- initrd/bin/gui-init : Add two additional menu options to LUKS reencrypt and LUKS passphrase change, calling functions of initrd/bin/reencrypt-luks
- initrd/bin/gui-init : Add option F for EOM Factory Reset / Reownership when no public key is exported by key-init
oem-factory-reset: adapt code so that custom passphrases can be provided by user without changing oem factory reset workflow.
oem-factory-reset: output provisioned secrets on screen at the end of of the process.
oem-factory-reset: warn user of what security components will be provisioned with defaults/customs PINs prior of choosing not after
gui-init and oem-factory-reset: change OEM Factory Reset -> OEM Factory Reset / Re-Ownership to cover actual use cases
It is going to be enabled later anyway (if CONFIG_HOTPKEY=y), so it can
also be simplified by enabling it at the very beginning.
This enables USB keyboard consistently during all boot menus, including
the "No Bootable OS Found" prompt. It isn't a big deal for "normal"
laptop usage, but it is important for automatic tests and also
non-laptop systems.
When files in /boot fail hash verification, the list of files
can sometimes overflow the whiptail msgbox, preventing the
prompt and buttons to update checksums from showing. To mitigate
this, if # of files is > 10, use less to show the file list and
present a separate prompt to update the checksums once the file
list has been viewed.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
After updating/flashing a new ROM, a new TOTP secret must be generated,
but the $TOTP variable needs to be updated afterwards, otherwise it
will show the previous failure which led to the new secret being
created.
Fix this by re-calling update_totp() after generating a new secret
or resetting the TPM.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
If user selects to manually update the TOTP via the menu,
we should do it regardless of elapsed time from previous
check. Otherwise, HOTP will be checked regardless of validity
of TOTP.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Modify update_checksums() to return 0/1 on success/failure, and modify
callers to notify the user on error with a GUI msg.
Set background color as appropriate in gui-init.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Persist the background color (and error state) through
the main menu and all submenus. Use warning
background color for destructive operations, error color
for errors.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Checking the keyring for a GPG and updating the TOTP/HTOP
status need only happen once at initial boot; the latter
can be updated at any later time from the main menu itself.
Having them repeated each loop of the main menu is unnecessary
(and often annoying). Likewise, the default auto boot can be
moved and the first_pass (and unused MAIN_MENU_OPTIONS)
variable dropped.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Now that all menu options are encapsulated in shell
functions, move menu handling from the main loop to
inside the menu/submenu function itself.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Break menus and menu items into functions where possible.
Improves readability of code / functional flow, and
makes future refactoring easier.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Name better reflects function purpose, allows 'update_totp'
to be used to actually update the TOTP code.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
if CONFIG_AUTO_BOOT_TIMEOUT exists and is set, and if HOTP
validation was successful, then attempt to boot the default
target after CONFIG_AUTO_BOOT_TIMEOUT seconds if not interrupted
by key press
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Check for presence of CONFIG_BOOT_DEV, and if missing or
unable to be mounted, present the user with a menu offering the
option to select another disk, boot from USB, continue to
main menu, or drop to a recovery shell.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Set and export currently-used defaults in gui-init, but still
allow for inidividual boards to override via config if desired.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
This will allow it to be used elsewhere within the UI.
Rename CONFIG_BOOT_GUI_MENU_NAME to better indicate use/function.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Attempting to reset the TPM when once isn't present causes a kernel
panic, so let's not allow users to do that.
Test: verify 'No TPM Detected' shown on Librem Mini when Reset TPM
option selected from menu.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Add a linebreak before showing list of files with changed
checksums. Fix text truncation on checksum update prompt.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
For the handful of operations which need to be done with /boot
as the pwd, encapsulate them in subshells to ensure the pwd
doesn't unexpectedly change for other operations, as functions
which need to mount/unmount /boot may fail if the pwd isn't root.
Also, set the pwd to root at the start of detect_boot_device as an
added safety measure.
Test: run oem-factory-reset function, ensure it doesn't fail to
detect boot device due to incorrect working directory.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Show RAM in GB, since the calculation in MB is imprecise as
it excludes RAM allocated for GPU (eg).
Fix display of firmware version strings which contain spaces by
adjusting cut and simply chopping off the date at the end, which
is a fixed 10-char length.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Commit 6b5adcca moved the call to enable_usb from gui-init
to init and guarded it with CONFIG_USB_KEYBOARD, but it was
missed that this is needed for the clean boot check logic
when a librem key is used. Add the call back to gui-init
and guard it properly
Test: clean_boot_detect works properly on a librem 13v4
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Some (out of tree) servers require use of a USB keyboard, and need
the USB kernel modules loaded prior to checking for keypress to enter
a recovery console. Since loading the modules affects the value in PRC5
and can cause issues putting a LUKS key in TPM, guard the loading of the
USB modules with CONFIG_USB_KEYBOARD and remove the unguarded call from
gui-init.
This should resolve issues #603 and #674.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Update text on TOTP error prompt to provide better
guidance for users following the use of the OEM
factory reset function
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>