Commit Graph

6 Commits

Author SHA1 Message Date
Julian Stecklina 01b62a1c21
Merge branch 'master' into insecure-boot 2023-10-16 10:28:28 +02:00
Alois Wohlschlager b02a7e2a7f
stub: use command line from loader in insecure mode
When booting without Secure Boot active, it is not necessary to defend
against a malicious command line being passed from the loader. So just
use it in this case, to facilitaty some debugging and recovery use
cases.

Fixes: https://github.com/nix-community/lanzaboote/issues/226
2023-10-15 16:04:30 +02:00
Julian Stecklina c56ad52b18 stub: pin to current goblin version
goblin 0.7.1 introduces certification support for PE files. This seems to be broken, because we get:

Parsing PE failed Malformed entity: Unable to extract certificate. Probably cert_size:1599360838 is malformed!

from goblin when trying to parse our PE file in memory.

See #237 for context.
2023-10-15 15:40:57 +02:00
Julian Stecklina 17cadf6598 stub: update to latest uefi crates 2023-10-12 12:12:34 +02:00
nikstur 3dab5531b1 stub: remove TPM 1 support
TPM 1 will not be supported by newer systemd versions and is not widely
available anyways.
2023-09-14 15:04:53 +02:00
nikstur 83f4376929 uefi: move uefi code to separate workspace 2023-09-13 17:46:05 +02:00