Commit Graph

1286 Commits

Author SHA1 Message Date
Matt DeVillier
0d51b62ebb
gpg-gui: add option to replace existing key(s)
Introduce option to remove any existing key(s) from firmware
and add a user-suppled key, before reflashing.

Move existing code for adding a new key to a separate function
so it can be reused for new feature without duplication.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-12 11:51:19 -05:00
Matt DeVillier
b1d57dac66
gui-init: retry mounting /boot after device changed
If CONFIG_BOOT_DEV isn't set or otherwise fails to mount,
we prompt the user to change the /boot device, but never
attempt to mount it to ensure it's sane, leading to
potential failures later in the config/boot process.

Ensure that CONFIG_BOOT_DEV is updated after the /boot device
is changed, and attempt to re-mount /boot after the change.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-12 11:51:19 -05:00
Matt DeVillier
57c4207bf8
gpg_flash_rom: persist user config when flashing
If the user has changed the /boot config but not yet flashed,
it's reasonable for them to expect that flashing to add/update
a GPG key won't revert those changes.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-12 11:51:19 -05:00
Matt DeVillier
6fc5571289
boards/librem15v[3,4]: add missing background colors
The error/warning background gradient colors were defined
for the librem 13 boards, but not for the librem 15 ones.
Add the missing exports.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-12 11:51:18 -05:00
Matt DeVillier
a9e494f670
gpg-gui: prompt user to update checksums after adding key
In order to streamline the initial setup, prompt user to
update checksums/sign /boot files after adding a key and
updating the firmware, in order to avoid an extra reboot.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-12 11:51:18 -05:00
Matt DeVillier
ed2f19d862
gui-init: move update_checksums() to /etc/functions
Move the non-GUI component of update_checksums() to
/etc/functions so it can be reused outside of gui-init.

Add check that /boot/kexec_default_hashes.txt exists before parsing
it, since doesn't exist if there's no default boot target set yet.
Eliminates spurious error text and/or premature exit depending on
state of errexit.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-12 11:51:18 -05:00
Matt DeVillier
db5d282a7b
seal-libremkey: add newlines for readability
improve readability of console output by adding newlines as needed

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-12 11:51:17 -05:00
Matt DeVillier
94f7f98022
gui-init: update Settings, Boot Options menu text
'Options' makes more sense than 'Settings' given the submenu's contents.
Tidy up Boot Options as well

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-07-12 11:51:17 -05:00
Kyle Rankin
20d79f5ab5
Merge pull request #589 from MrChromebox/small_fixes
Small fixes
2019-06-25 08:52:06 -07:00
Kyle Rankin
a29c10ad51
Merge pull request #588 from MrChromebox/hotp_fixes
HOTP fixes
2019-06-25 08:48:42 -07:00
Matt DeVillier
6cfbc86618
initrd: don't mount efivars fs on non-linuxboot systems
it doesn't exist and produces a spurious error on Heads systems

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-06-25 10:07:10 -05:00
Matt DeVillier
4a85c85336
gui-init: load USB modules at startup
ensures external USB keyboards are accessible

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-06-25 10:06:52 -05:00
Matt DeVillier
2686c836c6
gui-init: ensure /boot is sane first thing
Before anything else, ensure that a default boot device
is set. If not, prompt the user to set one.  If set, ensure
that /boot can be mounted successfully; else prompt the
user to select a new boot device.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-06-25 10:06:30 -05:00
Matt DeVillier
f772f2d088
unseal-hotp: ensure /boot mounted before checking HOTP secret
If /boot isn't mounted, we can't read the HOTP secret, so no
point in reading from the TPM. This speeds up getting to the
main menu in the case of an inaccessible or non-existant /boot,
and maintains the warning condition from not being able to
validate the HOTP.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-06-25 10:04:03 -05:00
Matt DeVillier
65d669d408
Skip prompt to set default boot when booting from USB
Since a USB boot target can't be the default (at least currently,
/boot must be on internal media), skip the extraneous prompt to
set it as such when booting from USB.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-06-25 10:01:18 -05:00
Matt DeVillier
3306dbb66d
flash-gui: clean up ROM list
Exclude dot folders from ROM search path, so that files in
.Trash (eg) aren't shown. Sort the remaining options.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-06-25 10:00:54 -05:00
Matt DeVillier
e0e0019250
kexec-select-boot: correct order of USB boot options
Using sort on USB boot options produces a reverse-ordered list,
leading users to often select the wrong option.  Add the -r
parameter to sort to correct the list order and make the default
option the first in the list.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-06-25 09:57:24 -05:00
Matt DeVillier
5eb758711d
unseal-hotp: fix/rename mount_boot()
Because of the way unseal-hotp is called from gui-init,
dropping to a recovery shell when failing to mount /boot
causes it to hang, leaving the user stranded until they
kill it with CTRL+C. Instead, simply return and continue
to the main GUI menu where the user can address the problem.

Rename the function to clarify difference from other versions
of mount_boot() which do drop to the recovery shell.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-06-25 09:57:02 -05:00
Matt DeVillier
77949c9cff
libremkey_hotp_initialize: handle spaces in admin pin/pass
Fix HOTP verfication failure if LK admin pin/passphrase contains
spaces by quoting the variables when passed to functions.

Test: set LK admin pin to passphrase with spaces, generate
new TOTP/HOTP, verification passes.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-06-24 23:30:39 -05:00
Matt DeVillier
286303d95c
libremkey-hotp-verification: pass in key file directly
Reading the file into a variable and then redirecting to stdin
via echo() can cause the binary data to be truncated, leading
to an invalid base32 value and failure to properly generate
and validate the HOTP code.

To resolve this, pass the file directly to hotp(), and ensure
it is removed properly regardless of success or failure to
prevent leakage.

Fixes "Invalid base32 string" error seen when attempting to
generate a new TOTP secret.

Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
2019-06-24 23:29:06 -05:00
Kyle Rankin
f4b5ea9d04
Merge pull request #576 from merge/power_off_gui
gui-init: reorder, simplify main menu entries and add Power Off entry
2019-05-27 09:27:50 -07:00
Martin Kepplinger
186895d414 gui-init: move Refresh TOTP/HOTP to the Main Boot Menu
also, rename the current menu entry to being smaller and simpler.

Closes #574
2019-05-27 11:12:50 +02:00
Martin Kepplinger
e203de9669 gui-init: rename Advanced Settings to Settings
Since there are no other settings to choose from, there don't have to
be "advanced" ones.
2019-05-25 10:40:50 +02:00
Martin Kepplinger
0dc8d9f82e gui-init: move Exit to Shell menu entry under Advanced Settings
Exiting the GUI to a shell is not expected to be part of our users'
everyday workflow, and thus this menu entry doesn't have to be on
the main page.
2019-05-25 10:30:18 +02:00
Martin Kepplinger
fbe39745b4 gui-init: add Power Off to the Main Boot Menu
Add a main boot menu entry to power off. This enables users to
only verify the firmware integrity using OTP, and do nothing more.

After having left the device out of sight, one might want to do
a quick sanity check only.

Since we already have a script to safely power down, we make use of
it now.
2019-05-24 11:36:49 +02:00
Martin Kepplinger
7bc90cd8a2 initrd: remove unused keylime-init
Besides the fact that keylime-init uses a local network location for
downloading something, it is unused. Remove dead code. Was is this
anyways?
2019-05-24 09:52:23 +02:00
tlaurion
eb31354085
Merge pull request #573 from merge/x230-flash-command-fix
initrd: x230-flash: fix commandline instructions for flashing
2019-05-23 23:21:53 -04:00
Martin Kepplinger
00bf4740e3 initrd: x230-flash: fix commandline instructions for flashing
flashrom-x230.sh is now flash.sh
2019-05-23 13:10:53 +02:00
tlaurion
26b9c4ce59
Merge pull request #567 from merge/git_submodule_checkout
Makefile: add submodule checkout after git cloning coreboot
2019-05-22 13:48:27 -04:00
tlaurion
33bc720236
Merge pull request #570 from merge/x220_build_instruction_fix
blobs/x220: fix build instruction
2019-05-22 13:47:56 -04:00
Martin Kepplinger
6a28462794 blobs/x220: fix build instruction 2019-05-22 10:40:02 +02:00
tlaurion
cccb846a4c
Merge pull request #565 from merge/linux_remove_debug
config/linux-x230: remove debug symbols
2019-05-22 00:13:24 -04:00
tlaurion
e6cfe38797
Strip README.md of outdated instructions
- dm-verity related instruction stripped (see https://github.com/osresearch/heads-wiki/issues/26)
- stripped Xen parts saying it needed to be patched. Was resolved by patching kexec instead of Xen (https://github.com/osresearch/heads/issues/227#issuecomment-369043638)
- Added a link to heads-wiki for documentation needs
2019-05-21 13:23:59 -04:00
Martin Kepplinger
ae916cbd91 Makefile: add submodule checkout after git cloning coreboot
Right now all git submodules are left behind on a git clone. Add
git submodule update --init --checkout according to the docs, see
https://www.coreboot.org/Build_HOWTO
2019-05-21 13:35:50 +02:00
Martin Kepplinger
a4effd9167 config/linux-x230: remove debug symbols
Remove debug symbols and dynamic debug support from Linux. This reduces
our resulting bzImage by 100K.

This should help when size becomes even more limited, see #562
2019-05-20 13:47:20 +02:00
tlaurion
08ad2d4d20
Merge pull request #559 from heads105/fc30kexec2
Parse grub config files for Fedora 29/30
2019-05-03 09:20:22 -04:00
paul
73c6f3fcc0 Parse grub config files for Fedora 29/30 2019-05-02 22:23:59 +01:00
tlaurion
124ae916f4
Merge pull request #558 from tlaurion/reverse_fedora_30_breaks_qubes
Revert "Support Fedora 30 boot configuration"
2019-05-01 15:32:35 -04:00
Thierry Laurion
260507cafd
Revert "Support Fedora 30 boot configuration"
This reverts commit bc5343c626.
2019-05-01 14:26:15 -04:00
tlaurion
ca067385bd
Merge pull request #546 from kylerankin/add_gpg_sc_keygen
Add GPG smartcard keygen feature
2019-05-01 09:07:25 -04:00
tlaurion
fe9807cb1f
Merge pull request #557 from heads105/fc30kexec
kexec-select-boot not compatible with Fedora 30
2019-05-01 09:06:52 -04:00
paul
bc5343c626 Support Fedora 30 boot configuration 2019-04-30 12:32:30 +01:00
paul
9c18962f41 Enable busybox loadkmap command 2019-04-29 15:36:25 +01:00
tlaurion
cd92b2d585
Merge pull request #554 from tlaurion/pinentry_remove_gtk_gnome3
Fedora 30 fix for pinentry: remove gtk and gnome3 support. 

Tested on fedora-29 clean build and fedora-30 beta. Good enough.
2019-04-27 13:42:41 -04:00
tlaurion
6080219d85
tabs required instead of spaces... 2019-04-27 13:40:12 -04:00
Thierry Laurion
a15504b414
Fedora 30 fix for pinentry: remove gtk and gnome3 support. TODO: remove all unneeded config options for ALL modules 2019-04-27 13:36:05 -04:00
tlaurion
dac412a798
Merge pull request #548 from kylerankin/add_dynamic_usb_detection
Detect USB disk dynamically
2019-04-23 15:59:26 -04:00
tlaurion
decffe8e15
Merge pull request #457 from osresearch/make-4.2.1
Make 4.2.1, hashes, external coreboot crossgcc, circleci and other fixes
2019-04-22 21:55:54 -04:00
tlaurion
64c830e652
Merge branch 'master' into make-4.2.1 2019-04-22 21:53:43 -04:00
tlaurion
2ebf8e2c1a
Merge pull request #549 from kylerankin/flash_script_ui
Improve flash GUI documentation
2019-04-20 22:48:27 -04:00