247afb33a2
tool: make systemd version parsing robust
...
To make handling systemd versions more robust, they are parsed into a
u32 tuple instead of an f32. Additionally, some unit tests for correct
parsing and comparing of versions are added.
2023-01-26 21:30:44 +01:00
cc169689f3
tool: smarter systemd-boot install
...
The process of installing systemd-boot is "smarter" because it now
considers a a few conditions instead of doing nothing if there is a file
at the deistination path. systemd-boot is now forcibly installed (i.e.
overwriting any file at the destination) if (1) there is no file at the
destination, OR (2) a newer version of systemd-boot is available, OR (3)
the signature of the file at the destination could not be verified.
2023-01-25 22:21:14 +01:00
db75203e31
tool: split esp paths
...
To access paths on the ESP before or after installing generations, split
EspPaths into general EspPaths that only depend on the path to the ESP
and EspGenerationPaths which additionally depend on generation specific
information (e.g. version number and initrd filename).
2023-01-25 00:24:40 +01:00
6e452b50df
tool: add SecureTempDirExt
...
Add an extension to TempDir that allows to create secure tempfiles. This
way, everything related to creating secure tempfiles is bundled in a
single place and can easily be reused.
2023-01-21 16:26:17 +01:00
dd499f6642
treewide: fix typos
2023-01-21 10:27:34 +01:00
5bb33f3389
treewide: simplify subproject names
...
Lanzatool is renamed to 'tool' and lanzaboote is renamed to 'stub'.
The name of the lanzatool binary is now 'lzbt' standing for
LanZaBooteTool.
2023-01-17 21:31:14 +01:00
2fce3c0802
treewde: simplify subproject directory names
...
This commit only moves the directories instead of chaning any names
inside files.
2023-01-17 21:31:14 +01:00
3db39f403b
treewide: blake3 -> sha256
...
Using the sha2 crate instead of blake3 decreases the binary size of the
stub by around 50%.
2023-01-14 02:31:54 +01:00
7f235ce004
lanzatool: spell specialised consistently
2023-01-06 23:20:31 +01:00
4f44cb70a2
lanzatool: generate custom os-release
2023-01-06 21:27:51 +01:00
b6eb6c1e52
lanzatool: keep unrelated files when running gc
2023-01-04 22:29:09 +01:00
c4e5ec7008
lanzatool: add more assertions to gc integration test
2023-01-04 01:23:13 +01:00
7afbc43195
Merge pull request #43 from nix-community/some-more-lanzatool-refactoring
...
lanzatool: some more refactoring
2023-01-02 00:41:13 +01:00
1e632c0d1d
lanzatool: add context to sbsing output failure
2023-01-02 00:34:01 +01:00
b592d92744
lanzatool: don't open file to read metadata
2023-01-02 00:34:01 +01:00
1c0438a003
lanzatool: simplify uefi path code
2023-01-02 00:33:59 +01:00
d3a96b1c3c
lanzatool: intgeration test infrastrucutre + gc tests
2023-01-02 00:05:32 +01:00
676786f811
lanzatool: add rand dev dependency
2023-01-02 00:05:21 +01:00
3c7c8340eb
lanzatool: add assert_cmd dev dependency
2023-01-02 00:05:21 +01:00
9daf9ae0a8
lanzatool: implement configuration limit
2023-01-02 00:05:17 +01:00
4a8cfa7f7f
lanzatool: add walkdir dependency
2022-12-31 02:10:36 +01:00
0a58b290e2
lanzatool: clean up parse_version and add simple test
2022-12-30 23:43:19 +01:00
463d9496bf
lanzatool: write sbsign output to stdout
2022-12-30 23:43:19 +01:00
d4c5af23fe
lanzatool: improve error msg for file_size
2022-12-30 23:43:19 +01:00
a341baa09a
lanzatool: simplify nixos_path and add unit test
2022-12-30 23:43:18 +01:00
781651b9e0
lanzatool: improve esp_relative_path_string error msg
2022-12-30 21:11:07 +01:00
f6ae373500
lanzatool: apply rustfmt to install.rs
2022-12-28 23:59:23 +01:00
f07618b64c
lanzatool: remove unused utils module
2022-12-28 23:59:23 +01:00
b762de9fec
lanzatool: remove Path -> String conversions in signature module
2022-12-28 23:59:23 +01:00
74afcb1eea
lanzatool: remove Path -> String conversion from pe module
...
... by using OsString, which can handle broken UTF-8 in file
names.
2022-12-28 23:59:23 +01:00
0ad20b0d5a
lanzatool: ignore malformed generations
2022-12-26 02:47:28 +01:00
65f3c67357
lanzatool: appease clippy by removing borrow
2022-12-25 18:05:07 +01:00
6e66c5f0ed
Cargo.toml: update bootspec to upstream
2022-12-25 18:05:07 +01:00
e3f6029643
nixos/lanzaboote: use upstream bootspec for extension generation
2022-12-25 18:05:07 +01:00
92e7e4f49a
lanzatool(bootspec): introduce DetSys's bootspec library
2022-12-18 00:29:49 +01:00
614131d648
lanzatool: remove placeholder code for auto enrolling uefi keys
2022-12-10 18:11:23 +01:00
49a8ae8aec
lanzatool: skip existing files in esp
2022-12-03 19:05:12 +01:00
85b111aa17
initrd-stub: drop unused stub
...
This is not useful anymore, because we don't need to wrap the initrd
anymore.
2022-11-30 09:25:17 +01:00
401c3b8c1c
lanzatool, lanzaboote: don't wrap initrd as PE
...
... because we check its integrity using the embedded blake3 hash. So
there is no need for the LoadImage hack anymore.
2022-11-30 09:23:42 +01:00
1739ffde26
lanzaboote: verify hash of kernel and initrd
2022-11-30 09:22:14 +01:00
7a15bba50b
lanzaboote: load kernel and initrd into memory only once
2022-11-30 09:22:14 +01:00
d754a87d5c
lanzaboote: cleanup kernel/initrd opening
2022-11-30 09:22:14 +01:00
3f78939d0a
lanzatool: embed kernel and initrd hashes
2022-11-30 09:22:14 +01:00
ba119d398f
lanzatool: add function documentation
2022-11-30 09:22:14 +01:00
7926ab9e5e
lanzaboote: fix clippy issues
2022-11-28 13:38:01 +01:00
0a638970e7
lanzatool: enable specialisation
2022-11-27 12:01:53 +01:00
98cf9e0978
lanzatool: improve --help output
2022-11-27 00:12:00 +01:00
fffa7d6bfa
lanzatool: appease clippy
2022-11-26 23:19:08 +01:00
0a96623461
lanzatool: bootspec from generation
...
The bootspec is now read from each generation so that more than one
entry can be generated when calling install
2022-11-26 22:27:44 +01:00
967f78d374
lanzatool: hide sbsign output on happy path
2022-11-26 15:34:48 +01:00
nikstur