ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-18 20:47:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
1,286 Commits 27 Branches 6 Tags 21 MiB
ed0a8c14e8
Commit Graph

1286 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Matt DeVillier
5cb45bbc99
Revert "upgrade gpg toolstack to latest versions" 
This reverts commit 972c25de7d.

This commit broke OEM factory reset functionality, so revert it
until the issue can be properly diagnosed.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
 2020-07-07 17:50:45 -05:00
Alexander Paetzelt
6fe409aaf3 Still need the exported pubkey file 2020-07-07 11:16:18 +02:00
Alexander Paetzelt
43971dc029 Make export to USB drive an option 2020-07-07 10:32:22 +02:00
tlaurion
54cb664ffc
Merge pull request #767 from MrChromebox/sysinfo_fixes 
gui-init: Fix RAM and firmware version strings
 2020-07-01 15:03:10 -04:00
Matt DeVillier
cdbd0fcf2a
gui-init: Fix RAM and firmware version strings 
Show RAM in GB, since the calculation in MB is imprecise as
it excludes RAM allocated for GPU (eg).

Fix display of firmware version strings which contain spaces by
adjusting cut and simply chopping off the date at the end, which
is a fixed 10-char length.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
 2020-07-01 13:42:10 -05:00
alex-nitrokey
19cd15cf96
Remove gnupg pubkey export in oem-factory-reset 
Since #758 is merged, users have a option to export GnuPG pubkey if
necessary. Thus, we they do not need to insert a USB drive during
factory reset. Until now the whole process failed just because a user
did not provide a USB drive instead.

This shall be fixed by this commit
 2020-06-30 19:16:10 +02:00
alex-nitrokey
30236ffbaa
Delete AES keys of Nitrokey Storage after reset 
If smartcard Nitrokey Storage was factory-reset, we delete AES keys on
it as well.

Explaination: After oem-factory-reset was started the AES on the Nitrokey Storage that is used for the encrypted volume and the password safe is is not usable anymore because the smart card was factory-reset. To make it usable, a user needs to delete it via Nitrokey App. By doing so, the HOTP secret is deleted as well, resulting in a bad warning in Heads. Therefore, we are resetting AES key right after factory-reset with hotp_verification
 2020-06-30 18:29:42 +02:00
alex-nitrokey
e0f0655b5d
Merge branch 'hotp-neutral' into storage-factoryreset 2020-06-30 16:17:51 +02:00
Szczepan Zalega
9c9edb0cfc
Remove pkg-config and git version use 2020-06-30 16:00:04 +02:00
Szczepan Zalega
d3d4529545
GitlabCI: reset cache, and investigate 
Calculate the uncompressed used cache space
Decrease retry count
 2020-06-30 13:45:21 +02:00
alex-nitrokey
84b2f9b540
Re-arrange the order of label and device 2020-06-30 09:28:35 +02:00
tlaurion
8dc5b7616a
Merge pull request #756 from tlaurion/x230-hotp-verification_CBFS_fix 
x230-htop-verification: coreboot CBFS_SIZE changed to 0x710000
 2020-06-28 15:59:22 -04:00
tlaurion
d579e731b9
Merge pull request #659 from MrChromebox/mount-usb-status 
mount-usb: provide useful output when loading kernel modules
 2020-06-28 15:30:16 -04:00
tlaurion
94476bb470
Merge pull request #747 from MrChromebox/factory_reset_no_tpm 
oem-factory-reset: Handle non-TPM case
 2020-06-28 15:26:16 -04:00
tlaurion
cc572f4c68
Merge pull request #758 from Nitrokey/gpg-export 
Add option to export pubkey
 2020-06-28 15:08:36 -04:00
tlaurion
e6037a217e
Merge pull request #760 from Nitrokey/menu-systeminfo 
Add systeminfo menu option
 2020-06-28 15:04:41 -04:00
alex-nitrokey
53dc659c01
Replace libremkey_htop_* by hotp_* 2020-06-25 15:35:47 +02:00
alex-nitrokey
e418ecbf71
Fix MEMTOTAL calculation 2020-06-25 10:41:01 +02:00
alex-nitrokey
481082f2d8
Include adaption of @MrChromebox 
See
5a3f599233
 2020-06-25 10:40:25 +02:00
alex-nitrokey
20b07dd1b3
swap label and device and minor formatting change 2020-06-25 09:46:11 +02:00
alex-nitrokey
c2a2134eb2
Merge remote-tracking branch 'upstream/master' into hotp-neutral 2020-06-24 18:22:13 +02:00
alex-nitrokey
73c9d6efc8
Merge branch 'hotp-verification-update' into hotp-neutral-merge 2020-06-24 18:17:54 +02:00
alex-nitrokey
fecb9cfd80
Rename CONFIG_HOTP_BRANDING to HOTP_BRANDING 
reason: it not a config option anymore
 2020-06-24 18:12:56 +02:00
alex-nitrokey
2fe946ccbe
Fix termonology 2020-06-24 17:54:39 +02:00
alex-nitrokey
3236f0e170
Change name seal-libremkey -> seal-hotpkey 2020-06-24 17:45:08 +02:00
alex-nitrokey
5867fc516c
Store HOTP USB Security Key branding in /boot 2020-06-24 17:40:49 +02:00
alex-nitrokey
92b1826537
/boot needs to get mounted first 2020-06-24 17:36:53 +02:00
alex-nitrokey
aab2c327e3
Fix warning box title 2020-06-24 17:25:39 +02:00
alex-nitrokey
38ba257063
Include upstream updates of hotp_verification 2020-06-24 16:31:22 +02:00
alex-nitrokey
407778eb9a
Remove unintented paranthesis 2020-06-24 16:16:03 +02:00
alex-nitrokey
53b67d27a4
Prepare usage of /boot/kexec_hotp_key as branding 2020-06-24 16:11:41 +02:00
alex-nitrokey
c07f3b7f7c
Add systeminfo menu option 2020-06-24 10:07:36 +02:00
alex-nitrokey
6d29ab71f9
dd partition Label to menu list 2020-06-24 09:44:50 +02:00
alex-nitrokey
2763711083
Add option to export pubkey 2020-06-23 15:32:51 +02:00
Thierry Laurion
9798cf9c66
x230-htop-verification: coreboot CBFS_SIZE changed to 0x710000 
as per https://github.com/osresearch/heads/pull/748/files#diff-540d604c350e8fd52c25559b642795fbR5
 2020-06-20 11:04:32 -04:00
tlaurion
05c854753c
Merge pull request #625 from MrChromebox/tpm_luks 
kexec-save-default: guard TPM LUKS usage with config option
 2020-06-18 23:08:54 -04:00
tlaurion
fab603153b
Merge pull request #646 from alex-nitrokey/custom-userinfo 
Add option to choose GnuPG userinfo during OEM reset
 2020-06-17 14:00:31 -04:00
alex-nitrokey
28735a8c84
Add CONFIG_HOTP_BRANDING 2020-06-11 17:04:03 +02:00
alex-nitrokey
4069619ead
Rename libremkey-hotp-verification module 2020-06-11 15:54:10 +02:00
alex-nitrokey
fc8c7b0e64
Merge branch 'hotp-verification-update' into hotp-neutral 2020-06-11 15:44:53 +02:00
alex-nitrokey
342431746d
Quick fix to build 2020-06-11 15:39:12 +02:00
alex-nitrokey
1ba73ac1d5
Rename CONFIG_LIBREMKEY to CONFIG_HOTPKEY 2020-06-11 15:29:51 +02:00
Matt DeVillier
cbad9b6637
oem-factory-reset: Handle non-TPM case 
Guard TPM-related bits by checking CONFIG_TPM = y

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
 2020-06-09 12:45:39 -05:00
alex-nitrokey
0e349c565e
Update hotp-verification 2020-06-09 18:42:55 +02:00
Matt DeVillier
0cae2d7805
kexec-save-default: guard TPM LUKS usage with config option 
Add CONFIG_TPM_NO_LUKS_DISK_UNLOCK to allow Librem boards to opt
out of using TPM to store LUKS key, and use it to guard the user
option to add the disk encryption key to the TPM.

Select this option for all Librem boards; all other boards which
select CONFIG_TPM=y will have no change in functionality.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
 2020-06-08 11:40:55 -05:00
tlaurion
3dbf1f5f39
Merge pull request #744 from tlaurion/CIs_reusable_cache_typo_fix 
CircleCI: fix save_cache (save and restore were not identical)
 2020-06-08 09:43:35 -04:00
tlaurion
53071ce183
CircleCI: fix typos (save_cache and restore_cache not identical) 2020-06-08 09:42:01 -04:00
tlaurion
872ac38fbb
Merge pull request #743 from tlaurion/CIs_reusable_cache_fix 
CircleCI: fix save_cache
 2020-06-07 21:57:20 -04:00
tlaurion
7941dac328
CIs: Replace cache fingerprints so cache is reusable between builds (fix save_cache) 2020-06-07 21:55:45 -04:00
tlaurion
27fe438261
Merge pull request #742 from tlaurion/CIs_reusable_cache 
CIs: Replace cache fingerprints so cache is reusable between builds
 2020-06-07 17:00:24 -04:00