nikstur
|
cd2ef6181d
|
lanzatool: improve signer code
|
2022-11-25 13:07:04 +01:00 |
Raito Bezarius
|
a99646bb01
|
nixos: enrollment is optional
|
2022-11-25 11:29:56 +01:00 |
Raito Bezarius
|
49519cb289
|
nixos: secureboot reached
|
2022-11-25 03:04:44 +01:00 |
nikstur
|
efbb28dc99
|
lanzatool: fix init
|
2022-11-24 17:14:55 +01:00 |
Raito Bezarius
|
e75d892964
|
nixos: disable it and adapt it
|
2022-11-24 17:09:51 +01:00 |
Raito Bezarius
|
2148cb06ab
|
nixos: actually enable sb
|
2022-11-24 17:07:06 +01:00 |
Raito Bezarius
|
ccdd02bf1c
|
nixos: add a lanzaboote module
- Wire up things with Bootspec & External bootloaders
- Introduce SecureBoot keys
|
2022-11-24 17:07:05 +01:00 |
Raito Bezarius
|
c53477fbf5
|
nixos: add a lanzaboote module
|
2022-11-24 16:59:59 +01:00 |
Ryan Lahfa
|
a089c6fb3d
|
Merge pull request #8 from blitz/lanzatool-fix-cmdline
lanzaboot: include init in cmdline
|
2022-11-24 15:55:21 +00:00 |
nikstur
|
858c0befb3
|
lanzaboot: include init in cmdline
|
2022-11-24 16:51:43 +01:00 |
nikstur
|
aa86ae9e30
|
lanzatool: add cmdline args for keys
|
2022-11-24 14:12:00 +01:00 |
nikstur
|
587e388364
|
lanzatool: improve error handling
|
2022-11-24 13:33:01 +01:00 |
Julian Stecklina
|
1dfa7c7fc8
|
Fix flake name
|
2022-11-24 12:29:16 +01:00 |
Julian Stecklina
|
417122e840
|
Merge remote-tracking branch 'origin/lanzatool-bootspec-funz'
|
2022-11-24 12:28:03 +01:00 |
nikstur
|
d40b9f281c
|
lanzatool: remove v1 key
|
2022-11-24 12:26:32 +01:00 |
Julian Stecklina
|
df716e17d6
|
Add documentation to initrd loader
|
2022-11-24 12:18:23 +01:00 |
Julian Stecklina
|
30b61baf38
|
Add documentation to initrd loader
|
2022-11-24 12:11:17 +01:00 |
Julian Stecklina
|
521bf343f5
|
Use makeWrapper to wrap lanzatool
|
2022-11-24 12:05:46 +01:00 |
Julian Stecklina
|
7245142c55
|
Merge remote-tracking branch 'origin/lanzatool-wrapper'
|
2022-11-24 11:46:37 +01:00 |
nikstur
|
b555c18e83
|
lanzatool: add wrapper
|
2022-11-24 11:45:09 +01:00 |
Julian Stecklina
|
15b966627a
|
docs: add more overview information
|
2022-11-24 11:41:35 +01:00 |
Julian Stecklina
|
babb064636
|
Fix license badge (harder)
|
2022-11-24 11:21:17 +01:00 |
Julian Stecklina
|
100504e370
|
Fix license badge
|
2022-11-24 11:20:50 +01:00 |
Julian Stecklina
|
051f116b71
|
doc: added small README
|
2022-11-24 11:19:30 +01:00 |
nikstur
|
3e7f5fa625
|
lanzatool: implement copying sdboot to esp
|
2022-11-24 11:10:19 +01:00 |
nikstur
|
73b1f7e2b5
|
lanzatool: readd efi relative file paths
|
2022-11-23 20:54:13 +01:00 |
nikstur
|
46f1e84a9d
|
lanzatool: init wrapping initrd
|
2022-11-23 20:48:49 +01:00 |
nikstur
|
a65998945d
|
lanzatool: implement relative esp paths
|
2022-11-23 18:15:32 +01:00 |
Julian Stecklina
|
dcca50d14f
|
Refactor embedded config extraction
|
2022-11-23 17:57:43 +01:00 |
Julian Stecklina
|
fa331d8b98
|
Fix section extraction
|
2022-11-23 17:57:23 +01:00 |
nikstur
|
24803a04a2
|
lanzatool: copy image to esp output dir
|
2022-11-23 17:26:56 +01:00 |
nikstur
|
5dbb8e7452
|
lanzatool: detrashify
|
2022-11-23 17:16:08 +01:00 |
Julian Stecklina
|
de451fa5af
|
Merge remote-tracking branch 'origin/lanzatool-install'
|
2022-11-23 15:49:38 +01:00 |
nikstur
|
c4734d11fc
|
lanzatool.crypto: remove
|
2022-11-23 15:49:02 +01:00 |
Julian Stecklina
|
4dab5f7b8f
|
Extract Linux kernel and initrd filenames from PE binary
|
2022-11-23 15:46:25 +01:00 |
Julian Stecklina
|
788a112050
|
Merge pull request #6 from blitz/lanzatool-install
lanzatool.install: init
|
2022-11-23 15:46:12 +01:00 |
nikstur
|
27044f6bdf
|
lanzatool.crypto: remove
|
2022-11-23 15:44:19 +01:00 |
Julian Stecklina
|
10e516c148
|
Merge pull request #5 from blitz/magic-mk-shell
flake.nix: automagically use deps in shell with inputsFrom
|
2022-11-23 15:41:04 +01:00 |
nikstur
|
4356d342a2
|
lanzatool.install: init
|
2022-11-23 15:26:26 +01:00 |
Julian Stecklina
|
1ca83c25d5
|
Remove some unwraps
|
2022-11-23 14:11:54 +01:00 |
Julian Stecklina
|
8559bf664e
|
Add a disclaimer about the current security status
|
2022-11-23 14:11:24 +01:00 |
Julian Stecklina
|
fe3d4015ba
|
Perform load_image on initrd to hopefully verify signatures
|
2022-11-23 14:03:53 +01:00 |
Julian Stecklina
|
568fe1d499
|
Unwrap initrd from PE image for Linux
|
2022-11-23 13:51:07 +01:00 |
Julian Stecklina
|
60b269b69c
|
Add a script to wrap an initrd into an EFI application
|
2022-11-23 13:11:22 +01:00 |
Julian Stecklina
|
dea1ab9798
|
Fix initrd-stub build
|
2022-11-23 13:05:19 +01:00 |
Julian Stecklina
|
9567fa7f0e
|
Build tiny empty PE image as initrd carrier
|
2022-11-23 13:00:55 +01:00 |
Julian Stecklina
|
e6953037e7
|
Fix clippy warnings
|
2022-11-23 12:13:45 +01:00 |
Julian Stecklina
|
5a6c05cf11
|
Pass on command line from UKI to Linux kernel
|
2022-11-23 12:11:20 +01:00 |
Julian Stecklina
|
8f2f11aa1b
|
Move loaded_image implementation to helpers module
|
2022-11-23 11:29:40 +01:00 |
Julian Stecklina
|
8f58633d84
|
Remove unsafe LoadedImage protocol invocation
|
2022-11-23 11:20:51 +01:00 |