Commit Graph

74 Commits

Author SHA1 Message Date
Ryan Lahfa eda254b6cd nixpkgs: integrate the whole thing (#7)
* nixos: add a lanzaboote module

* nixos: add a lanzaboote module

- Wire up things with Bootspec & External bootloaders
- Introduce SecureBoot keys

* nixos: actually enable sb

* nixos: disable it and adapt it

* lanzatool: fix init

* nixos: secureboot reached

* nixos: enrollment is optional

Co-authored-by: nikstur@outlook.com
2022-11-25 17:59:15 +01:00
Ryan Lahfa a089c6fb3d Merge pull request #8 from blitz/lanzatool-fix-cmdline
lanzaboot: include init in cmdline
2022-11-24 15:55:21 +00:00
nikstur 858c0befb3 lanzaboot: include init in cmdline 2022-11-24 16:51:43 +01:00
nikstur aa86ae9e30 lanzatool: add cmdline args for keys 2022-11-24 14:12:00 +01:00
nikstur 587e388364 lanzatool: improve error handling 2022-11-24 13:33:01 +01:00
Julian Stecklina 1dfa7c7fc8 Fix flake name 2022-11-24 12:29:16 +01:00
Julian Stecklina 417122e840 Merge remote-tracking branch 'origin/lanzatool-bootspec-funz' 2022-11-24 12:28:03 +01:00
nikstur d40b9f281c lanzatool: remove v1 key 2022-11-24 12:26:32 +01:00
Julian Stecklina df716e17d6 Add documentation to initrd loader 2022-11-24 12:18:23 +01:00
Julian Stecklina 30b61baf38 Add documentation to initrd loader 2022-11-24 12:11:17 +01:00
Julian Stecklina 521bf343f5 Use makeWrapper to wrap lanzatool 2022-11-24 12:05:46 +01:00
Julian Stecklina 7245142c55 Merge remote-tracking branch 'origin/lanzatool-wrapper' 2022-11-24 11:46:37 +01:00
nikstur b555c18e83 lanzatool: add wrapper 2022-11-24 11:45:09 +01:00
Julian Stecklina 15b966627a docs: add more overview information 2022-11-24 11:41:35 +01:00
Julian Stecklina babb064636 Fix license badge (harder) 2022-11-24 11:21:17 +01:00
Julian Stecklina 100504e370 Fix license badge 2022-11-24 11:20:50 +01:00
Julian Stecklina 051f116b71 doc: added small README 2022-11-24 11:19:30 +01:00
nikstur 3e7f5fa625 lanzatool: implement copying sdboot to esp 2022-11-24 11:10:19 +01:00
nikstur 73b1f7e2b5 lanzatool: readd efi relative file paths 2022-11-23 20:54:13 +01:00
nikstur 46f1e84a9d lanzatool: init wrapping initrd 2022-11-23 20:48:49 +01:00
nikstur a65998945d lanzatool: implement relative esp paths 2022-11-23 18:15:32 +01:00
Julian Stecklina dcca50d14f Refactor embedded config extraction 2022-11-23 17:57:43 +01:00
Julian Stecklina fa331d8b98 Fix section extraction 2022-11-23 17:57:23 +01:00
nikstur 24803a04a2 lanzatool: copy image to esp output dir 2022-11-23 17:26:56 +01:00
nikstur 5dbb8e7452 lanzatool: detrashify 2022-11-23 17:16:08 +01:00
Julian Stecklina de451fa5af Merge remote-tracking branch 'origin/lanzatool-install' 2022-11-23 15:49:38 +01:00
nikstur c4734d11fc lanzatool.crypto: remove 2022-11-23 15:49:02 +01:00
Julian Stecklina 4dab5f7b8f Extract Linux kernel and initrd filenames from PE binary 2022-11-23 15:46:25 +01:00
Julian Stecklina 788a112050 Merge pull request #6 from blitz/lanzatool-install
lanzatool.install: init
2022-11-23 15:46:12 +01:00
nikstur 27044f6bdf lanzatool.crypto: remove 2022-11-23 15:44:19 +01:00
Julian Stecklina 10e516c148 Merge pull request #5 from blitz/magic-mk-shell
flake.nix: automagically use deps in shell with inputsFrom
2022-11-23 15:41:04 +01:00
nikstur 4356d342a2 lanzatool.install: init 2022-11-23 15:26:26 +01:00
Julian Stecklina 1ca83c25d5 Remove some unwraps 2022-11-23 14:11:54 +01:00
Julian Stecklina 8559bf664e Add a disclaimer about the current security status 2022-11-23 14:11:24 +01:00
Julian Stecklina fe3d4015ba Perform load_image on initrd to hopefully verify signatures 2022-11-23 14:03:53 +01:00
Julian Stecklina 568fe1d499 Unwrap initrd from PE image for Linux 2022-11-23 13:51:07 +01:00
Julian Stecklina 60b269b69c Add a script to wrap an initrd into an EFI application 2022-11-23 13:11:22 +01:00
Julian Stecklina dea1ab9798 Fix initrd-stub build 2022-11-23 13:05:19 +01:00
Julian Stecklina 9567fa7f0e Build tiny empty PE image as initrd carrier 2022-11-23 13:00:55 +01:00
Julian Stecklina e6953037e7 Fix clippy warnings 2022-11-23 12:13:45 +01:00
Julian Stecklina 5a6c05cf11 Pass on command line from UKI to Linux kernel 2022-11-23 12:11:20 +01:00
Julian Stecklina 8f2f11aa1b Move loaded_image implementation to helpers module 2022-11-23 11:29:40 +01:00
Julian Stecklina 8f58633d84 Remove unsafe LoadedImage protocol invocation 2022-11-23 11:20:51 +01:00
Julian Stecklina 5b414bd20b Remove stable Rust toolchain for now 2022-11-23 00:58:52 +01:00
Julian Stecklina 5e7bdfd5b5 Pass initrd to Linux 2022-11-23 00:53:00 +01:00
Julian Stecklina ee861e2fc0 Install initrd loading protocol 2022-11-23 00:53:00 +01:00
nikstur 4a90c19892 flake.nix: automagically use deps in shell with inputsFrom 2022-11-23 00:26:00 +01:00
Julian Stecklina cfff037390 Merge pull request #4 from blitz/fix-gitignore
.gitignore.nix: block result* in subdirectories too
2022-11-23 00:22:39 +01:00
nikstur 76019b2f9c .gitignore.nix: block result* in subdirectories too 2022-11-23 00:20:27 +01:00
Julian Stecklina 23d8929546 Create uefi helpers module 2022-11-22 16:24:09 +01:00