Commit Graph

111 Commits

Author SHA1 Message Date
Trammell hudson
584c07042e
Merge branch 'generic_flashrom_script' of https://github.com/kylerankin/heads 2018-06-01 12:40:16 -04:00
Kyle Rankin
8d50b6a1ab
Add option to flash cleaned ROM to GUI 2018-05-28 11:38:04 -07:00
Kyle Rankin
8dc2f8602f
Add trivial word-wrapping for long output line 2018-05-23 16:14:44 -07:00
Francis Lam
736538a8a2
Add additional kernel command line options for ISO boot
Allows Qubes/Ubuntu/Fedora ISO media to be used by default
without a custom kexec_iso_add.txt config
2018-05-19 10:52:49 -07:00
Kyle Rankin
cfa6c3a374
Make x230 board option a glob to match x230-flash option 2018-05-18 14:04:00 -07:00
Francis Lam
c1be56c5ad
Separate trusted ISO signers from trusted config signers 2018-05-17 19:52:11 -07:00
Kyle Rankin
258420d75d
Add BIOS ROM editing features to flash GUI
In addition to being able to flash a ROM from the GUI, it would also be
useful for a user to be able to add a GPG key to their keyring using the
flashing tool. This change adds the ability for a user to edit both a
ROM located on a USB key and also edit the running BIOS by using
flashrom to make a local copy of the running BIOS, edit it, then reflash
it. This also supports the upcoming delete feature in CBFS for
circumstances where keyring files already exist within CBFS.
2018-05-17 15:31:23 -07:00
Kyle Rankin
a9bf4eb874
Add read mode to flash.sh
If we want to modify a running BIOS we will need the ability to pull
down the current BIOS, modify it, and then reflash. This change adds a
read option to flash.sh and pulls down three versions of the BIOS and
only exists successfully if all three match.
2018-05-15 16:24:24 -07:00
Kyle Rankin
b276e355d9
Re-add the flashrom script for kgpe-d16-openbmc 2018-05-11 14:23:48 -07:00
Kyle Rankin
3c88bc5d86
Split flash GUI into separate script
To keep the flash logic simpler the GUI logic has been split into a
flash-gui.sh program so flash.sh behaves closer to the original flashrom
scripts it was based from. I've also removed the previous flashrom
scripts and incorporated their options into flash.sh. Finally I set
CONFIG_BOARD via the Makefile instead of setting a duplicate option in
each board's config.
2018-05-11 14:08:31 -07:00
Kyle Rankin
89b008a042
Use explicit path for flash.sh 2018-05-11 12:32:04 -07:00
Kyle Rankin
45ae20fc12
Add generic flash script
Based on the conversation for PR #406, we decided to go with a more
generic script for general-purpose flashing instead of having individual
(and therefore very similar) flash scripts for each board type. This
script currently handles flashrom on Librem and X230 board types and
introduces a new CONFIG_BOARD option that sets specific flashrom
arguments based on the board.

It also adds support to gui-init to call this flash script.
2018-05-11 12:27:50 -07:00
Trammell hudson
9c95b4ed58
Merge branch 'usb-scan-gui' of https://github.com/kylerankin/heads 2018-05-07 11:24:56 -04:00
Trammell hudson
2ab90623f9
Merge branch 'word_wrap_whiptail' of https://github.com/kylerankin/heads 2018-05-07 11:23:58 -04:00
Francis Lam
bb0e13c24f
Add back flashrom support for KGPE-D16
Also fix up flashrom-x230.sh command only read bios area
2018-05-05 18:59:43 -07:00
Kyle Rankin
4fdbe88560
Allow lines to be wrapped closer to the edge 2018-05-03 10:45:45 -07:00
Kyle Rankin
f70fabd187
Add a whiptail GUI to usb-scan 2018-05-02 14:29:27 -07:00
Kyle Rankin
745d843f0d
Extend whiptail window to 90 columns wide
Wrapping text to 80 characters works but due to font size and padding
the maximum 80 character lines start to get truncated. Extending the
window to 90 characters will resolve this.
2018-05-01 15:20:35 -07:00
Kyle Rankin
480b01c278
Wrap an additional line that was missed in the first pass 2018-05-01 15:10:14 -07:00
Kyle Rankin
f26a14c20d
Wrap whiptail text that's over 80 characters
While the whiptail program wraps text appropriately based on column
size, the fbwhiptail program doesn't, leading to text that scrolls off
the window where it can no longer be read. This change wraps the longer
text output so it all fits.
2018-05-01 14:23:56 -07:00
Trammell hudson
8108e419fe
remove unused flashrom 0.9.9 patch and use new --ifd feature in its place (pr #370) 2018-04-30 17:16:06 -04:00
Trammell hudson
03a0e39bce
Merge branch 'skip_sig_checks' of https://github.com/kylerankin/heads 2018-04-30 16:39:20 -04:00
Trammell hudson
cd2325781c
Merge branch 'colorized_warning_error' of https://github.com/kylerankin/heads 2018-04-30 16:31:45 -04:00
Trammell hudson
05a36ce3d9
Merge branch 'skip_confirmation_on_force' of https://github.com/kylerankin/heads 2018-04-30 16:31:05 -04:00
Trammell hudson
7372595a20
Merge branch 'red_background_on_insecure_boot' of https://github.com/kylerankin/heads 2018-04-30 16:30:29 -04:00
Francis Lam
c0f3a4bb79
Read and measure an EFI file into initrd during init 2018-04-29 19:58:44 -07:00
Kyle Rankin
22a8d6f603
Colorize warning and error messages in fbwhiptail
Since fbwhiptail allows us to customize the background colors, we should
colorize warnings and error messages to provide a user with an
additional subtle cue that there might be a problem. I have added two
additional configuration options:

CONFIG_WARNING_BG_COLOR
CONFIG_ERROR_BG_COLOR

and in the librem13v2.config file you can see an example for how to set
them to be yellow and red gradients, respectively. I've also updated the
main two scripts that use whiptail to include those background colors.

If you decide to use regular whiptail, just don't set these config
options and it should behave as expected.
2018-04-25 13:21:56 -07:00
Francis Lam
1cbae3cc12
Preserve custom CBFS files on flashrom updates 2018-04-21 17:21:37 -07:00
Francis Lam
48ca75a482
Add "heads/" prefix to all Heads-related cbfs files
Needed to identify which files should be preserved between upgrades
such as "heads/initrd/*" or "heads/counter"
2018-04-20 15:11:12 -07:00
Kyle Rankin
a308bc97e4
Skip boot choice confirmation in "force" mode
When a user gets confirmation of their boot menu choice, that's largely
to give them the option of making their boot choice the default. In the
case of "force mode" there's no reason for the user to be presented with
that dialog so this change skips right ahead to the boot once they have
2018-04-20 14:11:49 -07:00
Francis Lam
8644a36488
Drop unnecessary flashtools.patch
Also added convenience call to import keys and removed credentials
2018-04-20 10:46:08 -07:00
Francis Lam
e0c1ab2d79
Update cbfs-init script for new cbfs tool option 2018-04-20 09:29:57 -07:00
Francis Lam
d0294b1142
Add all supported network modules to network-init-recovery
also fix verbiage in comments
2018-04-20 09:29:57 -07:00
Francis Lam
37feebdc76
Read and measure CBFS files into initrd during init 2018-04-20 09:29:57 -07:00
Kyle Rankin
c99d5a8437
Add red background to boot console for insecure "force" boot
In the event a user does pick the insecure "force" boot option that
bypasses checksum and signing checks in Heads, it would be nice to
provide a clear visual warning during the boot process that they are in
this state. This change will add a kernel argument that changes the boot
console background to be red and removes any boot splash that might
obscure it, in the event the user picks the insecure boot mode.

Since a user should only boot into this mode during emergencies, having
it be apparent that it's an unsafe mode helps ensure the user doesn't
pick this boot option needlessly.
2018-04-11 16:09:46 -07:00
Trammell hudson
0eff9914ea
Merge branch 'gui_for_changed_boot_entries' of https://github.com/kylerankin/heads 2018-04-10 15:44:49 -04:00
Kyle Rankin
d1e6dcb899
Fix tab on return line 2018-04-04 14:27:31 -07:00
Kyle Rankin
5434e0bdf2
Add a gui menu for changed boot entries
Currently when the boot entries change, kexec-select-boot dies. Given
the normal loop is set up to catch this event and display a regular boot
menu at the next iteration of the loop, instead of dying it would be
better to just warn and then return from that function back into the
main loop. In addition to that I added a GUI menu for the same warning
when in GUI mode.
2018-04-04 14:25:22 -07:00
Kyle Rankin
887c79065e
Add GUI package update handler w/ checksum update function
Part of the Heads workflow involves handling legitimate changes to /boot
as part of the package manager. This is a challenging workflow to handle
as package managers on many systems work in a completely unattended way
(and some even reboot first, apply updates, and then reboot again).

We need to be able to detect changes that are potentially caused by a
package manager so to do that I've set up a trigger within the OS
(currently just for Debian) that runs both before and after package
updates. It verifies the signatures in /boot and if they fail before
package updates it creates a log file in
/boot/kexec_package_trigger_pre.txt. If they fail after package updates
run /boot/kexec_package_trigger_post.txt is created. These files contain
the following fields:

CHANGED_FILES: A list of files in /boot that failed the sha256sum check
UPDATE_INITRAMFS_PACKAGE: An (optional) list of packages known to
trigger initramfs changes

Following those fields is a list of log output from the last package
manager run which contains its own formatted fields (I'm pulling from
/var/lib/dpkg/info).

When a user selects a boot option, gui-init first verifies the
checksums just to catch errors before calling kexec-select-boot. If
there are any errors it looks for these package logs and if they exist,
it displays appropriate warnings. If the files are absent it displays a
more generic warning. The user is also given an opportunity to re-sign
the /boot hashes.
2018-04-03 15:20:34 -07:00
Trammell hudson
83df25c5ab
Merge branch 'nested_menus' of https://github.com/kylerankin/heads 2018-03-29 17:32:08 -04:00
Kyle Rankin
35916d942b
Handle signing failures more gracefully with a dialog 2018-03-20 11:26:09 -07:00
Trammell hudson
e7697055a3
Merge branch 'init-changes' of https://github.com/flammit/heads 2018-03-15 17:16:13 -04:00
Kyle Rankin
eaaa1dad39
Fix tab alignment to conform with rest of script 2018-03-14 10:24:14 -07:00
Kyle Rankin
665754122d
Allow insecure boot mode to bypass kexec sig checks
There was a bug in the "force" boot mode where it would still fail if
signatures didn't match. This was because the check_config function
validates the signatures for kexec files. I've added a few conditionals
here so that in the case of a forced boot mode, we can bypass those
signature checks that would prevent boot and error out to a recovery
console.
2018-03-14 10:18:52 -07:00
Kyle Rankin
769f6a7a24
Create nested menus and add option to rehash/sign /boot
The number of options we want in the menu is starting to get large
enough that it's worth slimming things down in the main menu and move
options to nested menus. Along with this nested menu change is the
option to re-sign and re-hash files in /boot directly from the menu.
2018-03-14 10:14:22 -07:00
Francis Lam
e86123769b
Moved network init to a separate bootscript
Enabled recovery serial console (tested on kgpe-d16)
Minor fix to kexec-boot to correct xen boot
Remove busybox power utils
2018-03-10 15:40:07 -08:00
Kyle Rankin
dee52415fa
Add a menu option to reset TPM for bootstrapping. Widen menus.
One of the other core functions a user needs when bootstrapping is
taking over the TPM. I've added a new option in the menu for this and it
revealed that some of the menus needed more space so I've widened all
the menus and also made the main menu longer so the options don't
scroll.
2018-03-08 16:36:56 -08:00
Trammell hudson
9c9b5bcd2b
Merge branch 'add_gui_hash_alert' of https://github.com/kylerankin/heads 2018-03-08 14:41:44 -05:00
Trammell hudson
1043da2860
Merge branch 'add_force_boot_mode' of https://github.com/kylerankin/heads 2018-03-08 11:53:56 -05:00
Trammell hudson
091ae92b6f
Merge branch 'KGPE-D16_port_NoTPM' of https://github.com/tlaurion/heads 2018-03-08 01:13:16 -05:00