Commit Graph

1162 Commits

Author SHA1 Message Date
Kyle Rankin
cfddb4ed2e
Add GPG GUI
It makes more logical sense for GPG functions to be split out into their
own menu instead of being part of the "Flash" menu. This creates a
gpg-gui.sh script and moves GPG options there while adding a few
additional features (like listing keys and initial smartcard key
generation support).
2019-02-19 06:48:08 -08:00
Christopher A. Williamson
6794e9cdb5 Add support for EXT2 (via the EXT4 driver) 2019-02-19 13:49:06 +00:00
Thierry Laurion
1bb8184143
qemu-coreboot board: switch back to generic init in non-FBWhiptail mode 2019-02-18 21:10:45 -05:00
tlaurion
50172f21e5
Merge pull request #527 from flammit/qemu-gui-init
qemu-coreboot: change configs to enable gui-init testing
2019-02-17 08:50:14 -05:00
tlaurion
ee3d96b4b0
Merge pull request #525 from MrChromebox/librem_iommu
Fix Purism Librem IOMMU support
2019-02-15 19:27:28 -05:00
Kyle Rankin
cd5d0a0c4b
Remove "pipefail" so unmatched greps don't cause script to exit 2019-02-15 10:16:43 -08:00
Matt DeVillier
90ec5e9e2a boards/librem*: replace iommu=pt with intel_iommu=on
With addition of IOMMU/RMRR patches, passthru is no longer needed
for proper IOMMU functionality

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-02-12 17:09:56 -06:00
Matt DeVillier
988724c39d configs/coreboot/librem*: remove iommu=pt from linux cmd line
No longer needed with addition of IOMMU/RMRR patches

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-02-12 17:09:56 -06:00
Matt DeVillier
f5355815d9 patches/coreboot: add proper IOMMU/RMRR support
These two patches add the capability for coreboot to generate
the RMRR ACPI tables needed for proper IOMMU support. These
patches allow us to use 'intel_iommu=on' vs 'iommu=pt'

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-02-12 17:09:56 -06:00
Kyle Rankin
a6e978911a
Merge pull request #524 from MrChromebox/librem_v4
Add Purism Librem v4 support
2019-02-12 15:05:24 -08:00
Matt DeVillier
398f75f19f heads/config: add librem 13v4/15v4 as clones of 13v2/15v3
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-02-12 16:46:50 -06:00
Matt DeVillier
9aaa25c882 coreboot/config: add librem 13v4/15v4 as clones of 13v2/15v3
Adjust blobs paths for kbl vs skl, adjust board names

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-02-12 16:32:04 -06:00
Matt DeVillier
da2d267220 patches/coreboot: add support for librem 13v4/15v4 boards
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-02-12 16:32:04 -06:00
Matt DeVillier
81bf58d96d blobs/librem_kbl: clone from librem_skl, adjust for v4
Librem 13v4/15v4 use Kabylake SoC, have different set of blobs
required from Skylake-based v3 boards.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-02-12 16:32:04 -06:00
Matt DeVillier
428561c11e librem_skl/readme: remove reference to 15v4
15v4 isn't a skylake-based device

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-02-12 16:32:04 -06:00
Kyle Rankin
c31421218a
Add GPG GUI
It makes more logical sense for GPG functions to be split out into their
own menu instead of being part of the "Flash" menu. This creates a
gpg-gui.sh script and moves GPG options there while adding a few
additional features (like listing keys and initial smartcard key
generation support).
2019-02-11 14:29:13 -08:00
tlaurion
f0067d4b5c
Merge pull request #518 from tlaurion/gpg2_missing_sed
GPG2 branch required sed
2019-02-10 10:19:02 -05:00
Thierry Laurion
be12506d7c
GPG2 branch required sed
sed is required to import owner trust information in trustdb when keys are imported into pubkey.kbx/pubkey.gpg
2019-02-09 12:15:20 -05:00
tlaurion
564f3ee201
Merge pull request #490 from kylerankin/add_empty_keyring_detection
Add empty keyring detection, clean up main menu
2019-02-08 15:01:28 -05:00
tlaurion
98598e7f2f
Merge pull request #465 from merge/x230-gui
x230: use fbwhiptail and gui-init instead of generic-init
2019-02-08 13:32:22 -05:00
tlaurion
eafb47065f
Merge pull request #510 from tlaurion/gpg2
Gpg2 with all fixes included
2019-02-08 13:31:21 -05:00
tlaurion
695993b593
Merge branch 'master' into gpg2 2019-02-08 13:29:02 -05:00
tlaurion
aef5753373
Merge pull request #494 from kylerankin/add_config_gui
Add GUI to change /etc/config configuration options
2019-02-08 13:28:06 -05:00
Kyle Rankin
181c621c84
Touch /tmp/config when entering recovery mode 2019-02-08 10:25:12 -08:00
tlaurion
0cc827cea4
Merge pull request #424 from merge/master
x230: remove 4M and 8M split-images from the build
2019-02-08 13:12:07 -05:00
tlaurion
71b919cc06
Merge pull request #486 from flammit/cairo-repro
cairo: restore build reproducibility
2019-02-08 13:09:35 -05:00
Thierry Laurion
005a19eeda
properly deal with trusting keys to supress UX confusion about trusted keys
key-init makes sure trustdb is updated at run time and user and distro keys are ultimately trusted. Each time a file is signed, the related public key is showed without error on it's trustability.
flash-gui deals with gpg1 to gpg2 migration. If pubring.kbx is found, pubring.gpg is deleted from running rom dump.
2019-02-08 12:38:38 -05:00
Martin Kepplinger
ae40892205 x230: use fbwhiptail and gui-init instead of generic-init
This changes Heads' bootscript for the x230 to gui-init and adds config
options needed for it. The config is very similar to the librem13v2 config.

My comparison of startup-time from a power-button press shows 2.5 seconds
more with these changes applied.

That said, the experience is smooth, the GUI is beautiful and easier to use
than the shell and text menu, especially during setup. That's what we
buy with startup time here.
2019-02-07 21:06:44 +01:00
Thierry Laurion
8dd1082808
module/pinentry: disable-pinentry-qt instead of qt5
else:
make[4]: Entering directory '/home/user/heads/build/pinentry-1.1.0/qt'
g++ -DHAVE_CONFIG_H -I. -I..  -I//include -I//include  -I.. -I../secmem  -I../pinentry -Wall -I/home/user/heads/install/usr/include -I/home/user/heads/install/usr/include/QtCore -I/home/user/heads/install/usr/include/QtGui -DQT_SHARED  -g -O2 -MT pinentrydialog.o -MD -MP -MF .deps/pinentrydialog.Tpo -c -o pinentrydialog.o pinentrydialog.cpp
In file included from pinentrydialog.cpp:24:
pinentrydialog.h:27:10: fatal error: QDialog: No such file or directory
2019-01-29 11:18:14 -05:00
Thierry Laurion
5eee5aa296
GPG2 required changes for key and trustdb generation and inclusion in rom
.ash_history: add examples to generate keys and otrust in rom
flash-gui: export otrust and import it in rom
key-init: import otrust.txt if present to supress warning about user public key being untrusted
2019-01-29 11:18:11 -05:00
Thierry Laurion
4f75da7ea7
Removing CONFIG_GPG in librem boards 2019-01-29 11:18:07 -05:00
Itay Grudev
3bc79495bb
Disabled libsecret support in the pinentry module 2019-01-29 11:16:26 -05:00
Itay Grudev
92c547c0d4
Enabled GPG2 in the Librem board config 2019-01-29 11:16:23 -05:00
Jason Andryuk
ca3a5fd2eb
Set GPG_TTY before calling gpg in key-init
gpg2 needs GPG_TTY set to function properly.  We set it in /init so it
is inherited by all children.  The call to $(tty) must be after /dev and
(preferably) /dev/pts are mounted.

Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
2019-01-29 11:16:19 -05:00
Thierry Laurion
75c11481f6
Port gpg1 patch to gpg2 to force crosscompiling and output to stderr. 2019-01-29 11:16:16 -05:00
Thierry Laurion
46ddc20f74
instruct gpg to use gpg-agent. 2019-01-29 11:16:13 -05:00
Thierry Laurion
fb3e2066b8
GPG_TTY is forced to /dev/console under init. Ash console is never called; trying to get console tty from the tty returns "no console". NEEDs BETTER FIX. 2019-01-29 11:15:48 -05:00
tlaurion
7b68b1ea9d
Merge pull request #512 from kylerankin/update_blob_links
Update ME repository links/filenames/hashes
2019-01-28 22:05:36 -05:00
Kyle Rankin
c77b560300
Update ME repository links/filenames/hashes
The current links to the ME blob have expired. This updates the links
along with the resulting file names and hashes.
2019-01-28 09:26:23 -08:00
tlaurion
edb9cd615b
Merge pull request #508 from shamen123/patch-1
remove CONFIG_GPG=y
2019-01-27 07:27:54 -05:00
Thierry Laurion
44d566a72a
pinentry-tty path needs to be known from gpg-agent 2019-01-26 11:51:59 -05:00
Thierry Laurion
6335ece902
gpg2 pubring extension change from gpg to kbx 2019-01-26 11:51:56 -05:00
Trammell Hudson
e5a739e54c
use /bin for libexecdir and disable curses pinentry 2019-01-26 11:51:54 -05:00
Thierry Laurion
8ba3c33402
required changes to apply on top of osresearch/gpg2 for gpg2 to actually work, tools and libs updated to latest versions 2019-01-26 11:51:51 -05:00
Trammell hudson
82701fb10f
typo on pinentry 2019-01-26 11:51:47 -05:00
Trammell hudson
c261907ee6
gpg2 pinentry program is required for passwords or PINs 2019-01-26 11:51:41 -05:00
tlaurion
49269f2bb4
gpg2 library fixes 2019-01-26 11:51:17 -05:00
Trammell hudson
b89ed83af6
enable Unix Domain sockets for gpg-agent 2019-01-26 11:49:27 -05:00
Trammell hudson
b1736d7cb3
use full version names on output libraries 2019-01-26 11:48:26 -05:00
Trammell hudson
d61587c179
switch to gpg2 for qemu targets 2019-01-26 11:47:53 -05:00