nikstur
|
53c4e03619
|
merge this shit
|
2022-11-25 18:10:21 +01:00 |
Ryan Lahfa
|
eda254b6cd
|
nixpkgs: integrate the whole thing (#7)
* nixos: add a lanzaboote module
* nixos: add a lanzaboote module
- Wire up things with Bootspec & External bootloaders
- Introduce SecureBoot keys
* nixos: actually enable sb
* nixos: disable it and adapt it
* lanzatool: fix init
* nixos: secureboot reached
* nixos: enrollment is optional
Co-authored-by: nikstur@outlook.com
|
2022-11-25 17:59:15 +01:00 |
nikstur
|
3a093d85ab
|
lanzatool: set permissons for all files in esp to 755
|
2022-11-25 17:47:24 +01:00 |
nikstur
|
91b8cb02e4
|
flake.nix: use nixosTest instead of importing file
|
2022-11-25 17:39:01 +01:00 |
nikstur
|
7685ba088b
|
lanzatool: reuse code for signer
|
2022-11-25 15:46:33 +01:00 |
nikstur
|
c0391ce8d7
|
lanzatool: improve tempfiles and error handling in pe
|
2022-11-25 15:16:05 +01:00 |
nikstur
|
ad3a8ec3e5
|
lanzatool: make --pki-bundle optional
|
2022-11-25 13:08:37 +01:00 |
nikstur
|
cd2ef6181d
|
lanzatool: improve signer code
|
2022-11-25 13:07:04 +01:00 |
Raito Bezarius
|
a99646bb01
|
nixos: enrollment is optional
|
2022-11-25 11:29:56 +01:00 |
Raito Bezarius
|
49519cb289
|
nixos: secureboot reached
|
2022-11-25 03:04:44 +01:00 |
nikstur
|
efbb28dc99
|
lanzatool: fix init
|
2022-11-24 17:14:55 +01:00 |
Raito Bezarius
|
e75d892964
|
nixos: disable it and adapt it
|
2022-11-24 17:09:51 +01:00 |
Raito Bezarius
|
2148cb06ab
|
nixos: actually enable sb
|
2022-11-24 17:07:06 +01:00 |
Raito Bezarius
|
ccdd02bf1c
|
nixos: add a lanzaboote module
- Wire up things with Bootspec & External bootloaders
- Introduce SecureBoot keys
|
2022-11-24 17:07:05 +01:00 |
Raito Bezarius
|
c53477fbf5
|
nixos: add a lanzaboote module
|
2022-11-24 16:59:59 +01:00 |
Ryan Lahfa
|
a089c6fb3d
|
Merge pull request #8 from blitz/lanzatool-fix-cmdline
lanzaboot: include init in cmdline
|
2022-11-24 15:55:21 +00:00 |
nikstur
|
858c0befb3
|
lanzaboot: include init in cmdline
|
2022-11-24 16:51:43 +01:00 |
nikstur
|
aa86ae9e30
|
lanzatool: add cmdline args for keys
|
2022-11-24 14:12:00 +01:00 |
nikstur
|
587e388364
|
lanzatool: improve error handling
|
2022-11-24 13:33:01 +01:00 |
Julian Stecklina
|
1dfa7c7fc8
|
Fix flake name
|
2022-11-24 12:29:16 +01:00 |
Julian Stecklina
|
417122e840
|
Merge remote-tracking branch 'origin/lanzatool-bootspec-funz'
|
2022-11-24 12:28:03 +01:00 |
nikstur
|
d40b9f281c
|
lanzatool: remove v1 key
|
2022-11-24 12:26:32 +01:00 |
Julian Stecklina
|
df716e17d6
|
Add documentation to initrd loader
|
2022-11-24 12:18:23 +01:00 |
Julian Stecklina
|
30b61baf38
|
Add documentation to initrd loader
|
2022-11-24 12:11:17 +01:00 |
Julian Stecklina
|
521bf343f5
|
Use makeWrapper to wrap lanzatool
|
2022-11-24 12:05:46 +01:00 |
Julian Stecklina
|
7245142c55
|
Merge remote-tracking branch 'origin/lanzatool-wrapper'
|
2022-11-24 11:46:37 +01:00 |
nikstur
|
b555c18e83
|
lanzatool: add wrapper
|
2022-11-24 11:45:09 +01:00 |
Julian Stecklina
|
15b966627a
|
docs: add more overview information
|
2022-11-24 11:41:35 +01:00 |
Julian Stecklina
|
babb064636
|
Fix license badge (harder)
|
2022-11-24 11:21:17 +01:00 |
Julian Stecklina
|
100504e370
|
Fix license badge
|
2022-11-24 11:20:50 +01:00 |
Julian Stecklina
|
051f116b71
|
doc: added small README
|
2022-11-24 11:19:30 +01:00 |
nikstur
|
3e7f5fa625
|
lanzatool: implement copying sdboot to esp
|
2022-11-24 11:10:19 +01:00 |
nikstur
|
73b1f7e2b5
|
lanzatool: readd efi relative file paths
|
2022-11-23 20:54:13 +01:00 |
nikstur
|
46f1e84a9d
|
lanzatool: init wrapping initrd
|
2022-11-23 20:48:49 +01:00 |
nikstur
|
a65998945d
|
lanzatool: implement relative esp paths
|
2022-11-23 18:15:32 +01:00 |
Julian Stecklina
|
dcca50d14f
|
Refactor embedded config extraction
|
2022-11-23 17:57:43 +01:00 |
Julian Stecklina
|
fa331d8b98
|
Fix section extraction
|
2022-11-23 17:57:23 +01:00 |
nikstur
|
24803a04a2
|
lanzatool: copy image to esp output dir
|
2022-11-23 17:26:56 +01:00 |
nikstur
|
5dbb8e7452
|
lanzatool: detrashify
|
2022-11-23 17:16:08 +01:00 |
Julian Stecklina
|
de451fa5af
|
Merge remote-tracking branch 'origin/lanzatool-install'
|
2022-11-23 15:49:38 +01:00 |
nikstur
|
c4734d11fc
|
lanzatool.crypto: remove
|
2022-11-23 15:49:02 +01:00 |
Julian Stecklina
|
4dab5f7b8f
|
Extract Linux kernel and initrd filenames from PE binary
|
2022-11-23 15:46:25 +01:00 |
Julian Stecklina
|
788a112050
|
Merge pull request #6 from blitz/lanzatool-install
lanzatool.install: init
|
2022-11-23 15:46:12 +01:00 |
nikstur
|
27044f6bdf
|
lanzatool.crypto: remove
|
2022-11-23 15:44:19 +01:00 |
Julian Stecklina
|
10e516c148
|
Merge pull request #5 from blitz/magic-mk-shell
flake.nix: automagically use deps in shell with inputsFrom
|
2022-11-23 15:41:04 +01:00 |
nikstur
|
4356d342a2
|
lanzatool.install: init
|
2022-11-23 15:26:26 +01:00 |
Julian Stecklina
|
1ca83c25d5
|
Remove some unwraps
|
2022-11-23 14:11:54 +01:00 |
Julian Stecklina
|
8559bf664e
|
Add a disclaimer about the current security status
|
2022-11-23 14:11:24 +01:00 |
Julian Stecklina
|
fe3d4015ba
|
Perform load_image on initrd to hopefully verify signatures
|
2022-11-23 14:03:53 +01:00 |
Julian Stecklina
|
568fe1d499
|
Unwrap initrd from PE image for Linux
|
2022-11-23 13:51:07 +01:00 |