lanzaboote

Commit Graph

Author	SHA1	Message	Date
Julian Stecklina	9c128e9ef6	stub: do not read loaded image again from ESP ... because this might not work, if we were not loaded from a file system. It also removes the issue where we might not load the signed image that was actually loaded. Fixes #123	2023-03-15 00:36:50 +01:00
Alois Wohlschlager	081714cab9	Pass the built-in cmdline to the kernel Do not pass our own cmdline on to the kernel. It may have been set by a malicious boot loader specification entry, and could instruct the kernel to load an arbitrary unprotected initrd (or perform some other fun stuff). Instead, always pass the command line built into the UKI, which is properly authenticated.	2023-01-31 18:32:13 +01:00
nikstur	2fce3c0802	treewde: simplify subproject directory names This commit only moves the directories instead of chaning any names inside files.	2023-01-17 21:31:14 +01:00

Author

SHA1

Message

Date

Julian Stecklina

9c128e9ef6

stub: do not read loaded image again from ESP

... because this might not work, if we were not loaded from a file
system. It also removes the issue where we might not load the signed
image that was actually loaded.

Fixes #123

2023-03-15 00:36:50 +01:00

Alois Wohlschlager

081714cab9

Pass the built-in cmdline to the kernel

Do not pass our own cmdline on to the kernel. It may have been set by a
malicious boot loader specification entry, and could instruct the
kernel to load an arbitrary unprotected initrd (or perform some other
fun stuff). Instead, always pass the command line built into the UKI,
which is properly authenticated.

2023-01-31 18:32:13 +01:00

nikstur

2fce3c0802

treewde: simplify subproject directory names

This commit only moves the directories instead of chaning any names
inside files.

2023-01-17 21:31:14 +01:00

3 Commits