Blackbird™ petitboot sources https://git.raptorcs.com/git/talos-petitboot/atom?h=master 2020-01-25T03:54:27+00:00 2020-01-25T03:54:27+00:00 Maxiwell S. Garcia maxiwell@linux.ibm.com 2019-09-23T22:30:23+00:00 urn:sha1:3513c7f934d97b1db34c5e4e1ce9c995844764bd Petitboot might run some checks to validate the kernel images before call the kexec load. This patch adds both 'preboot check' option in the config UI screen and a NVRAM variable 'petitboot,preboot-check' to make the user choice persistent. The 'preboot check' is enabled by default. The 'petitboot,preboot-check' is created on NVRAM only when 'preboot check' is disabled by the user. NVRAM property changed to preboot-check, small label changes and help text added by Jeremy Kerr <jk@ozlabs.org>. Signed-off-by: Maxiwell S. Garcia <maxiwell@linux.ibm.com> Signed-off-by: Jeremy Kerr <jk@ozlabs.org> 2020-01-23T01:02:43+00:00 Jeremy Kerr jk@ozlabs.org 2019-11-20T05:09:41+00:00 urn:sha1:aa2d71a84ed6ba693b7dcde213c82c46f334f640 Add state of secure & trusted boot to struct system_info: - fw_measurement: whether the firmware has been measured - fw_enforcing: whether the firmware has been authenticated - os_enforcing: whether the boot payload will be authenticated Signed-off-by: Jeremy Kerr <jk@ozlabs.org> 2020-01-23T01:02:43+00:00 Jeremy Kerr jk@ozlabs.org 2019-11-20T04:32:02+00:00 urn:sha1:b2e5a7b63eb46e3ff268c8f781d8f590d09c6a02 We currently serialise the BMC MAC at the end of a system info message, so update struct system_info to suit. Signed-off-by: Jeremy Kerr <jk@ozlabs.org> 2020-01-23T01:02:43+00:00 Jeremy Kerr jk@ozlabs.org 2019-11-20T04:20:43+00:00 urn:sha1:6ee9cbcb1bd6ef9fbf1a56322e3fe2fa2646159c ... to match the definition of struct system_info. Signed-off-by: Jeremy Kerr <jk@ozlabs.org> 2019-05-30T05:23:15+00:00 Samuel Mendoza-Jonas sam@mendozajonas.com 2019-03-25T06:02:01+00:00 urn:sha1:9e869ebe3a5127575105d82c4d289d95cbed2db9 Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com> 2019-03-05T20:54:10+00:00 Samuel Mendoza-Jonas sam@mendozajonas.com 2019-02-14T23:39:30+00:00 urn:sha1:5f8fa2c151b8f0e568dc4015b7d307250b354a04 Extend the auth_message struct to support the AUTH_MSG_DECRYPT operation, allowing the existing authentications methods to be used for passing a disk password from the UI to pb-discover. In addition add DEVICE_TYPE_LUKS to identify encrypted disk devices. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com> 2019-03-05T20:54:10+00:00 Samuel Mendoza-Jonas sam@mendozajonas.com 2019-02-14T23:39:05+00:00 urn:sha1:ba8144f917f5603e507e9c72aed4ae3257c6b0ce If pipe_stdin exists, create a second pipe to write to the child process's STDIN. This allows Petitboot to pipe information to a process, for example piping a LUKS password to cryptsetup. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com> 2019-03-05T20:54:10+00:00 Samuel Mendoza-Jonas sam@mendozajonas.com 2019-02-14T23:38:19+00:00 urn:sha1:df1a234c15fbe215b0dd0d75c760f47c2dab411f Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com> 2019-02-01T00:07:50+00:00 Samuel Mendoza-Jonas sam@mendozajonas.com 2019-01-17T02:32:24+00:00 urn:sha1:28d0d7035ee3099935ef264db40a86142c098ec5 And include a pxe-parser test which uses a port in the path prefix to exercise this. This could cause PXE discovery failures if parameters such as pathprefix included a port in the URL. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com> 2018-12-13T00:26:17+00:00 Samuel Mendoza-Jonas sam@mendozajonas.com 2018-12-13T00:24:09+00:00 urn:sha1:95ec722a057b3ebb44699af16ea68ca0dffef50e If there is an IPMI boot mailbox configuration present display a message in the System Configuration screen and provide the option to clear the mailbox. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>