From 51d9c1dff829502bf20a010408fcf3267998c863 Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Sun, 23 Jul 2023 18:46:47 +0200 Subject: [PATCH 1/3] stub: split up into a linux-bootloader crate We introduce `linux-bootloader` a crate made to build Rust-based Linux-oriented bootloaders. It follows systemd/UAPI group and semantics as much as possible, e.g. BLS/loader capabilities/stub capabilities. --- rust/linux-bootloader/Cargo.lock | 193 ++++++++++++++++++ rust/linux-bootloader/Cargo.toml | 24 +++ rust/linux-bootloader/rust-toolchain.toml | 4 + .../{stub => linux-bootloader}/src/efivars.rs | 8 +- rust/linux-bootloader/src/lib.rs | 12 ++ .../src/linux_loader.rs | 0 .../{stub => linux-bootloader}/src/measure.rs | 5 +- .../src/pe_loader.rs | 0 .../src/pe_section.rs | 0 rust/{stub => linux-bootloader}/src/tpm.rs | 0 .../src/uefi_helpers.rs | 0 .../src/unified_sections.rs | 0 rust/stub/Cargo.lock | 15 +- rust/stub/Cargo.toml | 8 +- rust/stub/src/common.rs | 6 +- rust/stub/src/fat.rs | 4 +- rust/stub/src/main.rs | 42 ++-- rust/stub/src/thin.rs | 4 +- 18 files changed, 274 insertions(+), 51 deletions(-) create mode 100644 rust/linux-bootloader/Cargo.lock create mode 100644 rust/linux-bootloader/Cargo.toml create mode 100644 rust/linux-bootloader/rust-toolchain.toml rename rust/{stub => linux-bootloader}/src/efivars.rs (97%) create mode 100644 rust/linux-bootloader/src/lib.rs rename rust/{stub => linux-bootloader}/src/linux_loader.rs (100%) rename rust/{stub => linux-bootloader}/src/measure.rs (95%) rename rust/{stub => linux-bootloader}/src/pe_loader.rs (100%) rename rust/{stub => linux-bootloader}/src/pe_section.rs (100%) rename rust/{stub => linux-bootloader}/src/tpm.rs (100%) rename rust/{stub => linux-bootloader}/src/uefi_helpers.rs (100%) rename rust/{stub => linux-bootloader}/src/unified_sections.rs (100%) diff --git a/rust/linux-bootloader/Cargo.lock b/rust/linux-bootloader/Cargo.lock new file mode 100644 index 0000000..b07af4b --- /dev/null +++ b/rust/linux-bootloader/Cargo.lock @@ -0,0 +1,193 @@ +# This file is automatically @generated by Cargo. +# It is not intended for manual editing. +version = 3 + +[[package]] +name = "bit_field" +version = "0.10.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "dc827186963e592360843fb5ba4b973e145841266c1357f7180c43526f2e5b61" + +[[package]] +name = "bitflags" +version = "2.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "630be753d4e58660abd17930c71b647fe46c27ea6b63cc59e1e3851406972e42" + +[[package]] +name = "goblin" +version = "0.6.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0d6b4de4a8eb6c46a8c77e1d3be942cb9a8bf073c22374578e5ba4b08ed0ff68" +dependencies = [ + "log", + "plain", + "scroll", +] + +[[package]] +name = "linux-bootloader" +version = "0.3.0" +dependencies = [ + "bitflags", + "goblin", + "log", + "sha1_smol", + "uefi", +] + +[[package]] +name = "log" +version = "0.4.19" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b06a4cde4c0f271a446782e3eff8de789548ce57dbc8eca9292c27f4a42004b4" + +[[package]] +name = "plain" +version = "0.2.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b4596b6d070b27117e987119b4dac604f3c58cfb0b191112e24771b2faeac1a6" + +[[package]] +name = "proc-macro2" +version = "1.0.66" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" +dependencies = [ + "unicode-ident", +] + +[[package]] +name = "ptr_meta" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bcada80daa06c42ed5f48c9a043865edea5dc44cbf9ac009fda3b89526e28607" +dependencies = [ + "ptr_meta_derive", +] + +[[package]] +name = "ptr_meta_derive" +version = "0.2.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bca9224df2e20e7c5548aeb5f110a0f3b77ef05f8585139b7148b59056168ed2" +dependencies = [ + "proc-macro2", + "quote", + "syn 1.0.109", +] + +[[package]] +name = "quote" +version = "1.0.32" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "50f3b39ccfb720540debaa0164757101c08ecb8d326b15358ce76a62c7e85965" +dependencies = [ + "proc-macro2", +] + +[[package]] +name = "scroll" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "04c565b551bafbef4157586fa379538366e4385d42082f255bfd96e4fe8519da" +dependencies = [ + "scroll_derive", +] + +[[package]] +name = "scroll_derive" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1db149f81d46d2deba7cd3c50772474707729550221e69588478ebf9ada425ae" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.27", +] + +[[package]] +name = "sha1_smol" +version = "1.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ae1a47186c03a32177042e55dbc5fd5aee900b8e0069a8d70fba96a9375cd012" + +[[package]] +name = "syn" +version = "1.0.109" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "syn" +version = "2.0.27" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b60f673f44a8255b9c8c657daf66a596d435f2da81a555b06dc644d080ba45e0" +dependencies = [ + "proc-macro2", + "quote", + "unicode-ident", +] + +[[package]] +name = "ucs2" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "bad643914094137d475641b6bab89462505316ec2ce70907ad20102d28a79ab8" +dependencies = [ + "bit_field", +] + +[[package]] +name = "uefi" +version = "0.24.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3b63e82686b4bdb0db74f18b2abbd60a0470354fb640aa69e115598d714d0a10" +dependencies = [ + "bitflags", + "log", + "ptr_meta", + "ucs2", + "uefi-macros", + "uefi-raw", + "uguid", +] + +[[package]] +name = "uefi-macros" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "023d94ef8e135d068b9a3bd94614ef2610b2b0419ade0a9d8f3501fa9cd08e95" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.27", +] + +[[package]] +name = "uefi-raw" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62642516099c6441a5f41b0da8486d5fc3515a0603b0fdaea67b31600e22082e" +dependencies = [ + "bitflags", + "ptr_meta", + "uguid", +] + +[[package]] +name = "uguid" +version = "2.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "16dfbd255defbd727b3a30e8950695d2e6d045841ee250ff0f1f7ced17917f8d" + +[[package]] +name = "unicode-ident" +version = "1.0.11" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "301abaae475aa91687eb82514b328ab47a211a533026cb25fc3e519b86adfc3c" diff --git a/rust/linux-bootloader/Cargo.toml b/rust/linux-bootloader/Cargo.toml new file mode 100644 index 0000000..0dd6650 --- /dev/null +++ b/rust/linux-bootloader/Cargo.toml @@ -0,0 +1,24 @@ +[package] +name = "linux-bootloader" +version = "0.3.0" +edition = "2021" +publish = true +license = "GPL-3.0-only" +keywords = ["osdev", "linux", "bootloader"] +categories = ["embedded", "hardware-support", "no-std", "os::linux-apis"] +description = "Utilities to build Linux-based bootloaders" +repository = "https://github.com/nix-community/lanzaboote/" + +[dependencies] +uefi = { version = "0.24.0", default-features = false, features = [ "alloc", "global_allocator" ] } +goblin = { version = "0.6.1", default-features = false, features = [ "pe64", "alloc" ]} +bitflags = "2.3.3" + +# Even in debug builds, we don't enable the debug logs, because they generate a lot of spam from goblin. +log = { version = "0.4.19", default-features = false, features = [ "max_level_info", "release_max_level_warn" ]} + +# SHA1 for TPM TCG interface version 1. +sha1_smol = "1.0.0" + +[badges] +maintenance = { status = "actively-developed" } diff --git a/rust/linux-bootloader/rust-toolchain.toml b/rust/linux-bootloader/rust-toolchain.toml new file mode 100644 index 0000000..067ccdb --- /dev/null +++ b/rust/linux-bootloader/rust-toolchain.toml @@ -0,0 +1,4 @@ +[toolchain] +channel = "1.68.2" +components = [ "rust-src" ] +targets = [ "x86_64-unknown-uefi" ] diff --git a/rust/stub/src/efivars.rs b/rust/linux-bootloader/src/efivars.rs similarity index 97% rename from rust/stub/src/efivars.rs rename to rust/linux-bootloader/src/efivars.rs index 0b90235..a2d4400 100644 --- a/rust/stub/src/efivars.rs +++ b/rust/linux-bootloader/src/efivars.rs @@ -46,11 +46,7 @@ fn disk_get_part_uuid(boot_services: &BootServices, disk_handle: Handle) -> Resu pub const BOOT_LOADER_VENDOR_UUID: VariableVendor = VariableVendor(guid!("4a67b082-0a4c-41cf-b6c7-440b29bb8c4f")); -/// Lanzaboote stub name -pub static STUB_INFO_STRING: &str = concat!("lanzastub ", env!("CARGO_PKG_VERSION")); - bitflags! { - #[repr(transparent)] #[derive(Clone, Copy, Debug, PartialEq, Eq, Hash, Default)] /// Feature flags as described in https://systemd.io/BOOT_LOADER_INTERFACE/ @@ -146,7 +142,7 @@ where } /// Exports systemd-stub style EFI variables -pub fn export_efi_variables(system_table: &SystemTable) -> Result<()> { +pub fn export_efi_variables(stub_info_name: &str, system_table: &SystemTable) -> Result<()> { let boot_services = system_table.boot_services(); let runtime_services = system_table.runtime_services(); @@ -243,7 +239,7 @@ pub fn export_efi_variables(system_table: &SystemTable) -> Result<()> { cstr16!("StubInfo"), &BOOT_LOADER_VENDOR_UUID, default_attributes, - &STUB_INFO_STRING + &stub_info_name .encode_utf16() .flat_map(|c| c.to_le_bytes()) .collect::>(), diff --git a/rust/linux-bootloader/src/lib.rs b/rust/linux-bootloader/src/lib.rs new file mode 100644 index 0000000..a4e1f28 --- /dev/null +++ b/rust/linux-bootloader/src/lib.rs @@ -0,0 +1,12 @@ +#![no_std] + +extern crate alloc; + +pub mod efivars; +pub mod linux_loader; +pub mod measure; +pub mod pe_loader; +pub mod pe_section; +pub mod tpm; +pub mod uefi_helpers; +pub mod unified_sections; diff --git a/rust/stub/src/linux_loader.rs b/rust/linux-bootloader/src/linux_loader.rs similarity index 100% rename from rust/stub/src/linux_loader.rs rename to rust/linux-bootloader/src/linux_loader.rs diff --git a/rust/stub/src/measure.rs b/rust/linux-bootloader/src/measure.rs similarity index 95% rename from rust/stub/src/measure.rs rename to rust/linux-bootloader/src/measure.rs index 4db1e44..15ccc68 100644 --- a/rust/stub/src/measure.rs +++ b/rust/linux-bootloader/src/measure.rs @@ -12,10 +12,7 @@ use crate::{ const TPM_PCR_INDEX_KERNEL_IMAGE: PcrIndex = PcrIndex(11); -pub unsafe fn measure_image( - system_table: &SystemTable, - image: PeInMemory, -) -> uefi::Result { +pub fn measure_image(system_table: &SystemTable, image: PeInMemory) -> uefi::Result { let runtime_services = system_table.runtime_services(); let boot_services = system_table.boot_services(); diff --git a/rust/stub/src/pe_loader.rs b/rust/linux-bootloader/src/pe_loader.rs similarity index 100% rename from rust/stub/src/pe_loader.rs rename to rust/linux-bootloader/src/pe_loader.rs diff --git a/rust/stub/src/pe_section.rs b/rust/linux-bootloader/src/pe_section.rs similarity index 100% rename from rust/stub/src/pe_section.rs rename to rust/linux-bootloader/src/pe_section.rs diff --git a/rust/stub/src/tpm.rs b/rust/linux-bootloader/src/tpm.rs similarity index 100% rename from rust/stub/src/tpm.rs rename to rust/linux-bootloader/src/tpm.rs diff --git a/rust/stub/src/uefi_helpers.rs b/rust/linux-bootloader/src/uefi_helpers.rs similarity index 100% rename from rust/stub/src/uefi_helpers.rs rename to rust/linux-bootloader/src/uefi_helpers.rs diff --git a/rust/stub/src/unified_sections.rs b/rust/linux-bootloader/src/unified_sections.rs similarity index 100% rename from rust/stub/src/unified_sections.rs rename to rust/linux-bootloader/src/unified_sections.rs diff --git a/rust/stub/Cargo.lock b/rust/stub/Cargo.lock index 97fb3ca..20f3afb 100644 --- a/rust/stub/Cargo.lock +++ b/rust/stub/Cargo.lock @@ -83,10 +83,8 @@ dependencies = [ name = "lanzaboote_stub" version = "0.3.0" dependencies = [ - "bitflags", - "goblin", + "linux-bootloader", "log", - "sha1_smol", "sha2", "uefi", "uefi-services", @@ -98,6 +96,17 @@ version = "0.2.147" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" +[[package]] +name = "linux-bootloader" +version = "0.3.0" +dependencies = [ + "bitflags", + "goblin", + "log", + "sha1_smol", + "uefi", +] + [[package]] name = "log" version = "0.4.19" diff --git a/rust/stub/Cargo.toml b/rust/stub/Cargo.toml index 31fa279..90d36f5 100644 --- a/rust/stub/Cargo.toml +++ b/rust/stub/Cargo.toml @@ -9,16 +9,12 @@ rust-version = "1.68" [dependencies] uefi = { version = "0.24.0", default-features = false, features = [ "alloc", "global_allocator" ] } uefi-services = { version = "0.21.0", default-features = false, features = [ "panic_handler", "logger" ] } -goblin = { version = "0.6.1", default-features = false, features = [ "pe64", "alloc" ]} -bitflags = "2.3.3" - # Even in debug builds, we don't enable the debug logs, because they generate a lot of spam from goblin. log = { version = "0.4.19", default-features = false, features = [ "max_level_info", "release_max_level_warn" ]} - # Use software implementation because the UEFI target seems to need it. sha2 = { version = "0.10.7", default-features = false, features = ["force-soft"], optional = true } -# SHA1 for TPM TCG interface version 1. -sha1_smol = "1.0.0" +# Our linux-bootloader crate containing most of what we need +linux-bootloader = { path = "../linux-bootloader" } [features] default = [ "thin" ] diff --git a/rust/stub/src/common.rs b/rust/stub/src/common.rs index 9c567b7..aaee529 100644 --- a/rust/stub/src/common.rs +++ b/rust/stub/src/common.rs @@ -1,9 +1,9 @@ use alloc::vec::Vec; use uefi::{prelude::*, CStr16, CString16, Result}; -use crate::linux_loader::InitrdLoader; -use crate::pe_loader::Image; -use crate::pe_section::pe_section_as_string; +use linux_bootloader::linux_loader::InitrdLoader; +use linux_bootloader::pe_loader::Image; +use linux_bootloader::pe_section::pe_section_as_string; /// Extract a string, stored as UTF-8, from a PE section. pub fn extract_string(pe_data: &[u8], section: &str) -> Result { diff --git a/rust/stub/src/fat.rs b/rust/stub/src/fat.rs index 4a39f0a..2cbc053 100644 --- a/rust/stub/src/fat.rs +++ b/rust/stub/src/fat.rs @@ -2,8 +2,8 @@ use alloc::vec::Vec; use uefi::{prelude::*, CString16, Result}; use crate::common::{boot_linux_unchecked, extract_string}; -use crate::pe_section::pe_section; -use crate::uefi_helpers::booted_image_file; +use linux_bootloader::pe_section::pe_section; +use linux_bootloader::uefi_helpers::booted_image_file; /// Extract bytes from a PE section. pub fn extract_bytes(pe_data: &[u8], section: &str) -> Result> { diff --git a/rust/stub/src/main.rs b/rust/stub/src/main.rs index 0e90aa8..21254bd 100644 --- a/rust/stub/src/main.rs +++ b/rust/stub/src/main.rs @@ -5,14 +5,6 @@ extern crate alloc; mod common; -mod efivars; -mod linux_loader; -mod measure; -mod pe_loader; -mod pe_section; -mod tpm; -mod uefi_helpers; -mod unified_sections; #[cfg(feature = "fat")] mod fat; @@ -23,13 +15,15 @@ mod thin; #[cfg(all(feature = "fat", feature = "thin"))] compile_error!("A thin and fat stub cannot be produced at the same time, disable either `thin` or `fat` feature"); -use efivars::{export_efi_variables, get_loader_features, EfiLoaderFeatures}; +use linux_bootloader::efivars::{export_efi_variables, get_loader_features, EfiLoaderFeatures}; +use linux_bootloader::measure::measure_image; +use linux_bootloader::tpm::tpm_available; +use linux_bootloader::uefi_helpers::booted_image_file; use log::info; -use measure::measure_image; -use tpm::tpm_available; use uefi::prelude::*; -use crate::uefi_helpers::booted_image_file; +/// Lanzaboote stub name +pub static STUB_NAME: &str = concat!("lanzastub ", env!("CARGO_PKG_VERSION")); /// Print the startup logo on boot. fn print_logo() { @@ -54,18 +48,16 @@ fn main(handle: Handle, mut system_table: SystemTable) -> Status { if tpm_available(system_table.boot_services()) { info!("TPM available, will proceed to measurements."); - unsafe { - // Iterate over unified sections and measure them - // For now, ignore failures during measurements. - // TODO: in the future, devise a threat model where this can fail - // and ensure this hard-fail correctly. - let _ = measure_image( - &system_table, - booted_image_file(system_table.boot_services()).unwrap(), - ); - // TODO: Measure kernel parameters - // TODO: Measure sysexts - } + // Iterate over unified sections and measure them + // For now, ignore failures during measurements. + // TODO: in the future, devise a threat model where this can fail + // and ensure this hard-fail correctly. + let _ = measure_image( + &system_table, + booted_image_file(system_table.boot_services()).unwrap(), + ); + // TODO: Measure kernel parameters + // TODO: Measure sysexts } if let Ok(features) = get_loader_features(system_table.runtime_services()) { @@ -74,7 +66,7 @@ fn main(handle: Handle, mut system_table: SystemTable) -> Status { info!("Random seed is available, but lanzaboote does not support it yet."); } } - export_efi_variables(&system_table).expect("Failed to export stub EFI variables"); + export_efi_variables(STUB_NAME, &system_table).expect("Failed to export stub EFI variables"); let status; diff --git a/rust/stub/src/thin.rs b/rust/stub/src/thin.rs index d66e056..2f12b2e 100644 --- a/rust/stub/src/thin.rs +++ b/rust/stub/src/thin.rs @@ -4,8 +4,8 @@ use sha2::{Digest, Sha256}; use uefi::{prelude::*, proto::loaded_image::LoadedImage, CStr16, CString16, Result}; use crate::common::{boot_linux_unchecked, extract_string}; -use crate::pe_section::pe_section; -use crate::{linux_loader::InitrdLoader, uefi_helpers::booted_image_file}; +use linux_bootloader::pe_section::pe_section; +use linux_bootloader::{linux_loader::InitrdLoader, uefi_helpers::booted_image_file}; type Hash = sha2::digest::Output; From 64f17609449c687abdf680d0ca7649ed28f6e99f Mon Sep 17 00:00:00 2001 From: Raito Bezarius Date: Sun, 23 Jul 2023 18:47:02 +0200 Subject: [PATCH 2/3] flake: add cargo-machete to machete the unused crates in our Cargo.toml Useful for the previous split up. --- flake.nix | 1 + 1 file changed, 1 insertion(+) diff --git a/flake.nix b/flake.nix index cf8b3ee..d8bc21f 100644 --- a/flake.nix +++ b/flake.nix @@ -254,6 +254,7 @@ pkgs.nixpkgs-fmt pkgs.statix pkgs.cargo-release + pkgs.cargo-machete ]; inputsFrom = [ From 83f437692968005e7f96b754b061789cc299af66 Mon Sep 17 00:00:00 2001 From: nikstur Date: Wed, 13 Sep 2023 17:38:17 +0200 Subject: [PATCH 3/3] uefi: move uefi code to separate workspace --- flake.nix | 10 +- rust/linux-bootloader/Cargo.lock | 193 ------------------ rust/stub/rust-toolchain.toml | 4 - rust/{stub => uefi}/.cargo/config | 0 rust/{stub => uefi}/Cargo.lock | 28 +-- rust/uefi/Cargo.toml | 17 ++ rust/{ => uefi}/linux-bootloader/Cargo.toml | 4 +- .../linux-bootloader/src/efivars.rs | 0 rust/{ => uefi}/linux-bootloader/src/lib.rs | 0 .../linux-bootloader/src/linux_loader.rs | 0 .../linux-bootloader/src/measure.rs | 0 .../linux-bootloader/src/pe_loader.rs | 0 .../linux-bootloader/src/pe_section.rs | 0 rust/{ => uefi}/linux-bootloader/src/tpm.rs | 0 .../linux-bootloader/src/uefi_helpers.rs | 0 .../linux-bootloader/src/unified_sections.rs | 0 .../rust-toolchain.toml | 0 rust/{ => uefi}/stub/Cargo.toml | 8 +- rust/{ => uefi}/stub/src/common.rs | 0 rust/{ => uefi}/stub/src/fat.rs | 0 rust/{ => uefi}/stub/src/main.rs | 0 rust/{ => uefi}/stub/src/thin.rs | 0 22 files changed, 42 insertions(+), 222 deletions(-) delete mode 100644 rust/linux-bootloader/Cargo.lock delete mode 100644 rust/stub/rust-toolchain.toml rename rust/{stub => uefi}/.cargo/config (100%) rename rust/{stub => uefi}/Cargo.lock (91%) create mode 100644 rust/uefi/Cargo.toml rename rust/{ => uefi}/linux-bootloader/Cargo.toml (93%) rename rust/{ => uefi}/linux-bootloader/src/efivars.rs (100%) rename rust/{ => uefi}/linux-bootloader/src/lib.rs (100%) rename rust/{ => uefi}/linux-bootloader/src/linux_loader.rs (100%) rename rust/{ => uefi}/linux-bootloader/src/measure.rs (100%) rename rust/{ => uefi}/linux-bootloader/src/pe_loader.rs (100%) rename rust/{ => uefi}/linux-bootloader/src/pe_section.rs (100%) rename rust/{ => uefi}/linux-bootloader/src/tpm.rs (100%) rename rust/{ => uefi}/linux-bootloader/src/uefi_helpers.rs (100%) rename rust/{ => uefi}/linux-bootloader/src/unified_sections.rs (100%) rename rust/{linux-bootloader => uefi}/rust-toolchain.toml (100%) rename rust/{ => uefi}/stub/Cargo.toml (89%) rename rust/{ => uefi}/stub/src/common.rs (100%) rename rust/{ => uefi}/stub/src/fat.rs (100%) rename rust/{ => uefi}/stub/src/main.rs (100%) rename rust/{ => uefi}/stub/src/thin.rs (100%) diff --git a/flake.nix b/flake.nix index d8bc21f..af95fda 100644 --- a/flake.nix +++ b/flake.nix @@ -95,18 +95,20 @@ inherit (pkgs) lib; - uefi-rust-stable = pkgs.rust-bin.fromRustupToolchainFile ./rust/stub/rust-toolchain.toml; + uefi-rust-stable = pkgs.rust-bin.fromRustupToolchainFile ./rust/uefi/rust-toolchain.toml; craneLib = crane.lib.x86_64-linux.overrideToolchain uefi-rust-stable; # Build attributes for a Rust application. buildRustApp = lib.makeOverridable ( - { src + { pname + , src , target ? null , doCheck ? true , extraArgs ? { } }: let commonArgs = { + inherit pname; inherit src; CARGO_BUILD_TARGET = target; inherit doCheck; @@ -148,7 +150,8 @@ ); stubCrane = buildRustApp { - src = craneLib.cleanCargoSource ./rust/stub; + pname = "lanzaboote-stub"; + src = craneLib.cleanCargoSource ./rust/uefi; target = "x86_64-unknown-uefi"; doCheck = false; }; @@ -163,6 +166,7 @@ fatStub = fatStubCrane.package; toolCrane = buildRustApp { + pname = "lanzaboote-tool"; src = ./rust/tool; extraArgs = { TEST_SYSTEMD = pkgs.systemd; diff --git a/rust/linux-bootloader/Cargo.lock b/rust/linux-bootloader/Cargo.lock deleted file mode 100644 index b07af4b..0000000 --- a/rust/linux-bootloader/Cargo.lock +++ /dev/null @@ -1,193 +0,0 @@ -# This file is automatically @generated by Cargo. -# It is not intended for manual editing. -version = 3 - -[[package]] -name = "bit_field" -version = "0.10.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dc827186963e592360843fb5ba4b973e145841266c1357f7180c43526f2e5b61" - -[[package]] -name = "bitflags" -version = "2.3.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "630be753d4e58660abd17930c71b647fe46c27ea6b63cc59e1e3851406972e42" - -[[package]] -name = "goblin" -version = "0.6.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d6b4de4a8eb6c46a8c77e1d3be942cb9a8bf073c22374578e5ba4b08ed0ff68" -dependencies = [ - "log", - "plain", - "scroll", -] - -[[package]] -name = "linux-bootloader" -version = "0.3.0" -dependencies = [ - "bitflags", - "goblin", - "log", - "sha1_smol", - "uefi", -] - -[[package]] -name = "log" -version = "0.4.19" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b06a4cde4c0f271a446782e3eff8de789548ce57dbc8eca9292c27f4a42004b4" - -[[package]] -name = "plain" -version = "0.2.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4596b6d070b27117e987119b4dac604f3c58cfb0b191112e24771b2faeac1a6" - -[[package]] -name = "proc-macro2" -version = "1.0.66" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" -dependencies = [ - "unicode-ident", -] - -[[package]] -name = "ptr_meta" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bcada80daa06c42ed5f48c9a043865edea5dc44cbf9ac009fda3b89526e28607" -dependencies = [ - "ptr_meta_derive", -] - -[[package]] -name = "ptr_meta_derive" -version = "0.2.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bca9224df2e20e7c5548aeb5f110a0f3b77ef05f8585139b7148b59056168ed2" -dependencies = [ - "proc-macro2", - "quote", - "syn 1.0.109", -] - -[[package]] -name = "quote" -version = "1.0.32" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50f3b39ccfb720540debaa0164757101c08ecb8d326b15358ce76a62c7e85965" -dependencies = [ - "proc-macro2", -] - -[[package]] -name = "scroll" -version = "0.11.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "04c565b551bafbef4157586fa379538366e4385d42082f255bfd96e4fe8519da" -dependencies = [ - "scroll_derive", -] - -[[package]] -name = "scroll_derive" -version = "0.11.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1db149f81d46d2deba7cd3c50772474707729550221e69588478ebf9ada425ae" -dependencies = [ - "proc-macro2", - "quote", - "syn 2.0.27", -] - -[[package]] -name = "sha1_smol" -version = "1.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ae1a47186c03a32177042e55dbc5fd5aee900b8e0069a8d70fba96a9375cd012" - -[[package]] -name = "syn" -version = "1.0.109" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" -dependencies = [ - "proc-macro2", - "quote", - "unicode-ident", -] - -[[package]] -name = "syn" -version = "2.0.27" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b60f673f44a8255b9c8c657daf66a596d435f2da81a555b06dc644d080ba45e0" -dependencies = [ - "proc-macro2", - "quote", - "unicode-ident", -] - -[[package]] -name = "ucs2" -version = "0.3.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bad643914094137d475641b6bab89462505316ec2ce70907ad20102d28a79ab8" -dependencies = [ - "bit_field", -] - -[[package]] -name = "uefi" -version = "0.24.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3b63e82686b4bdb0db74f18b2abbd60a0470354fb640aa69e115598d714d0a10" -dependencies = [ - "bitflags", - "log", - "ptr_meta", - "ucs2", - "uefi-macros", - "uefi-raw", - "uguid", -] - -[[package]] -name = "uefi-macros" -version = "0.12.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "023d94ef8e135d068b9a3bd94614ef2610b2b0419ade0a9d8f3501fa9cd08e95" -dependencies = [ - "proc-macro2", - "quote", - "syn 2.0.27", -] - -[[package]] -name = "uefi-raw" -version = "0.3.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62642516099c6441a5f41b0da8486d5fc3515a0603b0fdaea67b31600e22082e" -dependencies = [ - "bitflags", - "ptr_meta", - "uguid", -] - -[[package]] -name = "uguid" -version = "2.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "16dfbd255defbd727b3a30e8950695d2e6d045841ee250ff0f1f7ced17917f8d" - -[[package]] -name = "unicode-ident" -version = "1.0.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "301abaae475aa91687eb82514b328ab47a211a533026cb25fc3e519b86adfc3c" diff --git a/rust/stub/rust-toolchain.toml b/rust/stub/rust-toolchain.toml deleted file mode 100644 index 067ccdb..0000000 --- a/rust/stub/rust-toolchain.toml +++ /dev/null @@ -1,4 +0,0 @@ -[toolchain] -channel = "1.68.2" -components = [ "rust-src" ] -targets = [ "x86_64-unknown-uefi" ] diff --git a/rust/stub/.cargo/config b/rust/uefi/.cargo/config similarity index 100% rename from rust/stub/.cargo/config rename to rust/uefi/.cargo/config diff --git a/rust/stub/Cargo.lock b/rust/uefi/Cargo.lock similarity index 91% rename from rust/stub/Cargo.lock rename to rust/uefi/Cargo.lock index 20f3afb..bc826d3 100644 --- a/rust/stub/Cargo.lock +++ b/rust/uefi/Cargo.lock @@ -10,9 +10,9 @@ checksum = "dc827186963e592360843fb5ba4b973e145841266c1357f7180c43526f2e5b61" [[package]] name = "bitflags" -version = "2.3.3" +version = "2.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "630be753d4e58660abd17930c71b647fe46c27ea6b63cc59e1e3851406972e42" +checksum = "b4682ae6287fcf752ecaabbfcc7b6f9b72aa33933dc23a554d853aea8eea8635" [[package]] name = "block-buffer" @@ -92,9 +92,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.147" +version = "0.2.148" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" +checksum = "9cdc71e17332e86d2e1d38c1f99edcb6288ee11b815fb1a4b049eaa2114d369b" [[package]] name = "linux-bootloader" @@ -109,9 +109,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.19" +version = "0.4.20" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b06a4cde4c0f271a446782e3eff8de789548ce57dbc8eca9292c27f4a42004b4" +checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f" [[package]] name = "plain" @@ -150,9 +150,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.31" +version = "1.0.33" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5fe8a65d69dd0808184ebb5f836ab526bb259db23c657efa38711b1072ee47f0" +checksum = "5267fca4496028628a95160fc423a33e8b2e6af8a5302579e322e4b520293cae" dependencies = [ "proc-macro2", ] @@ -174,7 +174,7 @@ checksum = "1db149f81d46d2deba7cd3c50772474707729550221e69588478ebf9ada425ae" dependencies = [ "proc-macro2", "quote", - "syn 2.0.26", + "syn 2.0.32", ] [[package]] @@ -207,9 +207,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.26" +version = "2.0.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "45c3457aacde3c65315de5031ec191ce46604304d2446e803d71ade03308d970" +checksum = "239814284fd6f1a4ffe4ca893952cdd93c224b6a1571c9a9eadd670295c0c9e2" dependencies = [ "proc-macro2", "quote", @@ -254,7 +254,7 @@ checksum = "023d94ef8e135d068b9a3bd94614ef2610b2b0419ade0a9d8f3501fa9cd08e95" dependencies = [ "proc-macro2", "quote", - "syn 2.0.26", + "syn 2.0.32", ] [[package]] @@ -287,9 +287,9 @@ checksum = "16dfbd255defbd727b3a30e8950695d2e6d045841ee250ff0f1f7ced17917f8d" [[package]] name = "unicode-ident" -version = "1.0.11" +version = "1.0.12" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "301abaae475aa91687eb82514b328ab47a211a533026cb25fc3e519b86adfc3c" +checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b" [[package]] name = "version_check" diff --git a/rust/uefi/Cargo.toml b/rust/uefi/Cargo.toml new file mode 100644 index 0000000..821f948 --- /dev/null +++ b/rust/uefi/Cargo.toml @@ -0,0 +1,17 @@ +[workspace] + +members = [ + "stub", + "linux-bootloader", +] + +default-members = [ + "stub" +] + +[workspace.package] +version = "0.3.0" + +[profile.release] +opt-level = "s" +lto = true diff --git a/rust/linux-bootloader/Cargo.toml b/rust/uefi/linux-bootloader/Cargo.toml similarity index 93% rename from rust/linux-bootloader/Cargo.toml rename to rust/uefi/linux-bootloader/Cargo.toml index 0dd6650..b4b002e 100644 --- a/rust/linux-bootloader/Cargo.toml +++ b/rust/uefi/linux-bootloader/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "linux-bootloader" -version = "0.3.0" +version.workspace = true edition = "2021" publish = true license = "GPL-3.0-only" @@ -8,6 +8,8 @@ keywords = ["osdev", "linux", "bootloader"] categories = ["embedded", "hardware-support", "no-std", "os::linux-apis"] description = "Utilities to build Linux-based bootloaders" repository = "https://github.com/nix-community/lanzaboote/" +# For UEFI target +rust-version = "1.68" [dependencies] uefi = { version = "0.24.0", default-features = false, features = [ "alloc", "global_allocator" ] } diff --git a/rust/linux-bootloader/src/efivars.rs b/rust/uefi/linux-bootloader/src/efivars.rs similarity index 100% rename from rust/linux-bootloader/src/efivars.rs rename to rust/uefi/linux-bootloader/src/efivars.rs diff --git a/rust/linux-bootloader/src/lib.rs b/rust/uefi/linux-bootloader/src/lib.rs similarity index 100% rename from rust/linux-bootloader/src/lib.rs rename to rust/uefi/linux-bootloader/src/lib.rs diff --git a/rust/linux-bootloader/src/linux_loader.rs b/rust/uefi/linux-bootloader/src/linux_loader.rs similarity index 100% rename from rust/linux-bootloader/src/linux_loader.rs rename to rust/uefi/linux-bootloader/src/linux_loader.rs diff --git a/rust/linux-bootloader/src/measure.rs b/rust/uefi/linux-bootloader/src/measure.rs similarity index 100% rename from rust/linux-bootloader/src/measure.rs rename to rust/uefi/linux-bootloader/src/measure.rs diff --git a/rust/linux-bootloader/src/pe_loader.rs b/rust/uefi/linux-bootloader/src/pe_loader.rs similarity index 100% rename from rust/linux-bootloader/src/pe_loader.rs rename to rust/uefi/linux-bootloader/src/pe_loader.rs diff --git a/rust/linux-bootloader/src/pe_section.rs b/rust/uefi/linux-bootloader/src/pe_section.rs similarity index 100% rename from rust/linux-bootloader/src/pe_section.rs rename to rust/uefi/linux-bootloader/src/pe_section.rs diff --git a/rust/linux-bootloader/src/tpm.rs b/rust/uefi/linux-bootloader/src/tpm.rs similarity index 100% rename from rust/linux-bootloader/src/tpm.rs rename to rust/uefi/linux-bootloader/src/tpm.rs diff --git a/rust/linux-bootloader/src/uefi_helpers.rs b/rust/uefi/linux-bootloader/src/uefi_helpers.rs similarity index 100% rename from rust/linux-bootloader/src/uefi_helpers.rs rename to rust/uefi/linux-bootloader/src/uefi_helpers.rs diff --git a/rust/linux-bootloader/src/unified_sections.rs b/rust/uefi/linux-bootloader/src/unified_sections.rs similarity index 100% rename from rust/linux-bootloader/src/unified_sections.rs rename to rust/uefi/linux-bootloader/src/unified_sections.rs diff --git a/rust/linux-bootloader/rust-toolchain.toml b/rust/uefi/rust-toolchain.toml similarity index 100% rename from rust/linux-bootloader/rust-toolchain.toml rename to rust/uefi/rust-toolchain.toml diff --git a/rust/stub/Cargo.toml b/rust/uefi/stub/Cargo.toml similarity index 89% rename from rust/stub/Cargo.toml rename to rust/uefi/stub/Cargo.toml index 90d36f5..819a28b 100644 --- a/rust/stub/Cargo.toml +++ b/rust/uefi/stub/Cargo.toml @@ -1,10 +1,8 @@ [package] name = "lanzaboote_stub" -version = "0.3.0" +version.workspace = true edition = "2021" publish = false -# For UEFI target -rust-version = "1.68" [dependencies] uefi = { version = "0.24.0", default-features = false, features = [ "alloc", "global_allocator" ] } @@ -20,7 +18,3 @@ linux-bootloader = { path = "../linux-bootloader" } default = [ "thin" ] thin = ["dep:sha2"] fat = [] - -[profile.release] -opt-level = "s" -lto = true diff --git a/rust/stub/src/common.rs b/rust/uefi/stub/src/common.rs similarity index 100% rename from rust/stub/src/common.rs rename to rust/uefi/stub/src/common.rs diff --git a/rust/stub/src/fat.rs b/rust/uefi/stub/src/fat.rs similarity index 100% rename from rust/stub/src/fat.rs rename to rust/uefi/stub/src/fat.rs diff --git a/rust/stub/src/main.rs b/rust/uefi/stub/src/main.rs similarity index 100% rename from rust/stub/src/main.rs rename to rust/uefi/stub/src/main.rs diff --git a/rust/stub/src/thin.rs b/rust/uefi/stub/src/thin.rs similarity index 100% rename from rust/stub/src/thin.rs rename to rust/uefi/stub/src/thin.rs