Commit Graph

401 Commits

Author SHA1 Message Date
Julian Stecklina 691da44610 nix: rename lanzatoolBin to lanzatool-unwrapped 2022-11-26 02:17:34 +01:00
Julian Stecklina 74b815512c nix: remove qemuUefi wrapper 2022-11-26 02:17:34 +01:00
Julian Stecklina 541275acae nix: drop the stable Rust toolchain from the environment
... otherwise it messes with the unstable one we use for the UEFI
code.
2022-11-26 02:17:28 +01:00
Julian Stecklina 3434433cec Merge pull request #11 from blitz/secure-pe-assembling
lanzatool: perform secure assembling for lanzaboote_image and PE wrapping
2022-11-26 02:14:32 +01:00
Raito Bezarius 9f65f75289 feature: support initrd secrets 2022-11-26 02:01:41 +01:00
Raito Bezarius a3150dca11 lanzatool: perform secure assembling for lanzaboote_image and PE wrapping 2022-11-26 01:24:33 +01:00
Raito Bezarius f6930955a3 lanzatool: sync for every sign operation 2022-11-25 23:58:06 +01:00
nikstur a3ec2cfc15 lanzatool: add error messages 2022-11-25 23:50:11 +01:00
Julian Stecklina c87b2a09dc nix: fix lanzatool integration/merge mixup 2022-11-25 23:46:19 +01:00
Raito Bezarius dec7c06e6b tests: test unsigned initrd/kernel either, plus some machinery for sb tests 2022-11-25 18:42:37 +01:00
Julian Stecklina 3779e81b20 lanzaboote: handle errors in print_logo 2022-11-25 18:14:58 +01:00
Julian Stecklina 6bc66052c2 lanzaboote: add EmbeddedConfiguration docs 2022-11-25 18:14:58 +01:00
Julian Stecklina a9edb1488e lanzaboote: fix logo
Someone forget the E in the name.
2022-11-25 18:14:58 +01:00
nikstur 53c4e03619 merge this shit 2022-11-25 18:10:21 +01:00
Ryan Lahfa eda254b6cd nixpkgs: integrate the whole thing (#7)
* nixos: add a lanzaboote module

* nixos: add a lanzaboote module

- Wire up things with Bootspec & External bootloaders
- Introduce SecureBoot keys

* nixos: actually enable sb

* nixos: disable it and adapt it

* lanzatool: fix init

* nixos: secureboot reached

* nixos: enrollment is optional

Co-authored-by: nikstur@outlook.com
2022-11-25 17:59:15 +01:00
nikstur 3a093d85ab lanzatool: set permissons for all files in esp to 755 2022-11-25 17:47:24 +01:00
nikstur 91b8cb02e4 flake.nix: use nixosTest instead of importing file 2022-11-25 17:39:01 +01:00
nikstur 7685ba088b lanzatool: reuse code for signer 2022-11-25 15:46:33 +01:00
nikstur c0391ce8d7 lanzatool: improve tempfiles and error handling in pe 2022-11-25 15:16:05 +01:00
nikstur ad3a8ec3e5 lanzatool: make --pki-bundle optional 2022-11-25 13:08:37 +01:00
nikstur cd2ef6181d lanzatool: improve signer code 2022-11-25 13:07:04 +01:00
Raito Bezarius a99646bb01 nixos: enrollment is optional 2022-11-25 11:29:56 +01:00
Raito Bezarius 49519cb289 nixos: secureboot reached 2022-11-25 03:04:44 +01:00
nikstur efbb28dc99 lanzatool: fix init 2022-11-24 17:14:55 +01:00
Raito Bezarius e75d892964 nixos: disable it and adapt it 2022-11-24 17:09:51 +01:00
Raito Bezarius 2148cb06ab nixos: actually enable sb 2022-11-24 17:07:06 +01:00
Raito Bezarius ccdd02bf1c nixos: add a lanzaboote module
- Wire up things with Bootspec & External bootloaders
- Introduce SecureBoot keys
2022-11-24 17:07:05 +01:00
Raito Bezarius c53477fbf5 nixos: add a lanzaboote module 2022-11-24 16:59:59 +01:00
Ryan Lahfa a089c6fb3d Merge pull request #8 from blitz/lanzatool-fix-cmdline
lanzaboot: include init in cmdline
2022-11-24 15:55:21 +00:00
nikstur 858c0befb3 lanzaboot: include init in cmdline 2022-11-24 16:51:43 +01:00
nikstur aa86ae9e30 lanzatool: add cmdline args for keys 2022-11-24 14:12:00 +01:00
nikstur 587e388364 lanzatool: improve error handling 2022-11-24 13:33:01 +01:00
Julian Stecklina 1dfa7c7fc8 Fix flake name 2022-11-24 12:29:16 +01:00
Julian Stecklina 417122e840 Merge remote-tracking branch 'origin/lanzatool-bootspec-funz' 2022-11-24 12:28:03 +01:00
nikstur d40b9f281c lanzatool: remove v1 key 2022-11-24 12:26:32 +01:00
Julian Stecklina df716e17d6 Add documentation to initrd loader 2022-11-24 12:18:23 +01:00
Julian Stecklina 30b61baf38 Add documentation to initrd loader 2022-11-24 12:11:17 +01:00
Julian Stecklina 521bf343f5 Use makeWrapper to wrap lanzatool 2022-11-24 12:05:46 +01:00
Julian Stecklina 7245142c55 Merge remote-tracking branch 'origin/lanzatool-wrapper' 2022-11-24 11:46:37 +01:00
nikstur b555c18e83 lanzatool: add wrapper 2022-11-24 11:45:09 +01:00
Julian Stecklina 15b966627a docs: add more overview information 2022-11-24 11:41:35 +01:00
Julian Stecklina babb064636 Fix license badge (harder) 2022-11-24 11:21:17 +01:00
Julian Stecklina 100504e370 Fix license badge 2022-11-24 11:20:50 +01:00
Julian Stecklina 051f116b71 doc: added small README 2022-11-24 11:19:30 +01:00
nikstur 3e7f5fa625 lanzatool: implement copying sdboot to esp 2022-11-24 11:10:19 +01:00
nikstur 73b1f7e2b5 lanzatool: readd efi relative file paths 2022-11-23 20:54:13 +01:00
nikstur 46f1e84a9d lanzatool: init wrapping initrd 2022-11-23 20:48:49 +01:00
nikstur a65998945d lanzatool: implement relative esp paths 2022-11-23 18:15:32 +01:00
Julian Stecklina dcca50d14f Refactor embedded config extraction 2022-11-23 17:57:43 +01:00
Julian Stecklina fa331d8b98 Fix section extraction 2022-11-23 17:57:23 +01:00