lanzaboote/rust/tool/systemd
Alois Wohlschlager ca070a9eec
tool: make stubs input-addressed
The stubs on the ESP are now input-addressed, where the inputs are the
system toplevel and the public key used for signature. This way, it is
guaranteed that any stub at a given path will boot the desired system,
even in the presence of one of the two edge-cases where it was not
previously guaranteed:
* The latest generation was deleted at one point, and its generation
  number was reused by a different system configuration. This is
  detected because the toplevel will change.
* The secure boot signing key was rotated, so old stubs would not boot
  at all any more. This is detected because the public key will change.

Avoiding these two cases will allow to skip reinstallation of stubs that
are already in place at the correct path.
2023-10-03 22:08:10 +02:00
..
src tool: make stubs input-addressed 2023-10-03 22:08:10 +02:00
tests tool: make stubs input-addressed 2023-10-03 22:08:10 +02:00
Cargo.toml tool: make stubs input-addressed 2023-10-03 22:08:10 +02:00