- Add TRACE function tracing output under etc/functions, depending on CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT enabled in board configs
- Replace current DEBUG to TRACE calls in code, reserving DEBUG calls for more verbose debugging later on (output of variables etc)
- add 'export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y' in qemu-coreboot(fb)whiptail-tpm1(-hotp) boards to see it in action
Modify update_checksums() to return 0/1 on success/failure, and modify
callers to notify the user on error with a GUI msg.
Set background color as appropriate in gui-init.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Persist the background color (and error state) through
the main menu and all submenus. Use warning
background color for destructive operations, error color
for errors.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Set and export currently-used defaults in gui-init, but still
allow for inidividual boards to override via config if desired.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Move code duplicated across several GUI scripts into a common
gui_functions file and include/use that.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
mount-usb switched to dynamic USB device detection a while back,
so eliminate instances of CONFIG_BOOT_USB_DEV, and derive the
mounted USB device from /etc/mtab in the one place where it's
actually needed (usb-scan). Clean up areas around calls to
mount-usb for clarity/readability.
Addresses issue #673
Test: Build Librem 13v4, boot ISO file on USB
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Check that any files added to cbfs exist before attempting to
add them, so flashing doesn't fail after a reset.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Introduce option to remove any existing key(s) from firmware
and add a user-suppled key, before reflashing.
Move existing code for adding a new key to a separate function
so it can be reused for new feature without duplication.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
If the user has changed the /boot config but not yet flashed,
it's reasonable for them to expect that flashing to add/update
a GPG key won't revert those changes.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
In order to streamline the initial setup, prompt user to
update checksums/sign /boot files after adding a key and
updating the firmware, in order to avoid an extra reboot.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
This mimics tlauion's OEM work in the sense that a user (or OEM) could
choose this option and it will reset an OpenPGP smart card and
automatically generate a random key on it. The idea is to allow an OEM
to set up a Librem Key and Heads on a machine before shipping with a
random key, so the user can test for tampering when they receive the
machine, and then the user can choose to reset all of the keys with
their chosen keys after that fact.
This change updates the very basic GPG smartcard feature in the GPG GUI
so that it can properly support generating a key from within Heads. It
offers the user the option to copy the generated GPG public key to a USB
thumb drive so it's not lost as well as the option to reflash the
current Heads BIOS with this new public key added to the keyring.
I've moved the common functions required to flash a new ROM with GPG
changes into a shared function at the top of the script.
It makes more logical sense for GPG functions to be split out into their
own menu instead of being part of the "Flash" menu. This creates a
gpg-gui.sh script and moves GPG options there while adding a few
additional features (like listing keys and initial smartcard key
generation support).
