* overwriting a hotp secret is not possible anymore
* make sure to delete the hotp secret before setting a new one
* requires one additional user presence check during HOTP setup
* bump to v1.5
Signed-off-by: Markus Meissner <coder@safemailbox.de>
* remove all previous coreboot patches (as they are already included)
* to be investigated: linux trampoline patch
* add new patch to hardcode sleep configuration
* activate smmstore as dasharo vendor code requires it
Signed-off-by: Markus Meissner <coder@safemailbox.de>
- Upstream boards will not deactivate TPM DUK
- Upstream will not force BRAND_NAME which currently defaults to Heads
- Upstream will not deactivate Qr code on screen output on HOTP sealing
- Upstream will not offer OEM reset defaults (deprecated and now default anyway)
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
Allow downstreams to add config to site-local/config, which can set
config options, including overriding board config and exporting config
to /etc/config.
The intent of site-local is exactly the same as in coreboot - it is a
place for downstreams to add customizations that are included at well-
defined points in the build. site-local should never appear in the
upstream repository. coreboot's documentation explains this as well:
https://doc.coreboot.org/tutorial/managing_local_additions.html
Move definitions of ROM artifacts later, so site config can override
BRAND_NAME (and still is included after board config to override it as
well).
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
Move the targets generating talos-2's tgz update package to targets.
While this wasn't duplicated, it breaks a cyclic dependency between
board config and BRAND_NAME by moving the ROM output name dependencies
later. The logic probably would be shared with similar boards if any
were supported, so it is in the spirit of the other targets/ shared
target Makefiles.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
The 8 qemu-* targets all contained nearly-identical copies of the
targets to prepare the TPM/disk/etc. and then run Qemu. The only
significant differences were for TPM1/TPM2 (extra swtpm_setup step,
addition of --tpm2 to swtpm_setup and swtpm). ROOT_DISK_IMG used := or
= differently in some boards, := was kept.
targets/qemu.mk now defines all Qemu targets and is included only for
qemu-* boards (by defining BOARD_TARGETS in each of those boards).
The documentation was moved from qemu-coreboot-fbwhiptail-tpm1-hotp/
qemu-coreboot-fbwhiptail-tpm1-htop.md to targets/qemu.md. The other 7
qemu boards' symlinks to that file were removed.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
Change order if user chooses both reencrypt and change passphrase, so that passphrase is changed first.
Signed-off-by: Christian Foerster <christian.foerster@mailfence.com>
Removed all mentions of a "Recovery Disk Key" and replaced with "Disk Recovery Key".
Fixed some grammatical errors.
Added check for new passphrase in reencrypt function to accommodate switching of reencrypt and new passphrase setting order in oem-factory-reset.
Signed-off-by: Christian Foerster <christian.foerster@mailfence.com>
Uses fold on the entire passphrase string now; tested in recovery shell of NK Heads 2.1.
Reverted change of WIDTH parameter (first commit of this PR).
Signed-off-by: Christian Foerster <christian.foerster@mailfence.com>
This partially fixes#1537, but while the increased width wouldn't be a problem on the NV41 AFAICT, I don't know about other machines.
I don't know what @tlaurion means with "busybox's folding", which may be a better solution.
Signed-off-by: Christian Foerster <christian.foerster@mailfence.com>
The call to `hotp_verification regenerate` seems to leave the
communication in a bad state, thus the following `gpg` calls fail. With
this workaround `scdaemon` will resart with the next `gpg` call.
Signed-off-by: Markus Meissner <coder@safemailbox.de>
Taken from : https://github.com/Nitrokey/heads/tree/temp-release-v2.3
- Move branding/Heads/bootsplash-1024x768.jpg -> branding/Heads/bootsplash.jpg (We don't care about the size. Make filename generic)
- Adapt all coreboot configs so bootsplash is adapted by BRAND_NAME CONFIG_BOOTSPLASH_FILE="@BRAND_DIR@/bootsplash.jpg"
- Reminders :
- Makefile changes Heads to defined BRAND_NAME in board config
- Makefile changes -e 's!@BRAND_DIR@!$(pwd)/branding/$(BRAND_NAME)!g'
- nv41/nv50
- coreboot oldefconfigs adapted by:
- make BOARD=nitropad-ns50 coreboot.modify_and_save_oldconfig_in_place
- make BOARD=nitropad-nv41 coreboot.modify_and_save_oldconfig_in_place
- linux oldefconfigs adapted by
- make BOARD=nitropad-nv41 linux.modify_and_save_oldconfig_in_place
- since this is shared config across nv41/ns50: it only needs to be done for a single board
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
Touches c216, x230-flash, x230-legacy and x230-maximized.
TODO: Other boards, including AMD ones (qemu/kgpe) have this ON, including nv41/ns50 (which uses i915drm which most probably causes problems)
Note that qemu boards use q35 in config, but were made to have both i440fx and q35, where q35 is tested, which explains why its on by default there.
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
- Closes https://github.com/linuxboot/heads/pull/1452
- coreboot: Take Talos II 0.7 release coreboot config file that was inside of cbfs and use it as a base upstream.
- linux: Readd sysctl and proc requirements for cbmem to work.
TODO: fix gpg2 module so that the following doesn't happen (a ppc64 thing. Can't figure out why):
```
Adding generated key to current firmware and re-flashing...
Board talos-2 detected, continuing...
37281653053696daf2e40a8efe9451b557d9d6ab586830dc85f814bf2e03a05f /tmp/talos-2.rom
Initializing Flash Programmer
Reading old flash contents. Please wait...
Flashing: [##################################################\] (100%)
Verifying flash contents. Please wait...
The flash contents were verified and the image was flashed correctly.
Signing boot files and generating checksums...
180726119: 000E452213510000005A
gpg: error running '//bin/dirmngr': probably not installed
gpg: failed to start dirmngr '//bin/dirmngr': Configuration error
gpg: can't connect to the dirmngr: Configuration error
gpg: no default secret key: No dirmngr
gpg: signing failed: No dirmngr
```
dirmngr is deactivated per configure statement --disable-dirmngr, and works as expected on x86
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
talos-2 builds its own tgz update package that is not currently
integrated with the zip method. While the zip method right now would
theoretically if the tgz was inside it, this would have to be hooked
up for talos-2 specifically.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
Only add the update package to all if it is actually being built, fixes
default target with CONFIG_LEGACY_FLASH=y.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
The only purpose of legacy flash boards is to be flashed over vendor
firmware using an exploit, to then flash non-maximized Heads firmware.
They are never upgraded to another legacy flash build, and they move
the coreboot ROM from the build directory, so don't build an update
package for those boards.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
