talos-petitboot/lib/file, branch master Blackbird™ petitboot sources https://git.raptorcs.com/git/talos-petitboot/atom?h=master 2018-08-07T01:30:36+00:00 lib/log: Switch to pb_log_fn 2018-08-07T01:30:36+00:00 Geoff Levand geoff@infradead.org 2018-08-02T17:29:34+00:00 urn:sha1:c78f9ec47ba92b74698dacdae963dbbefd9b676f The only functional change should be an additional '/n' to a few log messagees that seemed to be missing it. Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com> lib/file: remove mkstemp umask in copy_file_secure_dest 2018-05-04T00:26:59+00:00 Brett Grandbois brett.grandbois@opengear.com 2018-05-03T06:02:04+00:00 urn:sha1:17d9d54a46beab44db751b9bcf7f289b9bf101cf mkstemp will generate the temp file with permissions 0600 so the umask(0644) is causing the file to have permissions of 0000, making signature files unreadable Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com> lib/file: Avoid off-by-one error in array 2018-03-23T00:39:35+00:00 Samuel Mendoza-Jonas sam@mendozajonas.com 2018-03-19T23:03:19+00:00 urn:sha1:abf92c05c31955333719f1a83cffb0d0d194c770 Fixes Coverity defect CIDs 143606, 143610 Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com> lib/file: Fix errors found by Coverity scan 2016-10-11T03:39:38+00:00 Samuel Mendoza-Jonas sam@mendozajonas.com 2016-09-07T05:36:40+00:00 urn:sha1:de2f990a98718d15bff074b9ae65f2eb92a2f938 Fix several errors in copy_file_secure_dest() found by Coverity and some minor formatting issues: 143603: Correctly handle mkstemp() return value 143605: Avoid accessing dest_filename[-1] on readlink() error 143606, 143610: Avoid accessing dest_filename[sizeof(dest_filename)] 143607: Fix incorrectly passing sizeof(pointer) to fread() 143608, 143611: Cleanup resources on early exit 143609: Explicitly set umask before calling mkstemp() Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com> Add support for GPG signature enforcement on booted 2016-08-26T03:23:01+00:00 tpearson@raptorengineering.com tpearson@raptorengineering.com 2016-08-18T09:45:47+00:00 urn:sha1:86c9d34380b0074dab1ba89a569a94280d6999c4 kernels and related blobs This can be used to implement a form of organization-controlled secure boot, whereby kernels may be loaded from a variety of sources but they will only boot if a valid signature file is found for each component, and only if the signature is listed in the /etc/pb-lockdown file. Signed-off-by: Timothy Pearson <tpearson@raptorengineering.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com> (Minor build fixes and gpgme.m4, comment on secure boot in gpg.c) lib: Move generic file-handling code to lib/ 2014-08-05T02:49:30+00:00 Jeremy Kerr jk@ozlabs.org 2014-07-23T05:47:32+00:00 urn:sha1:052961eb2e8279f103c091e850c317da335c0207 Signed-off-by: Jeremy Kerr <jk@ozlabs.org>