Julian Stecklina
|
74b815512c
|
nix: remove qemuUefi wrapper
|
2022-11-26 02:17:34 +01:00 |
Julian Stecklina
|
541275acae
|
nix: drop the stable Rust toolchain from the environment
... otherwise it messes with the unstable one we use for the UEFI
code.
|
2022-11-26 02:17:28 +01:00 |
Julian Stecklina
|
3434433cec
|
Merge pull request #11 from blitz/secure-pe-assembling
lanzatool: perform secure assembling for lanzaboote_image and PE wrapping
|
2022-11-26 02:14:32 +01:00 |
Raito Bezarius
|
9f65f75289
|
feature: support initrd secrets
|
2022-11-26 02:01:41 +01:00 |
Raito Bezarius
|
a3150dca11
|
lanzatool: perform secure assembling for lanzaboote_image and PE wrapping
|
2022-11-26 01:24:33 +01:00 |
Raito Bezarius
|
f6930955a3
|
lanzatool: sync for every sign operation
|
2022-11-25 23:58:06 +01:00 |
nikstur
|
a3ec2cfc15
|
lanzatool: add error messages
|
2022-11-25 23:50:11 +01:00 |
Julian Stecklina
|
c87b2a09dc
|
nix: fix lanzatool integration/merge mixup
|
2022-11-25 23:46:19 +01:00 |
Raito Bezarius
|
dec7c06e6b
|
tests: test unsigned initrd/kernel either, plus some machinery for sb tests
|
2022-11-25 18:42:37 +01:00 |
Julian Stecklina
|
3779e81b20
|
lanzaboote: handle errors in print_logo
|
2022-11-25 18:14:58 +01:00 |
Julian Stecklina
|
6bc66052c2
|
lanzaboote: add EmbeddedConfiguration docs
|
2022-11-25 18:14:58 +01:00 |
Julian Stecklina
|
a9edb1488e
|
lanzaboote: fix logo
Someone forget the E in the name.
|
2022-11-25 18:14:58 +01:00 |
nikstur
|
53c4e03619
|
merge this shit
|
2022-11-25 18:10:21 +01:00 |
Ryan Lahfa
|
eda254b6cd
|
nixpkgs: integrate the whole thing (#7)
* nixos: add a lanzaboote module
* nixos: add a lanzaboote module
- Wire up things with Bootspec & External bootloaders
- Introduce SecureBoot keys
* nixos: actually enable sb
* nixos: disable it and adapt it
* lanzatool: fix init
* nixos: secureboot reached
* nixos: enrollment is optional
Co-authored-by: nikstur@outlook.com
|
2022-11-25 17:59:15 +01:00 |
nikstur
|
3a093d85ab
|
lanzatool: set permissons for all files in esp to 755
|
2022-11-25 17:47:24 +01:00 |
nikstur
|
91b8cb02e4
|
flake.nix: use nixosTest instead of importing file
|
2022-11-25 17:39:01 +01:00 |
nikstur
|
7685ba088b
|
lanzatool: reuse code for signer
|
2022-11-25 15:46:33 +01:00 |
nikstur
|
c0391ce8d7
|
lanzatool: improve tempfiles and error handling in pe
|
2022-11-25 15:16:05 +01:00 |
nikstur
|
ad3a8ec3e5
|
lanzatool: make --pki-bundle optional
|
2022-11-25 13:08:37 +01:00 |
nikstur
|
cd2ef6181d
|
lanzatool: improve signer code
|
2022-11-25 13:07:04 +01:00 |
Raito Bezarius
|
a99646bb01
|
nixos: enrollment is optional
|
2022-11-25 11:29:56 +01:00 |
Raito Bezarius
|
49519cb289
|
nixos: secureboot reached
|
2022-11-25 03:04:44 +01:00 |
nikstur
|
efbb28dc99
|
lanzatool: fix init
|
2022-11-24 17:14:55 +01:00 |
Raito Bezarius
|
e75d892964
|
nixos: disable it and adapt it
|
2022-11-24 17:09:51 +01:00 |
Raito Bezarius
|
2148cb06ab
|
nixos: actually enable sb
|
2022-11-24 17:07:06 +01:00 |
Raito Bezarius
|
ccdd02bf1c
|
nixos: add a lanzaboote module
- Wire up things with Bootspec & External bootloaders
- Introduce SecureBoot keys
|
2022-11-24 17:07:05 +01:00 |
Raito Bezarius
|
c53477fbf5
|
nixos: add a lanzaboote module
|
2022-11-24 16:59:59 +01:00 |
Ryan Lahfa
|
a089c6fb3d
|
Merge pull request #8 from blitz/lanzatool-fix-cmdline
lanzaboot: include init in cmdline
|
2022-11-24 15:55:21 +00:00 |
nikstur
|
858c0befb3
|
lanzaboot: include init in cmdline
|
2022-11-24 16:51:43 +01:00 |
nikstur
|
aa86ae9e30
|
lanzatool: add cmdline args for keys
|
2022-11-24 14:12:00 +01:00 |
nikstur
|
587e388364
|
lanzatool: improve error handling
|
2022-11-24 13:33:01 +01:00 |
Julian Stecklina
|
1dfa7c7fc8
|
Fix flake name
|
2022-11-24 12:29:16 +01:00 |
Julian Stecklina
|
417122e840
|
Merge remote-tracking branch 'origin/lanzatool-bootspec-funz'
|
2022-11-24 12:28:03 +01:00 |
nikstur
|
d40b9f281c
|
lanzatool: remove v1 key
|
2022-11-24 12:26:32 +01:00 |
Julian Stecklina
|
df716e17d6
|
Add documentation to initrd loader
|
2022-11-24 12:18:23 +01:00 |
Julian Stecklina
|
30b61baf38
|
Add documentation to initrd loader
|
2022-11-24 12:11:17 +01:00 |
Julian Stecklina
|
521bf343f5
|
Use makeWrapper to wrap lanzatool
|
2022-11-24 12:05:46 +01:00 |
Julian Stecklina
|
7245142c55
|
Merge remote-tracking branch 'origin/lanzatool-wrapper'
|
2022-11-24 11:46:37 +01:00 |
nikstur
|
b555c18e83
|
lanzatool: add wrapper
|
2022-11-24 11:45:09 +01:00 |
Julian Stecklina
|
15b966627a
|
docs: add more overview information
|
2022-11-24 11:41:35 +01:00 |
Julian Stecklina
|
babb064636
|
Fix license badge (harder)
|
2022-11-24 11:21:17 +01:00 |
Julian Stecklina
|
100504e370
|
Fix license badge
|
2022-11-24 11:20:50 +01:00 |
Julian Stecklina
|
051f116b71
|
doc: added small README
|
2022-11-24 11:19:30 +01:00 |
nikstur
|
3e7f5fa625
|
lanzatool: implement copying sdboot to esp
|
2022-11-24 11:10:19 +01:00 |
nikstur
|
73b1f7e2b5
|
lanzatool: readd efi relative file paths
|
2022-11-23 20:54:13 +01:00 |
nikstur
|
46f1e84a9d
|
lanzatool: init wrapping initrd
|
2022-11-23 20:48:49 +01:00 |
nikstur
|
a65998945d
|
lanzatool: implement relative esp paths
|
2022-11-23 18:15:32 +01:00 |
Julian Stecklina
|
dcca50d14f
|
Refactor embedded config extraction
|
2022-11-23 17:57:43 +01:00 |
Julian Stecklina
|
fa331d8b98
|
Fix section extraction
|
2022-11-23 17:57:23 +01:00 |
nikstur
|
24803a04a2
|
lanzatool: copy image to esp output dir
|
2022-11-23 17:26:56 +01:00 |