ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-18 20:47:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,687 Commits 27 Branches 6 Tags 21 MiB
5420b8392e
Commit Graph

2687 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Thierry Laurion
5420b8392e blobs/xx30/optiplex_7010_9010.sh: use dell server first, fallback to archive.org (archive.org still having difficilties now) 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-25 09:20:06 -04:00
Thierry Laurion
94dab7eedf floss.fund: generate funding.json with helper to pass ingestion from https://dir.floss.fund/submit 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-18 17:04:13 -04:00
Thierry Laurion
4957bfe421 Floss.fund funding.json requirement: main->master url fix 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-18 15:17:34 -04:00
Thierry Laurion
077a703bb9 Floss.fund funding.json requirement 
This passed https://dir.floss.fund/validate validation

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-18 14:51:56 -04:00
Thierry Laurion
1683309f9c kexec-iso-init: Always show kernel arguments suppressions/additions overrides 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-16 18:33:02 -04:00
Thierry Laurion
f98553cec5 etc/distro/keys/tails.key: signing key changed again... 
Repro notes per last update at https://github.com/linuxboot/heads/pull/1631#issue-2224043052

rm -rf /tmp/tails-signing/
wget -q https://tails.boum.org/tails-signing.key -O tails-signing.key
mkdir -p /tmp/tails-signing/
gpg --home /tmp/tails-signing/ --import tails-signing.key
gpg --home /tmp/tails-signing/ --export --armor --export-options export-minimal,export-clean tails@boum.org > ~/heads/initrd/etc/distro/keys/tails.key

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-16 18:33:02 -04:00
Thierry Laurion
501d7da2be coreboot configs: remove serial coreboot console logging output instead, put console output to 7 (DEBUG) across all configs 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 11:48:53 -04:00
Thierry Laurion
fc055b91bc coreboot configs: remove coreboot serial console output logging (slows down boot outside of debugging use case) 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
90daec1e97 CircleCI: add HOTP variants, add optiplex blobs script execution so blobs are part of CircleCI cache (cleaning cache prior of push of this commit) 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
83707c7631 Optiplex boards: add HOTP variants, unify against x230-*-maximized board config formats 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
1d835bc6b7 optiplex 9010: add layout.txt used to expend ME region to match xx30 used ME, apply through ifdtool 
Repro notes:
./build/x86/coreboot-24.02.01/util/ifdtool/ifdtool -n blobs/optiplex_9010/layout.txt blobs/optiplex_9010/ifd.bin -O blobs/optiplex_9010/ifd.bin

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
7dd25db488 targets/optiplex_blobs.mk: run extraction script if any of the 3 blobs are not found under blobs/optiplex_9010/ 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
eb6e7ce273 Optiplex 9010: use ifd.bin from my board, move past ifd.bin to ifd_t16650.bin, document 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
4496d1bf1e Optiplex 7010/9010 SFF: add ifd.bin from libreboot's t16650 in tree, change optiplex_blobs.mk target and point coreboot config to this IFD 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
aa59169cc9 Bump nix develop based docker image to tlaurion/heads-dev-env:v0.2.3 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
4bbd1e8af3 flake.nix: Add fakeroot requirements so root user can be discovered through (/etc/passwd /etc/group file construction) 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
066dc144ce Bump nix develop based docker image to tlaurion/heads-dev-env:v0.2.2 
Pushing flake.nix new requirements for binwalk and uefi-firmware-parser to extract blobs

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
23cee75efd boards/optiplex-7010_9010_TXT-maximized: add new TXT board, poitn coreboot to blobs, add to CI 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
eb2feeb738 targets/optiplex_acm_blobs.mk: add Optiplex 7010/9010 Makefile inclusion target to automatically download+extract ACM/SINIT/EC blobs into place 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
2c0fc658c2 blobs/xx30/optiplex_7010_9010.sh: add script to download/extract ACM,SINIT and EC for Optiplex 7010/9010 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
9196509ba6 flake.nix: add binwalk and uefi-firmware-parser to extract OEM firmware images to blobs needed by scripts 
Requirements reproducing https://docs.dasharo.com/variants/dell_optiplex/initial-deployment/#firmware-preparation

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
8cf7d49fe8 Dell Optiplex 7019/9010 SFF inclusion based on coreboot master 24.02.01 for now 
- CircleCI: add build based on coreboot 24.02.01 release (might be old but unclear to my eyes now)
- Add board non-HOTP board config as a start, reuse x230 linux config
- Add coreboot config modified ans saved theourh coreboot Makefile file helper

Next steps
- Create blobs extraction scripts automating https://docs.dasharo.com/variants/dell_optiplex/initial-deployment/#firmware-preparation

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-10-15 09:50:14 -04:00
Thierry Laurion
79dc677d35
Merge pull request #1800 from JonathonHall-Purism/storage_puri_st_mirror 
bin/fetch_source_archive.sh: Add storage.puri.st mirror
 2024-10-02 11:39:28 -04:00
Jonathon Hall
d6ef65c578
bin/fetch_source_archive.sh: Add storage.puri.st mirror 
storage.puri.st is an alternate host name for storage.puri.sm, in case
there is another issue with the .sm name registration.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
 2024-09-26 08:59:01 -04:00
Jonathon Hall
3fef9e06c1
Merge remote-tracking branch 'github-tlaurion/dynamic_bootpart_detection' 
PR #1784
 2024-09-09 10:46:26 -04:00
Thierry Laurion
faa77d4064
/etc/functions:mount_possible_boot_device; punch exclusion of mount attempt on partitions <2Mb (4096 sectors) 
Removes spurious errors thrown for exfat in dmesg in that function. Something better to propose?

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-09 10:45:27 -04:00
Thierry Laurion
3574e12be9
board configs: remove CONFIG_BOOT_DEV so detect_boot_device detects it prior of oem-factory-reset usage 
repro:
sed -i '/CONFIG_BOOT_DEV/d' boards/*/*.config unmaintained_boards/*/*.config

qemu debug trace on preinstalled OS:
[    3.999725] [U] hello world
[    4.286215] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config)
[    4.315239] TRACE: Under init
[    4.369379] DEBUG: Applying panic_on_oom setting to sysctl
[    4.588333] TRACE: /bin/cbfs-init(5): main
[    4.728310] TRACE: /bin/cbfs-init(24): main
[    4.867039] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/pubring.kbx
[    4.946757] TRACE: /bin/tpmr(788): main
[    5.006987] DEBUG: TPM: Extending PCR[7] with hash 7ccf4f64044946cf4e5b0efe3d959f00562227ae
[    5.068692] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/pubring.kbx
[    5.326365] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/pubring.kbx
[    5.399511] TRACE: /bin/tpmr(788): main
[    5.460618] DEBUG: TPM: Extending PCR[7] with hash 547ca343719d3aa62af4763357d8c10cb35eae55
[    5.524608] DEBUG: exec tpm extend -ix 7 -if /.gnupg/pubring.kbx
[    5.752340] TRACE: /bin/cbfs-init(24): main
[    5.908677] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/trustdb.gpg
[    5.988169] TRACE: /bin/tpmr(788): main
[    6.044996] DEBUG: TPM: Extending PCR[7] with hash 7236ea8e612c1435259a8a0f8e0a8f1f5dba7042
[    6.101604] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/trustdb.gpg
[    6.371341] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/trustdb.gpg
[    6.451878] TRACE: /bin/tpmr(788): main
[    6.511948] DEBUG: TPM: Extending PCR[7] with hash 4697c489f359b40dd8aec55df52a33b1f580a3df
[    6.572785] DEBUG: exec tpm extend -ix 7 -if /.gnupg/trustdb.gpg
[    6.879519] TRACE: /bin/key-init(6): main
[    8.239618] TRACE: Under /etc/ash_functions:combine_configs
[    8.323781] TRACE: Under /etc/ash_functions:pause_recovery
!!! Hit enter to proceed to recovery shell !!!
[    8.572855] TRACE: /bin/setconsolefont.sh(6): main
[    8.631296] DEBUG: Board does not ship setfont, not checking console font
[    8.887295] TRACE: /bin/gui-init(641): main
[    8.920627] TRACE: /etc/functions(715): detect_boot_device
[    9.251212] TRACE: /etc/functions(682): mount_possible_boot_device
[    9.312602] TRACE: /etc/functions(642): is_gpt_bios_grub
[    9.410830] TRACE: /dev/vda1 is partition 1 of vda
[    9.540007] TRACE: /etc/functions(619): find_lvm_vg_name
[    9.707187] TRACE: Try mounting /dev/vda1 as /boot
[    9.766843] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null)
[    9.825028] TRACE: /bin/gui-init(319): clean_boot_check

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-09 10:35:03 -04:00
Thierry Laurion
66fd008089
Merge pull request #1789 from tlaurion/bug-remove_ash_function-TRACE_FUNC 
etc/ash_functions: remove TRACE_FUNC that cannot be used in ash, only under bash
 2024-09-09 09:31:49 -04:00
Thierry Laurion
0e90021931
etc/ash_functions: remove TRACE_FUNC that cannot be used in ash, only under bash 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-09 09:30:43 -04:00
Thierry Laurion
ebba590e63
Merge pull request #1787 from tlaurion/fix-whiptail_not_whowing_if_not_called_from_gui-init 
init: add export BG_COLOR_MAIN_MENU="normal" so that media-scan, confiig-gui flash-gui etc can be called from Recovery shell
 2024-09-09 09:13:10 -04:00
Thierry Laurion
7f7bc7057c
init: add export BG_COLOR_MAIN_MENU="normal" so that media-scan, config-gui and others can still be called from command line without passing from gui-init which was sole exporter of it 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-09 09:09:28 -04:00
Thierry Laurion
ca9bfb2e94
Merge pull request #1786 from tlaurion/reenable-debug_qemu-coreboot-whiptail-tpm2 
qemu-coreboot-whiptail-tpm2 board: reenable DEBUG + TRACING
 2024-09-09 09:08:41 -04:00
Thierry Laurion
501419b2b7
qemu-coreboot-whiptail-tpm2 board: reenable DEBUG + TRACING 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-09 09:06:37 -04:00
Thierry Laurion
523649bb19
Merge pull request #1758 from tlaurion/improve_tpm_basic_instrospection 
Improve TPM extend ops output in normal and DEBUG mode
 2024-09-06 17:30:51 -04:00
Thierry Laurion
77d4be1dc6
TPM extend ops: Augment output of TPM1/TMP22 for filename and file content hash ops 
Debug logtrace, screenshots of non-debug will be added in PR #1758

TPM1:
[    4.815559] [U] hello world
[    5.099000] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config)
[    5.122059] TRACE: Under init
[    5.165917] DEBUG: Applying panic_on_oom setting to sysctl
[    5.388757] TRACE: /bin/cbfs-init(5): main
[    5.516637] TRACE: /bin/cbfs-init(24): main
[    5.662271] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/pubring.kbx
[    5.732223] TRACE: /bin/tpmr(790): main
[    5.785372] DEBUG: TPM: Extending PCR[7] with hash 7ccf4f64044946cf4e5b0efe3d959f00562227ae
[    5.838082] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/pubring.kbx
[    6.081466] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/pubring.kbx
[    6.147455] TRACE: /bin/tpmr(790): main
[    6.196545] DEBUG: TPM: Extending PCR[7] with hash ee79223a3b9724ad1aab290a3785132805c79eae
[    6.251251] DEBUG: exec tpm extend -ix 7 -if /.gnupg/pubring.kbx
[    6.445119] TRACE: /bin/cbfs-init(24): main
[    6.585854] DEBUG: TPM: Will extend PCR[7] with hash of filename /.gnupg/trustdb.gpg
[    6.659172] TRACE: /bin/tpmr(790): main
[    6.707564] DEBUG: TPM: Extending PCR[7] with hash 7236ea8e612c1435259a8a0f8e0a8f1f5dba7042
[    6.757645] DEBUG: exec tpm extend -ix 7 -ic /.gnupg/trustdb.gpg
[    7.013547] DEBUG: TPM: Will extend PCR[7] hash content of file /.gnupg/trustdb.gpg
[    7.082863] TRACE: /bin/tpmr(790): main
[    7.131022] DEBUG: TPM: Extending PCR[7] with hash ca8898407cacd96d6f2de90ae90825351be81c62
[    7.183344] DEBUG: exec tpm extend -ix 7 -if /.gnupg/trustdb.gpg
[    7.413787] TRACE: /bin/key-init(6): main
[    8.718367] TRACE: Under /etc/ash_functions:combine_configs
[    8.803914] TRACE: Under /etc/ash_functions:pause_recovery
!!! Hit enter to proceed to recovery shell !!!
[    9.045341] TRACE: /bin/setconsolefont.sh(6): main
[    9.096853] DEBUG: Board does not ship setfont, not checking console font
[    9.320494] TRACE: /bin/gui-init(641): main
[    9.356729] TRACE: Under /etc/ash_functions:enable_usb
[    9.445981] TRACE: /sbin/insmod(9): main
[    9.609464] TRACE: /sbin/insmod(53): main
[    9.660145] DEBUG: No module parameters, extending only with the module's content
[    9.791896] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ehci-hcd.ko
[    9.860477] TRACE: /bin/tpmr(790): main
[    9.914849] DEBUG: TPM: Extending PCR[5] with hash bc9ff28a99e314cda69695ba34b26ed0d8b1e4ed
[    9.976867] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ehci-hcd.ko
[   10.146966] DEBUG: Loading /lib/modules/ehci-hcd.ko with busybox insmod
[   10.184086] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[   10.276564] TRACE: /sbin/insmod(9): main
[   10.433503] TRACE: /sbin/insmod(53): main
[   10.486272] DEBUG: No module parameters, extending only with the module's content
[   10.620200] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/uhci-hcd.ko
[   10.698710] TRACE: /bin/tpmr(790): main
[   10.750637] DEBUG: TPM: Extending PCR[5] with hash bcb2f15c7eb52484072a76fc8a0d7399f6cf2189
[   10.808379] DEBUG: exec tpm extend -ix 5 -if /lib/modules/uhci-hcd.ko
[   10.996254] DEBUG: Loading /lib/modules/uhci-hcd.ko with busybox insmod
[   11.026108] uhci_hcd: USB Universal Host Controller Interface driver
[   11.040703] uhci_hcd 0000:00:1d.0: UHCI Host Controller
[   11.053129] uhci_hcd 0000:00:1d.0: new USB bus registered, assigned bus number 1
[   11.061568] uhci_hcd 0000:00:1d.0: detected 2 ports
[   11.070973] uhci_hcd 0000:00:1d.0: irq 16, io base 0x0000ff00
[   11.089004] hub 1-0:1.0: USB hub found
[   11.097535] hub 1-0:1.0: 2 ports detected
[   11.114890] uhci_hcd 0000:00:1d.1: UHCI Host Controller
[   11.123848] uhci_hcd 0000:00:1d.1: new USB bus registered, assigned bus number 2
[   11.134989] uhci_hcd 0000:00:1d.1: detected 2 ports
[   11.142404] uhci_hcd 0000:00:1d.1: irq 17, io base 0x0000fee0
[   11.153338] hub 2-0:1.0: USB hub found
[   11.160572] hub 2-0:1.0: 2 ports detected
[   11.176481] uhci_hcd 0000:00:1d.2: UHCI Host Controller
[   11.183898] uhci_hcd 0000:00:1d.2: new USB bus registered, assigned bus number 3
[   11.193509] uhci_hcd 0000:00:1d.2: detected 2 ports
[   11.201574] uhci_hcd 0000:00:1d.2: irq 18, io base 0x0000fec0
[   11.211182] hub 3-0:1.0: USB hub found
[   11.219256] hub 3-0:1.0: 2 ports detected
[   11.314467] TRACE: /sbin/insmod(9): main
[   11.468430] TRACE: /sbin/insmod(53): main
[   11.521914] DEBUG: No module parameters, extending only with the module's content
[   11.656647] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ohci-hcd.ko
[   11.726721] TRACE: /bin/tpmr(790): main
[   11.778253] DEBUG: TPM: Extending PCR[5] with hash f563e46fbbed46423a1e10219953233d310792f5
[   11.831718] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ohci-hcd.ko
[   12.010752] DEBUG: Loading /lib/modules/ohci-hcd.ko with busybox insmod
[   12.044192] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[   12.136462] TRACE: /sbin/insmod(9): main
[   12.293409] TRACE: /sbin/insmod(53): main
[   12.345947] DEBUG: No module parameters, extending only with the module's content
[   12.481562] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ohci-pci.ko
[   12.547754] TRACE: /bin/tpmr(790): main
[   12.604827] DEBUG: TPM: Extending PCR[5] with hash a24699fdaac9976cc9447fd0cd444a469299ad2f
[   12.661256] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ohci-pci.ko
[   12.847247] DEBUG: Loading /lib/modules/ohci-pci.ko with busybox insmod
[   12.870986] ohci-pci: OHCI PCI platform driver
[   12.959387] TRACE: /sbin/insmod(9): main
[   13.112275] TRACE: /sbin/insmod(53): main
[   13.163112] DEBUG: No module parameters, extending only with the module's content
[   13.291360] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/ehci-pci.ko
[   13.364853] TRACE: /bin/tpmr(790): main
[   13.438536] DEBUG: TPM: Extending PCR[5] with hash b80a90e11a01eba40bb7e566f3374d0aad326acb
[   13.505500] DEBUG: exec tpm extend -ix 5 -if /lib/modules/ehci-pci.ko
[   13.679865] DEBUG: Loading /lib/modules/ehci-pci.ko with busybox insmod
[   13.704539] ehci-pci: EHCI PCI platform driver
[   13.725570] ehci-pci 0000:00:1d.7: EHCI Host Controller
[   13.735562] ehci-pci 0000:00:1d.7: new USB bus registered, assigned bus number 4
[   13.745092] ehci-pci 0000:00:1d.7: irq 19, io mem 0xfcf80000
[   13.773286] ehci-pci 0000:00:1d.7: USB 2.0 started, EHCI 1.00
[   13.783544] hub 4-0:1.0: USB hub found
[   13.791110] hub 4-0:1.0: 6 ports detected
[   13.800844] hub 1-0:1.0: USB hub found
[   13.807808] hub 1-0:1.0: 2 ports detected
[   13.823094] hub 2-0:1.0: USB hub found
[   13.829910] hub 2-0:1.0: 2 ports detected
[   13.839182] hub 3-0:1.0: USB hub found
[   13.846231] hub 3-0:1.0: 2 ports detected
[   13.946297] TRACE: /sbin/insmod(9): main
[   14.099143] TRACE: /sbin/insmod(53): main
[   14.149765] DEBUG: No module parameters, extending only with the module's content
[   14.291413] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/xhci-hcd.ko
[   14.372815] TRACE: /bin/tpmr(790): main
[   14.426919] DEBUG: TPM: Extending PCR[5] with hash 1fc55e846b9d5c93e58c6c8b6f867e744fa694bc
[   14.482815] DEBUG: exec tpm extend -ix 5 -if /lib/modules/xhci-hcd.ko
[   14.670419] DEBUG: Loading /lib/modules/xhci-hcd.ko with busybox insmod
[   14.783374] TRACE: /sbin/insmod(9): main
[   14.939364] TRACE: /sbin/insmod(53): main
[   14.995136] DEBUG: No module parameters, extending only with the module's content
[   15.135482] DEBUG: TPM: Will extend PCR[5] hash content of file /lib/modules/xhci-pci.ko
[   15.204263] TRACE: /bin/tpmr(790): main
[   15.255478] DEBUG: TPM: Extending PCR[5] with hash bbdd85242570aa438b908420a43b8d7042db8b4f
[   15.305598] DEBUG: exec tpm extend -ix 5 -if /lib/modules/xhci-pci.ko
[   15.480844] DEBUG: Loading /lib/modules/xhci-pci.ko with busybox insmod
[   15.512476] xhci_hcd 0000:00:04.0: xHCI Host Controller
[   15.528230] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 5
[   15.540456] xhci_hcd 0000:00:04.0: hcc params 0x00087001 hci version 0x100 quirks 0x0000000000000010
[   15.554225] hub 5-0:1.0: USB hub found
[   15.562061] hub 5-0:1.0: 4 ports detected
[   15.572058] xhci_hcd 0000:00:04.0: xHCI Host Controller
[   15.589966] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 6
[   15.598116] xhci_hcd 0000:00:04.0: Host supports USB 3.0 SuperSpeed
[   15.606150] usb usb6: We don't know the algorithms for LPM for this host, disabling LPM.
[   15.616354] hub 6-0:1.0: USB hub found
[   15.623767] hub 6-0:1.0: 4 ports detected
[   15.909854] usb 5-1: new high-speed USB device number 2 using xhci_hcd
[   16.193548] usb 6-2: new SuperSpeed Gen 1 USB device number 2 using xhci_hcd
[   16.345381] usb 5-3: new full-speed USB device number 3 using xhci_hcd
[   17.674973] TRACE: /etc/functions(715): detect_boot_device
[   17.718114] TRACE: /etc/functions(682): mount_possible_boot_device
[   17.759829] TRACE: /etc/functions(642): is_gpt_bios_grub
[   17.833271] TRACE: /dev/vda1 is partition 1 of vda
[   17.925490] TRACE: /etc/functions(619): find_lvm_vg_name
[   18.068352] TRACE: Try mounting /dev/vda1 as /boot
[   18.114444] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null)
[   18.158648] TRACE: /bin/gui-init(319): clean_boot_check
[   18.247883] TRACE: /bin/gui-init(348): check_gpg_key
[   18.338052] TRACE: /bin/gui-init(185): update_totp
[   18.419286] TRACE: /bin/unseal-totp(8): main
[   18.511352] TRACE: /bin/tpmr(614): tpm1_unseal
[   18.624811] DEBUG: Running at_exit handlers
[   18.661992] TRACE: /bin/tpmr(390): cleanup_shred
[   18.692897]  !!! ERROR: Unable to unseal TOTP secret !!!
[   21.295284] TRACE: /bin/unseal-totp(8): main
[   21.386377] TRACE: /bin/tpmr(614): tpm1_unseal
[   21.496183] DEBUG: Running at_exit handlers
[   21.527060] TRACE: /bin/tpmr(390): cleanup_shred
[   21.558625]  !!! ERROR: Unable to unseal TOTP secret !!!
[   24.162881] TRACE: /bin/unseal-totp(8): main
[   24.249549] TRACE: /bin/tpmr(614): tpm1_unseal
[   24.362331] DEBUG: Running at_exit handlers
[   24.394154] TRACE: /bin/tpmr(390): cleanup_shred
[   24.427400]  !!! ERROR: Unable to unseal TOTP secret !!!
[   26.475340] DEBUG: CONFIG_TPM: y
[   26.521538] DEBUG: CONFIG_TPM2_TOOLS:
[   26.578490] DEBUG: Show PCRs
[   26.730805] DEBUG: PCR-00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.751488] PCR-01: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.778571] PCR-02: C0 A9 54 C8 45 5C 78 49 80 EC 1C DB D8 E8 9B CC 65 11 58 BF
[   26.808771] PCR-03: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.830508] PCR-04: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.849538] PCR-05: 2C 3A 40 05 70 DB 21 89 4F CD C2 F8 D6 AE 40 DA 56 E1 B6 74
[   26.878951] PCR-06: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[   26.895421] PCR-07: 7A 8A 4C E6 BA B0 AA 26 22 B1 26 A2 F6 36 BD F3 86 23 50 B6

TPM2:
[    5.305235] [U] hello world
[    5.591175] DEBUG: Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config)
[    5.615802] TRACE: Under init
[    5.657823] DEBUG: Applying panic_on_oom setting to sysctl
[    5.831457] TRACE: /bin/tpmr(349): tpm2_startsession
[    6.567984] TRACE: /bin/cbfs-init(5): main
[    6.695758] TRACE: /bin/cbfs-init(24): main
[    6.811665] TRACE: /bin/tpmr(832): main
[    6.870411] DEBUG: TPM: Extending PCR[7] with /.gnupg/pubring.kbx
[    6.907262] TRACE: /bin/tpmr(234): tpm2_extend
[    6.983504] TRACE: /bin/tpmr(247): tpm2_extend
[    7.037543] DEBUG: TPM: Will extend PCR[7] with hash of string /.gnupg/pubring.kbx
[    7.192665] TRACE: /bin/tpmr(265): tpm2_extend
[    7.246318] DEBUG: TPM: Extended PCR[7] with hash 96ab5053e4630a040d55549ba73cff2178d401d763147776771f9774597b86a1
[    7.355327] TRACE: /bin/tpmr(832): main
[    7.409042] DEBUG: TPM: Extending PCR[7] with /.gnupg/pubring.kbx
[    7.446920] TRACE: /bin/tpmr(234): tpm2_extend
[    7.485782] TRACE: /bin/tpmr(252): tpm2_extend
[    7.540496] DEBUG: TPM: Will extend PCR[7] with hash of file content /.gnupg/pubring.kbx
[    7.759033] TRACE: /bin/tpmr(265): tpm2_extend
[    7.811693] DEBUG: TPM: Extended PCR[7] with hash f196f9cae98362568d31638e7522eee5042286b2c18627b06b30a0275207872e
[    7.903033] TRACE: /bin/cbfs-init(24): main
[    8.026099] TRACE: /bin/tpmr(832): main
[    8.077074] DEBUG: TPM: Extending PCR[7] with /.gnupg/trustdb.gpg
[    8.108061] TRACE: /bin/tpmr(234): tpm2_extend
[    8.180580] TRACE: /bin/tpmr(247): tpm2_extend
[    8.234748] DEBUG: TPM: Will extend PCR[7] with hash of string /.gnupg/trustdb.gpg
[    8.412522] TRACE: /bin/tpmr(265): tpm2_extend
[    8.469868] DEBUG: TPM: Extended PCR[7] with hash 53b843fe9bb52894d3a7d00197c776d56f3059f6a285124c7916724cd5013b0b
[    8.596316] TRACE: /bin/tpmr(832): main
[    8.655651] DEBUG: TPM: Extending PCR[7] with /.gnupg/trustdb.gpg
[    8.690508] TRACE: /bin/tpmr(234): tpm2_extend
[    8.723206] TRACE: /bin/tpmr(252): tpm2_extend
[    8.782554] DEBUG: TPM: Will extend PCR[7] with hash of file content /.gnupg/trustdb.gpg
[    8.999969] TRACE: /bin/tpmr(265): tpm2_extend
[    9.066744] DEBUG: TPM: Extended PCR[7] with hash abf745ef9f960af5d8b19a1acd4bc0a19da056f607b06cce6b920eab83cbbdec
[    9.215143] TRACE: /bin/key-init(6): main
[   10.661503] TRACE: Under /etc/ash_functions:combine_configs
[   10.749050] TRACE: Under /etc/ash_functions:pause_recovery
!!! Hit enter to proceed to recovery shell !!!
[   10.998267] TRACE: /bin/setconsolefont.sh(6): main
[   11.059640] DEBUG: Board does not ship setfont, not checking console font
[   11.303012] TRACE: /bin/gui-init(641): main
[   11.334099] TRACE: Under /etc/ash_functions:enable_usb
[   11.421487] TRACE: /sbin/insmod(9): main
[   11.578754] TRACE: /sbin/insmod(53): main
[   11.630500] DEBUG: No module parameters, extending only with the module's content
[   11.741780] TRACE: /bin/tpmr(832): main
[   11.789365] DEBUG: TPM: Extending PCR[5] with /lib/modules/ehci-hcd.ko
[   11.823496] TRACE: /bin/tpmr(234): tpm2_extend
[   11.862739] TRACE: /bin/tpmr(252): tpm2_extend
[   11.920404] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ehci-hcd.ko
[   12.123507] TRACE: /bin/tpmr(265): tpm2_extend
[   12.175292] DEBUG: TPM: Extended PCR[5] with hash 40c5206f06702e45d8e6632632255258af433be0641c96f514ea75ac14523a30
[   12.234130] DEBUG: Loading /lib/modules/ehci-hcd.ko with busybox insmod
[   12.278479] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[   12.371875] TRACE: /sbin/insmod(9): main
[   12.523874] TRACE: /sbin/insmod(53): main
[   12.578418] DEBUG: No module parameters, extending only with the module's content
[   12.697785] TRACE: /bin/tpmr(832): main
[   12.753607] DEBUG: TPM: Extending PCR[5] with /lib/modules/uhci-hcd.ko
[   12.786940] TRACE: /bin/tpmr(234): tpm2_extend
[   12.819199] TRACE: /bin/tpmr(252): tpm2_extend
[   12.879805] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/uhci-hcd.ko
[   13.088925] TRACE: /bin/tpmr(265): tpm2_extend
[   13.158660] DEBUG: TPM: Extended PCR[5] with hash 1877332107fb8737a5636da26d4db2c10ffe4d1db2bcbde30b47774cdf05e02f
[   13.223888] DEBUG: Loading /lib/modules/uhci-hcd.ko with busybox insmod
[   13.253700] uhci_hcd: USB Universal Host Controller Interface driver
[   13.269580] uhci_hcd 0000:00:1d.0: UHCI Host Controller
[   13.278675] uhci_hcd 0000:00:1d.0: new USB bus registered, assigned bus number 1
[   13.287280] uhci_hcd 0000:00:1d.0: detected 2 ports
[   13.296481] uhci_hcd 0000:00:1d.0: irq 16, io base 0x0000ff00
[   13.314557] hub 1-0:1.0: USB hub found
[   13.332614] hub 1-0:1.0: 2 ports detected
[   13.352400] uhci_hcd 0000:00:1d.1: UHCI Host Controller
[   13.361016] uhci_hcd 0000:00:1d.1: new USB bus registered, assigned bus number 2
[   13.368653] uhci_hcd 0000:00:1d.1: detected 2 ports
[   13.376700] uhci_hcd 0000:00:1d.1: irq 17, io base 0x0000fee0
[   13.395046] hub 2-0:1.0: USB hub found
[   13.403107] hub 2-0:1.0: 2 ports detected
[   13.418573] uhci_hcd 0000:00:1d.2: UHCI Host Controller
[   13.426975] uhci_hcd 0000:00:1d.2: new USB bus registered, assigned bus number 3
[   13.434733] uhci_hcd 0000:00:1d.2: detected 2 ports
[   13.442497] uhci_hcd 0000:00:1d.2: irq 18, io base 0x0000fec0
[   13.460237] hub 3-0:1.0: USB hub found
[   13.467466] hub 3-0:1.0: 2 ports detected
[   13.579102] TRACE: /sbin/insmod(9): main
[   13.730892] TRACE: /sbin/insmod(53): main
[   13.781345] DEBUG: No module parameters, extending only with the module's content
[   13.891152] TRACE: /bin/tpmr(832): main
[   13.954015] DEBUG: TPM: Extending PCR[5] with /lib/modules/ohci-hcd.ko
[   13.995207] TRACE: /bin/tpmr(234): tpm2_extend
[   14.031074] TRACE: /bin/tpmr(252): tpm2_extend
[   14.095694] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ohci-hcd.ko
[   14.315253] TRACE: /bin/tpmr(265): tpm2_extend
[   14.369608] DEBUG: TPM: Extended PCR[5] with hash 8a12ce4abfc87f11a023d4f1c26c225f5cffae248f9dad1fd30e78022996df02
[   14.425800] DEBUG: Loading /lib/modules/ohci-hcd.ko with busybox insmod
[   14.455207] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[   14.548050] TRACE: /sbin/insmod(9): main
[   14.693175] TRACE: /sbin/insmod(53): main
[   14.742761] DEBUG: No module parameters, extending only with the module's content
[   14.855233] TRACE: /bin/tpmr(832): main
[   14.908035] DEBUG: TPM: Extending PCR[5] with /lib/modules/ohci-pci.ko
[   14.940321] TRACE: /bin/tpmr(234): tpm2_extend
[   14.970307] TRACE: /bin/tpmr(252): tpm2_extend
[   15.018421] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ohci-pci.ko
[   15.226408] TRACE: /bin/tpmr(265): tpm2_extend
[   15.279951] DEBUG: TPM: Extended PCR[5] with hash 2065ee6544d78a5d31e67983166a9b8cf60dbe61bf0ee99c39e92816cc3a98db
[   15.335930] DEBUG: Loading /lib/modules/ohci-pci.ko with busybox insmod
[   15.360537] ohci-pci: OHCI PCI platform driver
[   15.446600] TRACE: /sbin/insmod(9): main
[   15.597149] TRACE: /sbin/insmod(53): main
[   15.649850] DEBUG: No module parameters, extending only with the module's content
[   15.753738] TRACE: /bin/tpmr(832): main
[   15.809086] DEBUG: TPM: Extending PCR[5] with /lib/modules/ehci-pci.ko
[   15.847559] TRACE: /bin/tpmr(234): tpm2_extend
[   15.878030] TRACE: /bin/tpmr(252): tpm2_extend
[   15.930320] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/ehci-pci.ko
[   16.131948] TRACE: /bin/tpmr(265): tpm2_extend
[   16.190395] DEBUG: TPM: Extended PCR[5] with hash 116145df2c495dfd58354025799fe5bb9b4d8e078960e8d0d7ceda746e4f2d06
[   16.247675] DEBUG: Loading /lib/modules/ehci-pci.ko with busybox insmod
[   16.275465] ehci-pci: EHCI PCI platform driver
[   16.296704] ehci-pci 0000:00:1d.7: EHCI Host Controller
[   16.306151] ehci-pci 0000:00:1d.7: new USB bus registered, assigned bus number 4
[   16.316293] ehci-pci 0000:00:1d.7: irq 19, io mem 0xfcf80000
[   16.340527] ehci-pci 0000:00:1d.7: USB 2.0 started, EHCI 1.00
[   16.357688] hub 4-0:1.0: USB hub found
[   16.365707] hub 4-0:1.0: 6 ports detected
[   16.376687] hub 1-0:1.0: USB hub found
[   16.384573] hub 1-0:1.0: 2 ports detected
[   16.393986] hub 2-0:1.0: USB hub found
[   16.401424] hub 2-0:1.0: 2 ports detected
[   16.410387] hub 3-0:1.0: USB hub found
[   16.418087] hub 3-0:1.0: 2 ports detected
[   16.513839] TRACE: /sbin/insmod(9): main
[   16.670778] TRACE: /sbin/insmod(53): main
[   16.721953] DEBUG: No module parameters, extending only with the module's content
[   16.835964] TRACE: /bin/tpmr(832): main
[   16.888003] DEBUG: TPM: Extending PCR[5] with /lib/modules/xhci-hcd.ko
[   16.919798] TRACE: /bin/tpmr(234): tpm2_extend
[   16.957470] TRACE: /bin/tpmr(252): tpm2_extend
[   17.013535] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/xhci-hcd.ko
[   17.225097] TRACE: /bin/tpmr(265): tpm2_extend
[   17.281099] DEBUG: TPM: Extended PCR[5] with hash 7f5a6bd0f7de6104e49374e1e5ce421e11795fcc4f53014ef9259d630d7876bc
[   17.337551] DEBUG: Loading /lib/modules/xhci-hcd.ko with busybox insmod
[   17.448660] TRACE: /sbin/insmod(9): main
[   17.595458] TRACE: /sbin/insmod(53): main
[   17.653305] DEBUG: No module parameters, extending only with the module's content
[   17.763612] TRACE: /bin/tpmr(832): main
[   17.817350] DEBUG: TPM: Extending PCR[5] with /lib/modules/xhci-pci.ko
[   17.849196] TRACE: /bin/tpmr(234): tpm2_extend
[   17.879069] TRACE: /bin/tpmr(252): tpm2_extend
[   17.927859] DEBUG: TPM: Will extend PCR[5] with hash of file content /lib/modules/xhci-pci.ko
[   18.126778] TRACE: /bin/tpmr(265): tpm2_extend
[   18.188056] DEBUG: TPM: Extended PCR[5] with hash 5502fa8c101f7e509145b9826094f06dd0e225c2311a14edc9ae9c812518a250
[   18.247945] DEBUG: Loading /lib/modules/xhci-pci.ko with busybox insmod
[   18.286509] xhci_hcd 0000:00:04.0: xHCI Host Controller
[   18.294553] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 5
[   18.308276] xhci_hcd 0000:00:04.0: hcc params 0x00087001 hci version 0x100 quirks 0x0000000000000010
[   18.320288] hub 5-0:1.0: USB hub found
[   18.328425] hub 5-0:1.0: 4 ports detected
[   18.337635] xhci_hcd 0000:00:04.0: xHCI Host Controller
[   18.344430] xhci_hcd 0000:00:04.0: new USB bus registered, assigned bus number 6
[   18.351769] xhci_hcd 0000:00:04.0: Host supports USB 3.0 SuperSpeed
[   18.360900] usb usb6: We don't know the algorithms for LPM for this host, disabling LPM.
[   18.371095] hub 6-0:1.0: USB hub found
[   18.378046] hub 6-0:1.0: 4 ports detected
[   18.673695] usb 5-1: new high-speed USB device number 2 using xhci_hcd
[   18.960744] usb 6-2: new SuperSpeed Gen 1 USB device number 2 using xhci_hcd
[   19.112485] usb 5-3: new full-speed USB device number 3 using xhci_hcd
[   20.433294] TRACE: /etc/functions(715): detect_boot_device
[   20.489580] TRACE: /etc/functions(682): mount_possible_boot_device
[   20.546126] TRACE: /etc/functions(642): is_gpt_bios_grub
[   20.653417] TRACE: /dev/vda1 is partition 1 of vda
[   20.777737] TRACE: /etc/functions(619): find_lvm_vg_name
[   20.946450] TRACE: Try mounting /dev/vda1 as /boot
[   20.997145] EXT4-fs (vda1): mounted filesystem with ordered data mode. Opts: (null)
[   21.053058] TRACE: /bin/gui-init(319): clean_boot_check
[   21.157752] TRACE: /bin/gui-init(348): check_gpg_key
[   21.260339] TRACE: /bin/gui-init(185): update_totp
[   21.376906] TRACE: /bin/unseal-totp(8): main
[   21.497372] TRACE: /bin/tpmr(569): tpm2_unseal
[   21.574501] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass=<empty>
[   22.212056] DEBUG: Running at_exit handlers
[   22.247818] TRACE: /bin/tpmr(374): cleanup_session
[   22.301292] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session
[   22.423005]  !!! ERROR: Unable to unseal TOTP secret !!!
[   25.058227] TRACE: /bin/unseal-totp(8): main
[   25.205031] TRACE: /bin/tpmr(569): tpm2_unseal
[   25.284388] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass=<empty>
[   25.914243] DEBUG: Running at_exit handlers
[   25.947988] TRACE: /bin/tpmr(374): cleanup_session
[   26.001694] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session
[   26.126464]  !!! ERROR: Unable to unseal TOTP secret !!!
[   28.766165] TRACE: /bin/unseal-totp(8): main
[   28.898452] TRACE: /bin/tpmr(569): tpm2_unseal
[   28.982708] DEBUG: tpm2_unseal: handle=0x81004d47 pcrl=0,1,2,3,4,7 file=/tmp/secret/totp.key pass=<empty>
[   29.609216] DEBUG: Running at_exit handlers
[   29.643372] TRACE: /bin/tpmr(374): cleanup_session
[   29.696741] DEBUG: Clean up session: /tmp/secret/unsealfile_policy.session
[   29.822748]  !!! ERROR: Unable to unseal TOTP secret !!!
[   31.890980] DEBUG: CONFIG_TPM: y
[   31.945147] DEBUG: CONFIG_TPM2_TOOLS: y
[   31.999643] DEBUG: Show PCRs
[   32.157607] DEBUG:   sha256:
[   32.190288] 0 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.221302] 1 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.251240] 2 : 0x9FC171D45D54BDD49D40E8438BCF15808427BA72B11EC2DF1ACE877CA0CF4F14
[   32.282127] 3 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.315382] 4 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.345767] 5 : 0xD76470232B7C3FD7D18D4DF3B77DACAFFDB876DBF3E84C996D74F7ECFA0FF60F
[   32.379099] 6 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.409630] 7 : 0x2E3147A8ADA1FEBEB2D32D7F50F25DC10F47D7CD48DF1D61A2D6BF958114A231
[   32.439780] 8 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.508514] 9 : 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.537395] 10: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.583510] 11: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.622661] 12: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.651831] 13: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.687298] 14: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.721766] 15: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.751345] 16: 0x0000000000000000000000000000000000000000000000000000000000000000
[   32.782919] 17: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[   32.813071] 18: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[   32.841994] 19: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[   32.869358] 20: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[   32.907215] 21: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[   32.937346] 22: 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
[   32.967810] 23: 0x0000000000000000000000000000000000000000000000000000000000000000

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-06 17:15:53 -04:00
Jonathon Hall
de7902f5b9
cbfs-init, insmod: Bring back params/filenames into PCR measurements 
cbfs-init used to measure filenames as well as the data in the files,
but after refactoring it only measures file data.  This means files
could be renamed, or contents pivoted, without affecting the PCR
measurements.  Bring back the filename measurement.

Similarly, insmod used to measure module parameters, but no longer
does.  Though we don't currently insert any modules with parameters,
there's no reason to leave this open to break later, bring back the
measurement.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
 2024-09-06 09:43:14 -04:00
Thierry Laurion
250a144d67
Merge remote-tracking branch 'osresearch/master' into HEAD 2024-09-06 09:43:02 -04:00
Jonathon Hall
b28c257b85
Merge remote-tracking branch 'github-tlaurion/key-init_fix-time_give-warning-on-gpg-errors' 
PR #1776
 2024-09-06 09:36:10 -04:00
Jonathon Hall
62c8366d20
key-init: If time resets, tell user to set it, but allow skipping 
The 'warn' message was not very effective, because change-time.sh
clears the screen right after.  Prompt with whiptail instead, which
also lets the user know what's happening before we drop them into a
series of prompts.

Let the user skip changing time if they really want to.  While they
usually should set the time, it's rather frustrating if Heads forces
them to go through these prompts when they don't want to.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-06 09:27:37 -04:00
Thierry Laurion
cbd1f285c6
Merge remote-tracking branch 'osresearch/master' into key-init_fix-time_give-warning-on-gpg-errors 2024-09-06 09:27:23 -04:00
Thierry Laurion
9bb6605945
Merge pull request #1781 from JonathonHall-Purism/librem_11_fix_add_ci 
Librem 11: Fix build, add to CI
 2024-09-06 09:07:57 -04:00
Jonathon Hall
d66f476d28
.circleci/config.yml: Add Librem 11 
We didn't notice the breakage for Librem 11 because it wasn't in CI.
Add it.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
 2024-09-05 14:27:30 -04:00
Jonathon Hall
e1bcf65998
config/coreboot-librem_11.config: Fix build, restore Wi-Fi coreboot cfg 
a9e6dfe8 ("config/coreboot-*: Turn off WIFI support in coreboot. If
regression, will turn on case by case") broke builds for Librem 11.
CONFIG_DRIVER_WIFI_GENERIC is required for Librem 11 as it describes
its built-in Wi-Fi card in the device tree.

The CONFIG_DRIVER_INTEL_WIFI driver does not actually seem to be
needed directly, but this is the only way to bring in the generic
driver, which is not selectable itself.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
 2024-09-05 14:23:50 -04:00
Jonathon Hall
c0762aa5e7
Merge remote-tracking branch 'github-tlaurion/automatic_boot_newline' 
PR #1779
 2024-09-05 10:00:55 -04:00
Thierry Laurion
b2264534a0
Merge pull request #1778 from tlaurion/fix_whiptail_color_output_remnants_bug 
oem-factory-reset gui-init: fix whiptail_error segfaulting because selfcalling itself; fix typo in gui-init
 2024-09-04 15:16:41 -04:00
Thierry Laurion
32bb2e59eb
gui_functions: add newline after message telling user that automatic boot will happen unless interrupted 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-04 14:55:03 -04:00
Thierry Laurion
3c76bdc510
oem-factory-reset gui-init: fix whiptail_error segfaulting because selfcalling itself, fix typo in gui-init 
fix bugs introduced by #1698

Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-04 14:26:57 -04:00
Thierry Laurion
9633d6bfb1
key-init: only attempt to import individual user keys if legacy dir exists, skip otherwise 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-03 15:25:05 -04:00
Thierry Laurion
ebb4d7ab69
key-init: force user to change time if <2024, give warnings on errors 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
 2024-09-03 14:28:45 -04:00
Thierry Laurion
3b22ae68e5
Merge pull request #1772 from tlaurion/fix_config_user_reproducibility_for_undoing 
init: make sure config.user is overriden only with new values so that going DEBUG/undoing can work reproducibly
 2024-09-02 13:51:30 -04:00