A minimal Linux that runs as a coreboot or LinuxBoot ROM payload to provide a secure, flexible boot environment for laptops, workstations and servers.
Go to file
2016-08-02 21:24:15 -04:00
build porting Makefile to use a modular build system for each package 2016-08-02 19:25:47 -04:00
config build the linux kernel after building the initrd 2016-08-02 21:23:18 -04:00
initrd tpmtotp and qrencode deps 2016-07-31 22:39:07 -04:00
modules build the linux kernel after building the initrd 2016-08-02 21:23:18 -04:00
packages ignore fetched files 2016-08-02 21:24:15 -04:00
patches patch to let Xen 4.6.3 boot via kexec without a BIOS 2016-07-26 15:14:34 -04:00
.gitignore ignore cpio files 2016-08-02 21:22:46 -04:00
Makefile build the linux kernel after building the initrd 2016-08-02 21:23:18 -04:00
populate-lib temp var for destination library 2016-08-02 21:21:56 -04:00
README.md cleanup initrd, improve population of lib directories, remove some extra drivers, add notes on /dev 2016-07-28 00:08:33 -04:00

Heads: the other side of TAILS

Heads is a configuration for laptops that tries to bring more security to commodity hardware. Among its goals are:

  • Use free software on the boot path
  • Move the root of trust into hardware (or at least the ROM)
  • Measure and attest to the state of the firmware
  • Measure and verify all filesystems

It is a work in progress and not yet ready for users.


Components:

  • CoreBoot
  • Linux
  • busybox
  • kexec
  • tpmtotp
  • QubesOS (Xen)

Notes:

initrd/dev/ must be populated with a few entries for things to work. At the least I've found that you need console, mem, null, tty, tty0, and ttyS0.