Commit Graph

875 Commits

Author SHA1 Message Date
Trammell Hudson
8384201e9c
Change ethernet drivers to be modules and measure them when they are loaded.
This is a step towards unifying the server and laptop config (issue #139)
and also makes it possible to later remove the USB modules from the
normal boot path.
2017-03-28 16:32:58 -04:00
Trammell Hudson
c3757650fd
wget and measure files into the PCR 2017-03-27 18:03:29 -04:00
Trammell Hudson
b0d2d4b5ba
run dhcp automatically on boot 2017-03-27 18:03:09 -04:00
Trammell Hudson
f39dfd321d
enable dhcp and add helper script for lease setup 2017-03-27 15:56:10 -04:00
Trammell Hudson
b387b27e82
Update expired key (issue #82)
Replace the expired key with my updated key, although users
should add their own keys to sign their own firmware images.

Todo: document how to add/replace public keys.

Longer term todo: remove trusted key from the initrd image
so that there is nothing variable between different users'
builds.
2017-02-01 10:28:35 -05:00
Trammell Hudson
84064debbe
musl-libc patches to build a successfull qemu image 2017-01-04 10:31:27 -05:00
Trammell Hudson
ccea67e8b4
shell scripts to help rewrite Qubes initrd /etc/crypttab (issue #29) 2016-12-13 15:10:47 -05:00
Trammell Hudson
3f444efe8c
formatting 2016-11-23 10:46:32 -05:00
Trammell Hudson
da2a6580ce
allow key file to be specified on command line 2016-11-23 10:45:39 -05:00
Trammell Hudson
e9e6d661d3
wrappers to seal/unseal drive encryption keys from the TPM 2016-10-28 04:59:51 -04:00
Trammell Hudson
eda28b5800
move start-xen so that it is in the path 2016-10-28 04:59:21 -04:00
Trammell Hudson
a281d6b8a5
fix default location for trusted keys 2016-10-28 04:58:57 -04:00
Trammell Hudson
5a5e7047c7
fix default location for trusted keys 2016-10-28 04:58:39 -04:00
Trammell Hudson
f65fe75823
simplify startup arguments for qubes r3.2 2016-10-28 04:57:11 -04:00
Trammell Hudson
9311428082
add /sbin paths 2016-10-26 15:11:12 -04:00
Trammell Hudson
279d384885
check signatures on kernel, initramfs and xen (issue #43) 2016-10-25 14:42:36 -04:00
Trammell Hudson
4d20bc3e13
preload the recovery shell command line history 2016-09-26 13:51:10 -04:00
Trammell Hudson
9a85bc22d9
use the new tpmtotp shell scripts 2016-09-09 17:24:52 -04:00
Trammell Hudson
8a32fb4ac3
warn if there is no totp file 2016-08-14 16:00:34 -04:00
Trammell Hudson
80b82fdfc4
extract and verify gpg signature on the boot script 2016-08-06 17:13:22 -04:00
Trammell Hudson
0c090c49ed
add no-real-mode to Xen parameters 2016-08-05 12:25:35 -04:00
Trammell Hudson
b3786d256a
tpmtotp and qrencode deps 2016-07-31 22:39:07 -04:00
Trammell Hudson
2471e15109
cleanup initrd, improve population of lib directories, remove some extra drivers, add notes on /dev 2016-07-28 00:08:33 -04:00
Trammell Hudson
68e77385bc
use modified xen-4.6.3 instead of xen on the drive 2016-07-26 15:06:09 -04:00
Trammell Hudson
a6d9902a2d
started on automated build process 2016-07-25 10:08:53 -04:00