Trammell Hudson
3e5be157e9
remove the dev mapper library output; it will be detected by the populate-lib step
2017-01-04 10:30:50 -05:00
Trammell Hudson
9273e252f6
Build initrd tools with musl-libc (issue #77 ).
...
This adds compilations modules for musl-libc and kernel-headers.
The entire initrd (busybox, cryptsetup, gpgv, kexec, etc) can be built
with the much smaller libc and it appears to work with chroot.
Library paths are not set correctly and files are installed into
heads/install to make them accessible to other modules. This prevents
the initrd from working without manual fixup; need to fix before
merging into master.
Build times have gone up since everything is being rebuilt more
often for some reason.
2016-12-29 18:23:08 -05:00
Trammell Hudson
177dede4ca
install the gpgv binary into the initrd (typo in output variable)
2016-12-29 06:44:49 -05:00
Trammell Hudson
092a395dbc
update hash for gnupg-1.4 (issue #76 )
2016-12-29 06:39:32 -05:00
Trammell Hudson
19721db935
strip libraries after populating initrd/lib (issue #74 )
2016-12-28 16:47:35 -05:00
Trammell Hudson
065179758e
lzma is not required in kexec
2016-12-28 16:47:10 -05:00
Trammell Hudson
850abfc9c8
Remove -lm and -lpthreads dependencies from devmapper.
...
This resolves issue #73 by replacing the use of log10() with
an integer version so that -lm is no longer required.
The parts of dmsetup that we use don't need threads, so
-lpthreads is removed from the link line.
2016-12-28 12:50:48 -05:00
Trammell Hudson
5fd9878d28
Download and build almost all dependencies.
...
As part of issue #1 , we should build all libraries and programs that we
deploy into the Heads initrd. This modifies the module configurations
for all of them to install into heads/install so that we can build
against them.
Add dmsetup, cryptsetup and veritysetup (issue #46 ).
Build gpgv 1.4 as a standalone tool (issue #23 ).
Modify populate-lib to use the install directory by setting
LD_LIBRARY_PATH (issue #35 ).
2016-12-28 12:45:12 -05:00
Trammell Hudson
b27aebc559
single line output for tracking which libraries go with which programs
2016-12-28 12:39:48 -05:00
Trammell Hudson
be725ed104
Merge branch 'master' of ssh://github.com/osresearch/heads
2016-12-28 06:57:27 -05:00
Trammell Hudson
73a3b6d08f
removed old info, added link to presentatoin
2016-12-26 16:29:36 -05:00
Trammell Hudson
24dd8489b4
use the mega-binary version of the tpm utilities (issue #70 )
2016-12-26 10:55:43 -05:00
Trammell Hudson
2a53c60453
use the mega TPM binary instead of the individual ones
2016-12-26 09:52:40 -05:00
Trammell Hudson
ccea67e8b4
shell scripts to help rewrite Qubes initrd /etc/crypttab (issue #29 )
2016-12-13 15:10:47 -05:00
Trammell Hudson
8ce1309102
Merge branch 'master' of ssh://github.com/osresearch/heads
2016-12-13 14:59:13 -05:00
Trammell Hudson
45ba75949b
kernel 4.9 setup with framebuffer for x230 (issue #64 )
2016-12-13 14:58:23 -05:00
Trammell Hudson
bf3b5a44be
Merge branch 'paulmenzel-remove-trailing-whitespace'
2016-12-13 13:25:50 -05:00
Paul Menzel
92b20bdfb6
Strip trailing whitespace
2016-12-13 19:10:21 +01:00
Trammell Hudson
6040851d36
Merge branch 'paulmenzel-spell-coreboot-lowercase'
2016-12-13 13:07:09 -05:00
Paul Menzel
aa3375f5ef
Spell coreboot all lowercase
...
[coreboot](https://www.coreboot.org/ ) is officially spelled all
lowercase.
2016-12-13 18:02:35 +01:00
Trammell Hudson
a6520772dc
Update Heads to use the 4.9 Linux LTS kernel.
...
No patches are required to boot 4.9 as a coreboot payload,
unlike the 4.7 kernel that required a head_64.S patch.
The new kernel is about 40 KB larger than the 4.7; the
config might be shrinkable.
Close issue #61 .
2016-12-12 11:01:18 -05:00
Trammell Hudson
ff5639a542
Build cryptsetup and install it into the initrd
2016-12-01 14:03:55 -05:00
Trammell Hudson
0aae22d67c
increase CBFS size for qemu builds to allow easier experimentation
2016-12-01 14:02:57 -05:00
Trammell Hudson
c98a392508
enable EPOLL for plymouth
2016-12-01 14:02:26 -05:00
Trammell Hudson
3b0509758a
parse the Firmware Interface Table (FIT) on a ROM image
2016-12-01 13:57:35 -05:00
Trammell Hudson
0b20cb297c
Merge pull request #56 from zaolin/strip
...
Update cryptsetup and strip down.
2016-11-29 14:32:59 -05:00
Trammell Hudson
05056aefc0
include chmod ( fix #30 )
2016-11-29 14:29:38 -05:00
Philipp Deppenwiese
5fd61f3e52
Update cryptsetup module and strip it down
...
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
2016-11-29 20:24:01 +01:00
zaolin
ba01c24f46
Merge pull request #2 from osresearch/master
...
Merge
2016-11-29 19:48:56 +01:00
Trammell Hudson
e55a6a4df4
Rework Makefile a bit.
...
rename TARGET to BOARD (fix #55 )
use .INTERMEDIATE trick to avoid building multiple times (fix #52 )
Don't touch build/*/.config if we don't have to (fix #51 )
2016-11-29 11:28:05 -05:00
Trammell Hudson
4a83273744
disable ACPI on qemu boots, this fixes #53
2016-11-29 11:22:47 -05:00
Trammell Hudson
11b52e9a86
merge; start-xen had been relocated
2016-11-28 13:53:19 -05:00
zaolin
c51a73aa05
Merge pull request #1 from osresearch/master
...
check PGP signatures on xen, kernel and initrd (partial fix for #43 )
2016-11-24 03:57:01 +01:00
Trammell Hudson
4fbd6ca58b
Make coreboot building modular to support multiple boards.
...
This touches most of the module configurations since the
coreboot build process had to add a few new features.
The Linux kernel could make use of it as well if we need
separate x230/chell/qemu kernels, for instance.
2016-11-23 12:11:08 -05:00
Trammell Hudson
cc1c198810
ignore modified .config files
2016-11-23 12:10:40 -05:00
Trammell Hudson
638329709e
include find and compression tools
2016-11-23 10:47:04 -05:00
Trammell Hudson
3f444efe8c
formatting
2016-11-23 10:46:32 -05:00
Trammell Hudson
1414023e6e
include cryptsetup in build, will break 4M ROM images
2016-11-23 10:46:04 -05:00
Trammell Hudson
da2a6580ce
allow key file to be specified on command line
2016-11-23 10:45:39 -05:00
Trammell Hudson
9fb998bef0
check PGP signatures on xen, kernel and initrd (partial fix for #43 )
2016-11-03 16:45:50 -04:00
Trammell Hudson
e9e6d661d3
wrappers to seal/unseal drive encryption keys from the TPM
2016-10-28 04:59:51 -04:00
Trammell Hudson
eda28b5800
move start-xen so that it is in the path
2016-10-28 04:59:21 -04:00
Trammell Hudson
a281d6b8a5
fix default location for trusted keys
2016-10-28 04:58:57 -04:00
Trammell Hudson
5a5e7047c7
fix default location for trusted keys
2016-10-28 04:58:39 -04:00
Trammell Hudson
f65fe75823
simplify startup arguments for qubes r3.2
2016-10-28 04:57:11 -04:00
Trammell Hudson
9311428082
add /sbin paths
2016-10-26 15:11:12 -04:00
Trammell Hudson
16bad1abd4
enable aes-xts in Heads kernel (issue #44 )
2016-10-26 15:10:53 -04:00
Trammell Hudson
279d384885
check signatures on kernel, initramfs and xen (issue #43 )
2016-10-25 14:42:36 -04:00
Trammell Hudson
b818986cb2
ignore vdso fake library on fedora
2016-09-28 11:13:27 -04:00
Trammell Hudson
b30846379d
some frequently asked questions, with draft answers
2016-09-27 19:53:28 -04:00