Commit Graph

1342 Commits

Author SHA1 Message Date
Alexander Paetzelt
d472c43c79
Fix quoting of variable 2020-07-15 09:49:00 +02:00
Matt DeVillier
c2c45dae0e
Encapsulate changes to working directory inside subshells
For the handful of operations which need to be done with /boot
as the pwd, encapsulate them in subshells to ensure the pwd
doesn't unexpectedly change for other operations, as functions
which need to mount/unmount /boot may fail if the pwd isn't root.

Also, set the pwd to root at the start of detect_boot_device as an
added safety measure.

Test: run oem-factory-reset function, ensure it doesn't fail to
detect boot device due to incorrect working directory.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-07-13 17:30:00 -05:00
tlaurion
9719510f39
Merge pull request #776 from tlaurion/coreboot_481
coreboot: 4.8.1 fixed in Makefile, coreboot module and board configs
2020-07-12 11:51:15 -04:00
Matt DeVillier
f7c4cae903
*gui.sh: move common ops to gui_functions
Move code duplicated across several GUI scripts into a common
gui_functions file and include/use that.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-07-10 17:37:07 -05:00
Thierry Laurion
5f067ea908
coreboot: 4.8.1 fixed in Makefile, coreboot module and board configs (coreboot_481) to facilitate newer coreboot version integration and testing without breaking old fixed boards 2020-07-10 12:37:11 -04:00
tlaurion
268d9d64ac
Merge pull request #773 from MrChromebox/revert_gpg_toolstack
Revert "upgrade gpg toolstack to latest versions"
2020-07-10 10:07:25 -04:00
Matt DeVillier
5cb45bbc99
Revert "upgrade gpg toolstack to latest versions"
This reverts commit 972c25de7d.

This commit broke OEM factory reset functionality, so revert it
until the issue can be properly diagnosed.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-07-07 17:50:45 -05:00
Alexander Paetzelt
6fe409aaf3 Still need the exported pubkey file 2020-07-07 11:16:18 +02:00
Alexander Paetzelt
43971dc029 Make export to USB drive an option 2020-07-07 10:32:22 +02:00
tlaurion
54cb664ffc
Merge pull request #767 from MrChromebox/sysinfo_fixes
gui-init: Fix RAM and firmware version strings
2020-07-01 15:03:10 -04:00
Matt DeVillier
cdbd0fcf2a
gui-init: Fix RAM and firmware version strings
Show RAM in GB, since the calculation in MB is imprecise as
it excludes RAM allocated for GPU (eg).

Fix display of firmware version strings which contain spaces by
adjusting cut and simply chopping off the date at the end, which
is a fixed 10-char length.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-07-01 13:42:10 -05:00
alex-nitrokey
19cd15cf96
Remove gnupg pubkey export in oem-factory-reset
Since #758 is merged, users have a option to export GnuPG pubkey if
necessary. Thus, we they do not need to insert a USB drive during
factory reset. Until now the whole process failed just because a user
did not provide a USB drive instead.

This shall be fixed by this commit
2020-06-30 19:16:10 +02:00
alex-nitrokey
30236ffbaa
Delete AES keys of Nitrokey Storage after reset
If smartcard Nitrokey Storage was factory-reset, we delete AES keys on
it as well.

Explaination: After oem-factory-reset was started the AES on the Nitrokey Storage that is used for the encrypted volume and the password safe is is not usable anymore because the smart card was factory-reset. To make it usable, a user needs to delete it via Nitrokey App. By doing so, the HOTP secret is deleted as well, resulting in a bad warning in Heads. Therefore, we are resetting AES key right after factory-reset with hotp_verification
2020-06-30 18:29:42 +02:00
alex-nitrokey
e0f0655b5d
Merge branch 'hotp-neutral' into storage-factoryreset 2020-06-30 16:17:51 +02:00
Szczepan Zalega
9c9edb0cfc
Remove pkg-config and git version use 2020-06-30 16:00:04 +02:00
Szczepan Zalega
d3d4529545
GitlabCI: reset cache, and investigate
Calculate the uncompressed used cache space
Decrease retry count
2020-06-30 13:45:21 +02:00
alex-nitrokey
84b2f9b540
Re-arrange the order of label and device 2020-06-30 09:28:35 +02:00
tlaurion
8dc5b7616a
Merge pull request #756 from tlaurion/x230-hotp-verification_CBFS_fix
x230-htop-verification: coreboot CBFS_SIZE changed to 0x710000
2020-06-28 15:59:22 -04:00
tlaurion
d579e731b9
Merge pull request #659 from MrChromebox/mount-usb-status
mount-usb: provide useful output when loading kernel modules
2020-06-28 15:30:16 -04:00
tlaurion
94476bb470
Merge pull request #747 from MrChromebox/factory_reset_no_tpm
oem-factory-reset: Handle non-TPM case
2020-06-28 15:26:16 -04:00
tlaurion
cc572f4c68
Merge pull request #758 from Nitrokey/gpg-export
Add option to export pubkey
2020-06-28 15:08:36 -04:00
tlaurion
e6037a217e
Merge pull request #760 from Nitrokey/menu-systeminfo
Add systeminfo menu option
2020-06-28 15:04:41 -04:00
alex-nitrokey
53dc659c01
Replace libremkey_htop_* by hotp_* 2020-06-25 15:35:47 +02:00
alex-nitrokey
e418ecbf71
Fix MEMTOTAL calculation 2020-06-25 10:41:01 +02:00
alex-nitrokey
481082f2d8
Include adaption of @MrChromebox
See
5a3f599233
2020-06-25 10:40:25 +02:00
alex-nitrokey
20b07dd1b3
swap label and device and minor formatting change 2020-06-25 09:46:11 +02:00
alex-nitrokey
c2a2134eb2
Merge remote-tracking branch 'upstream/master' into hotp-neutral 2020-06-24 18:22:13 +02:00
alex-nitrokey
73c9d6efc8
Merge branch 'hotp-verification-update' into hotp-neutral-merge 2020-06-24 18:17:54 +02:00
alex-nitrokey
fecb9cfd80
Rename CONFIG_HOTP_BRANDING to HOTP_BRANDING
reason: it not a config option anymore
2020-06-24 18:12:56 +02:00
alex-nitrokey
2fe946ccbe
Fix termonology 2020-06-24 17:54:39 +02:00
alex-nitrokey
3236f0e170
Change name seal-libremkey -> seal-hotpkey 2020-06-24 17:45:08 +02:00
alex-nitrokey
5867fc516c
Store HOTP USB Security Key branding in /boot 2020-06-24 17:40:49 +02:00
alex-nitrokey
92b1826537
/boot needs to get mounted first 2020-06-24 17:36:53 +02:00
alex-nitrokey
aab2c327e3
Fix warning box title 2020-06-24 17:25:39 +02:00
alex-nitrokey
38ba257063
Include upstream updates of hotp_verification 2020-06-24 16:31:22 +02:00
alex-nitrokey
407778eb9a
Remove unintented paranthesis 2020-06-24 16:16:03 +02:00
alex-nitrokey
53b67d27a4
Prepare usage of /boot/kexec_hotp_key as branding 2020-06-24 16:11:41 +02:00
alex-nitrokey
c07f3b7f7c
Add systeminfo menu option 2020-06-24 10:07:36 +02:00
alex-nitrokey
6d29ab71f9
dd partition Label to menu list 2020-06-24 09:44:50 +02:00
alex-nitrokey
2763711083
Add option to export pubkey 2020-06-23 15:32:51 +02:00
Thierry Laurion
9798cf9c66
x230-htop-verification: coreboot CBFS_SIZE changed to 0x710000
as per https://github.com/osresearch/heads/pull/748/files#diff-540d604c350e8fd52c25559b642795fbR5
2020-06-20 11:04:32 -04:00
tlaurion
05c854753c
Merge pull request #625 from MrChromebox/tpm_luks
kexec-save-default: guard TPM LUKS usage with config option
2020-06-18 23:08:54 -04:00
tlaurion
fab603153b
Merge pull request #646 from alex-nitrokey/custom-userinfo
Add option to choose GnuPG userinfo during OEM reset
2020-06-17 14:00:31 -04:00
alex-nitrokey
28735a8c84
Add CONFIG_HOTP_BRANDING 2020-06-11 17:04:03 +02:00
alex-nitrokey
4069619ead
Rename libremkey-hotp-verification module 2020-06-11 15:54:10 +02:00
alex-nitrokey
fc8c7b0e64
Merge branch 'hotp-verification-update' into hotp-neutral 2020-06-11 15:44:53 +02:00
alex-nitrokey
342431746d
Quick fix to build 2020-06-11 15:39:12 +02:00
alex-nitrokey
1ba73ac1d5
Rename CONFIG_LIBREMKEY to CONFIG_HOTPKEY 2020-06-11 15:29:51 +02:00
Matt DeVillier
cbad9b6637
oem-factory-reset: Handle non-TPM case
Guard TPM-related bits by checking CONFIG_TPM = y

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2020-06-09 12:45:39 -05:00
alex-nitrokey
0e349c565e
Update hotp-verification 2020-06-09 18:42:55 +02:00