -lm is no longer required.
The parts of dmsetup that we use don't need threads, so
-lpthreads is removed from the link line.
