Commit Graph

412 Commits

Author SHA1 Message Date
Trammell Hudson
fe4eab2a7e
use Linux 4.9.7 kernel (issue #103) 2017-02-01 11:47:43 -05:00
Trammell Hudson
267b355766
use v0.2.0 release of tpmtotp instead of git (issue #102) 2017-02-01 11:21:53 -05:00
Trammell Hudson
b387b27e82
Update expired key (issue #82)
Replace the expired key with my updated key, although users
should add their own keys to sign their own firmware images.

Todo: document how to add/replace public keys.

Longer term todo: remove trusted key from the initrd image
so that there is nothing variable between different users'
builds.
2017-02-01 10:28:35 -05:00
Trammell Hudson
1b9f99617a
wrong path to correct strip binary (issue #100) 2017-02-01 10:25:17 -05:00
Trammell Hudson
2acaf616b9
zero group/world bits in cpio file (issue #101) 2017-01-31 16:44:35 -05:00
Trammell Hudson
e051915707
use musl-libc cross compiler strip (issue #100) 2017-01-31 14:57:41 -05:00
Trammell Hudson
3008bb6945
Make musl-cross a normal Heads module.
This merges pull request #99 by @blackwellops and removes
the ./bootstrap script since the musl-cross can be built as
part of the normal dependency tree.
2017-01-31 13:22:43 -05:00
Trammell Hudson
bac717407f
Patch git checkouts, if a patch exists for a module. Add a per-module clean target. 2017-01-31 13:12:21 -05:00
Jason Blackwell
2f2d68755f
remove patch for MUSL_DEFAULT_VERSION
Signed-off-by: Trammell Hudson <trammell.hudson@twosigma.com>
2017-01-31 13:12:15 -05:00
Jason Blackwell
53bb0b0ac7
update musl-cross to github maintained mirror
Signed-off-by: Trammell Hudson <trammell.hudson@twosigma.com>
2017-01-31 13:11:58 -05:00
Trammell Hudson
bdf8a6c978
updated docs, make note of new bootstrap build procedure 2017-01-29 16:44:23 -05:00
Trammell Hudson
d64caac4db
silence the builds 2017-01-28 20:42:26 -05:00
Trammell Hudson
26ef81f5fb
coreboot flags to strip build paths (issue #95) 2017-01-28 20:21:47 -05:00
Trammell Hudson
1ec00592af
pass in flags to make Linux kernel reproducible (issue #94) 2017-01-28 18:38:29 -05:00
Trammell Hudson
d81073715a
set file device major/minor to zero (issue #93) 2017-01-28 17:23:29 -05:00
Trammell Hudson
66a663ac00
use our cross compiler for purgatory files, in place of host CC (issue #34) 2017-01-28 15:44:28 -05:00
Trammell Hudson
8d912ced8f
patch busybox to not include build times (issue #91) 2017-01-28 14:22:51 -05:00
Trammell Hudson
c144146ced
oops; do not die if we have to checkout the cross compiler 2017-01-28 13:25:44 -05:00
Trammell Hudson
1411dffb6a
Make modules not depend on build path (issue #1).
Use --prefix="" to ensure that no destination paths are in libraries.

Use -fdebug-prefix-map to rewrite build path so that it does not
appear in the executables.

Use -gno-record-gcc-switches to ensure that the -fdebug-prefix-map
does not appear in the executables.
2017-01-28 13:14:56 -05:00
Trammell Hudson
19cb1bcb73
use bootstrap built crossgcc 2017-01-28 13:14:48 -05:00
Trammell Hudson
8ca440b7ae
allow $(heads_cc) to contain spaces 2017-01-28 12:16:34 -05:00
Trammell Hudson
ecc40ed32a
fix bootstrap to install into heads/crossgcc 2017-01-28 12:16:07 -05:00
Trammell Hudson
2213500000
bootstrap the musl-libc gcc cross compiler and use it to build everything except coreboot 2017-01-27 18:01:25 -05:00
Trammell Hudson
5c425b3ec9
include uuid and devmapper since musl cross compiler is not linking them in 2017-01-27 18:00:56 -05:00
Trammell Hudson
24e54a65f6
Build GNU make-4.2 if the system make is the wrong version (issue #88).
Change all of the builds to use $(MAKE) instead of the /usr/bin/make.

Download and build GNU make-4.2 if the wrong version is installed
on the system.

Re-invoke build/make-4.2/make with the target that was passed in once
the correct make has been built.
2017-01-27 18:00:50 -05:00
Trammell Hudson
7294fa9438
use two spaces in sha256sum command (issue #89) 2017-01-27 18:00:45 -05:00
iseeareddoor
85dcbf6687
modules/coreboot: remove 'time' for dash compat
the 'time' builtin is a bashism whichis not supported in Debian's standard sh ('dash'), which is used implicitly here.
2017-01-23 13:35:48 -05:00
Trammell Hudson
b81a20fb71
enable CONFIG_NET, to allow cryptsetup to work (issue #79) 2017-01-05 06:00:59 -05:00
Trammell Hudson
5b3ca49a15
force kexec to build 64-bit version, otherwise xen fails to load 2017-01-05 04:29:56 -05:00
Trammell Hudson
8ff56aff5a
Enable IOMMU by default (issue #75) and prune kernel features. 2017-01-04 18:38:45 -05:00
Trammell Hudson
a8f2f0ec4a
Merge branch 'musl-libc' 2017-01-04 17:09:17 -05:00
Trammell Hudson
bf914e7156
make clean before install; crosscompile failed? 2017-01-04 17:05:29 -05:00
Trammell Hudson
58ff95818e
Working build with musl-libc cross compiler (issue #77).
Pass in the --host argument to all of the various programs
that need to treat the configure scripts as cross compilation
targets.

This removes all dependencies on the host libc (issue #7)
and adds some tools to the initrd (cryptsetup #46).
2017-01-04 16:39:10 -05:00
Trammell Hudson
e68f09bbfd
Make kexec work with musl-libc.
Remove unused tools (crash kernel and vmcore).

Replace "%Lx" scanf formatting with "%"SCNxPTR in /proc/iommem
reading code.  This might be a musl bug since it works with glibc
sscanf.
2017-01-04 13:51:36 -05:00
Trammell Hudson
84064debbe
musl-libc patches to build a successfull qemu image 2017-01-04 10:31:27 -05:00
Trammell Hudson
3e5be157e9
remove the dev mapper library output; it will be detected by the populate-lib step 2017-01-04 10:30:50 -05:00
Trammell Hudson
9273e252f6
Build initrd tools with musl-libc (issue #77).
This adds compilations modules for musl-libc and kernel-headers.
The entire initrd (busybox, cryptsetup, gpgv, kexec, etc) can be built
with the much smaller libc and it appears to work with chroot.

Library paths are not set correctly and files are installed into
heads/install to make them accessible to other modules.  This prevents
the initrd from working without manual fixup; need to fix before
merging into master.

Build times have gone up since everything is being rebuilt more
often for some reason.
2016-12-29 18:23:08 -05:00
Trammell Hudson
177dede4ca
install the gpgv binary into the initrd (typo in output variable) 2016-12-29 06:44:49 -05:00
Trammell Hudson
092a395dbc
update hash for gnupg-1.4 (issue #76) 2016-12-29 06:39:32 -05:00
Trammell Hudson
19721db935
strip libraries after populating initrd/lib (issue #74) 2016-12-28 16:47:35 -05:00
Trammell Hudson
065179758e
lzma is not required in kexec 2016-12-28 16:47:10 -05:00
Trammell Hudson
850abfc9c8
Remove -lm and -lpthreads dependencies from devmapper.
This resolves issue #73 by replacing the use of log10() with
an integer version so that -lm is no longer required.

The parts of dmsetup that we use don't need threads, so
-lpthreads is removed from the link line.
2016-12-28 12:50:48 -05:00
Trammell Hudson
5fd9878d28
Download and build almost all dependencies.
As part of issue #1, we should build all libraries and programs that we
deploy into the Heads initrd.  This modifies the module configurations
for all of them to install into heads/install so that we can build
against them.

Add dmsetup, cryptsetup and veritysetup (issue #46).

Build gpgv 1.4 as a standalone tool (issue #23).

Modify populate-lib to use the install directory by setting
LD_LIBRARY_PATH (issue #35).
2016-12-28 12:45:12 -05:00
Trammell Hudson
b27aebc559
single line output for tracking which libraries go with which programs 2016-12-28 12:39:48 -05:00
Trammell Hudson
be725ed104 Merge branch 'master' of ssh://github.com/osresearch/heads 2016-12-28 06:57:27 -05:00
Trammell Hudson
73a3b6d08f
removed old info, added link to presentatoin 2016-12-26 16:29:36 -05:00
Trammell Hudson
24dd8489b4
use the mega-binary version of the tpm utilities (issue #70) 2016-12-26 10:55:43 -05:00
Trammell Hudson
2a53c60453
use the mega TPM binary instead of the individual ones 2016-12-26 09:52:40 -05:00
Trammell Hudson
ccea67e8b4
shell scripts to help rewrite Qubes initrd /etc/crypttab (issue #29) 2016-12-13 15:10:47 -05:00
Trammell Hudson
8ce1309102 Merge branch 'master' of ssh://github.com/osresearch/heads 2016-12-13 14:59:13 -05:00