heads/initrd/bin
Jonathon Hall 80b57eb60d
initrd/bin/root-hashes-gui.sh: Qubes support, faster hash creation
Don't spew the root hashes to the console when creating the hash file.
This speeds up hash creation significantly.  A basic Qubes install on a
cheap (slow) SATA SSD reduced from about 1.5 minutes to just under 1
minute, and a PureOS install on a fast NVMe disk reduced from 2.5
minutes to 1 minute.

Support opening LVM volume groups to find the root disk.  If an LVM PV
is found, its group is opened and the 'root' volume is used.  There is
no way to set the volume name in this iteration; this is the default
name used by Qubes and probably common to many LVM OS installations.
LUKS and LVM can be mixed.  Tested LUKS (PureOS) and LUKS+LVM (Qubes).

Always cd to "$ROOT_MOUNT" in a subshell, improves robustness of
scripts (previously some functions only worked if they were called
after another function had cd'd to "$ROOT_MOUNT").

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2024-01-17 16:34:47 -05:00
..
basic-autoboot.sh Add PureBoot Basic Mode 2023-06-21 13:26:45 -04:00
cbfs-init All TPM Extend additional context passed from console echo output to DEBUG. Put back console output as of master. TODO: decide what we do with tpmr extend output for the future. Hint: forward sealing of next flashed firmware measurements. 2023-11-06 15:53:17 -05:00
cbfs.sh Add dual support for real bash and busybox's bash(ash) 2023-03-08 12:45:44 -05:00
config-gui.sh intird/bin/config-gui.sh: Clarify root hash menu item, minor cleanup 2024-01-17 16:34:47 -05:00
flash-gui.sh initrd/bin/flash-gui.sh: Show error if find fails due to I/O error 2024-01-09 15:15:24 -05:00
flash.sh Talos-2 fixes to comply with hashing file standard. Bypass flash-gui.sh prompt when talos-2 ato validate hashes against hashes provided under tgz through flash.sh validation (still offer zip and tgz, which tgz might change to zip later but only tgz offered through builds) 2023-11-16 08:44:39 -05:00
flashrom-kgpe-d16-openbmc.sh TPM Disk Unlock Key sealing/renewal cleanup (Triggered automatically when resealing TOTP) 2023-08-30 18:06:29 -04:00
generic-init io386: replace check for io386 to call lock_chip by a single common call from kexec-boot prior of real kexec 2023-06-12 13:51:20 -04:00
gpg-gui.sh Change '16 60'-sized whiptail prompts to '0 80' 2023-06-30 14:21:11 -04:00
gpgv Add dual support for real bash and busybox's bash(ash) 2023-03-08 12:45:44 -05:00
gui-init gui-init: fix TRACE: clean_check_boot stating mount_boot instead of clean_boot_check 2023-11-03 16:41:30 -04:00
gui-init-basic Add CONFIG_BRAND_NAME and allow overriding in Makefile with BRAND_NAME 2023-06-21 14:47:59 -04:00
inject_firmware.sh Blob jail: Make device firmware available during initrd 2023-09-29 15:36:31 -04:00
kexec-boot Blob jail: Make device firmware available during initrd 2023-09-29 15:36:31 -04:00
kexec-insert-key All TPM Extend additional context passed from console echo output to DEBUG. Put back console output as of master. TODO: decide what we do with tpmr extend output for the future. Hint: forward sealing of next flashed firmware measurements. 2023-11-06 15:53:17 -05:00
kexec-iso-init kexec-iso-init: add TinyCore iso boot logic (Based on https://github.com/u-root/webboot/) 2023-04-17 16:18:22 -04:00
kexec-parse-bls Add dual support for real bash and busybox's bash(ash) 2023-03-08 12:45:44 -05:00
kexec-parse-boot kexec-parse-boot: fix isolinux iso booting 2023-04-17 16:19:08 -04:00
kexec-save-default TPM2: add DEBUG and fix path for TPM2 primary key handle hash. 2023-11-02 14:17:52 -04:00
kexec-save-key Remove TODO in code that were not relevant prior of first review 2023-11-01 10:08:19 -04:00
kexec-seal-key kexec-seal-key: remove non-needed shred of file cached /tmp/secret/tpm_owner_password (done when sealing fails under tpmr) 2023-11-06 10:30:11 -05:00
kexec-select-boot All TPM Extend additional context passed from console echo output to DEBUG. Put back console output as of master. TODO: decide what we do with tpmr extend output for the future. Hint: forward sealing of next flashed firmware measurements. 2023-11-06 15:53:17 -05:00
kexec-sign-config Add dual support for real bash and busybox's bash(ash) 2023-03-08 12:45:44 -05:00
kexec-unseal-key TPM Disk Unlock Key sealing/renewal cleanup (Triggered automatically when resealing TOTP) 2023-08-30 18:06:29 -04:00
key-init Add dual support for real bash and busybox's bash(ash) 2023-03-08 12:45:44 -05:00
lock_chip lock_chip: parametrize locking in function of board config exported config option 2023-06-20 12:40:00 -04:00
media-scan media-scan: die if gpg_auth fails (should loop and never exit anyway) 2023-11-06 10:04:51 -05:00
mount-usb Wip: now supports both backup and copy to card and gpg_auth when backup exists. Might want to discuss that implementation. Some functions needed to be moved from functions to ash_functions so that gpg_auth can be called from recovery function. That might need to be discussed as well, recovery could be moved from ash_functions to functions instead. 2023-11-01 10:06:48 -04:00
network-init-recovery Add dual support for real bash and busybox's bash(ash) 2023-03-08 12:45:44 -05:00
nitropad-shutdown.sh add nitropad-shutdown.sh for EC based poweroff 2023-09-05 17:13:56 +02:00
oem-factory-reset Merge pull request #1542 from UndeadDevel/luks_reencrypt_text_patch 2023-12-06 22:59:42 -05:00
oem-system-info-xx30 Add dual support for real bash and busybox's bash(ash) 2023-03-08 12:45:44 -05:00
poweroff nitropad-nx: fix EC-based poweroff/reboot 2023-12-22 15:37:29 +01:00
qubes-measure-luks All TPM Extend additional context passed from console echo output to DEBUG. Put back console output as of master. TODO: decide what we do with tpmr extend output for the future. Hint: forward sealing of next flashed firmware measurements. 2023-11-06 15:53:17 -05:00
reboot nitropad-nx: fix EC-based poweroff/reboot 2023-12-22 15:37:29 +01:00
root-hashes-gui.sh initrd/bin/root-hashes-gui.sh: Qubes support, faster hash creation 2024-01-17 16:34:47 -05:00
seal-hotpkey initrd/bin/seal-hotpkey: Show error if /boot can't be mounted 2024-01-09 12:27:59 -05:00
seal-totp kexec-seal-key/seal-totp/tpmr/functions: move wiping of tpm_owner_password to tpmr calls directly 2023-11-03 10:54:16 -04:00
setconsolefont.sh initrd/bin/setconsolefont.sh: Reduce threshold for 2x console to 1350 2023-08-11 14:40:11 -04:00
talos-init initrd/bin/talos-init: remove alias for cbmem and bump coreboot revision 2023-07-12 14:50:54 +02:00
tpm-reset TPM2 DUK and TOTP/HOTP reseal fix, refactoring and ifferenciating tpm_password into tpm_owner_password and reusing correctly 2023-11-01 10:07:27 -04:00
tpmr tpmr: fix TPM Disk Unlock Key which was not using proper cached passphrase. 2023-12-29 15:22:17 -05:00
uefi-init tpm2-tools: Change sense of CONFIG_TPM to mean any TPM, not just TPM1. 2023-03-08 12:45:46 -05:00
unpack_initramfs.sh bin/unpack_initramfs.sh: Add TRACE and DEBUG traces 2023-09-02 01:51:50 -04:00
unseal-hotp initrd/bin/unseal-hotp: Prevent script errors if unseal fails 2023-09-05 16:12:57 -04:00
unseal-totp unseal-totp: fix indentation 2023-11-03 09:31:44 -04:00
usb-autoboot.sh Add USB autoboot feature to PureBoot Basic 2023-06-21 13:26:46 -04:00
usb-init media-scan/usb-init: add debugging info 2023-04-17 16:17:55 -04:00
wget-measure.sh Add dual support for real bash and busybox's bash(ash) 2023-03-08 12:45:44 -05:00
wipe-totp Implement Restricted Boot Mode 2023-06-21 13:26:45 -04:00
xx30-flash.init Combine t430-flash.init, x23-flash.init, fix insmod 2023-03-13 13:23:29 -04:00