diff options
author | tpearson@raptorengineering.com <tpearson@raptorengineering.com> | 2016-08-18 04:45:47 -0500 |
---|---|---|
committer | Samuel Mendoza-Jonas <sam@mendozajonas.com> | 2016-08-26 13:23:01 +1000 |
commit | 86c9d34380b0074dab1ba89a569a94280d6999c4 (patch) | |
tree | 22cf0cccbd4022d150e231adcb360b3bcf528cda /lib/pb-protocol | |
parent | 5496eee36f70631ae45403f90ed7b4dc143f27c0 (diff) | |
download | talos-petitboot-86c9d34380b0074dab1ba89a569a94280d6999c4.tar.gz talos-petitboot-86c9d34380b0074dab1ba89a569a94280d6999c4.zip |
Add support for GPG signature enforcement on booted
kernels and related blobs
This can be used to implement a form of organization-controlled secure boot,
whereby kernels may be loaded from a variety of sources but they will only
boot if a valid signature file is found for each component, and only if the
signature is listed in the /etc/pb-lockdown file.
Signed-off-by: Timothy Pearson <tpearson@raptorengineering.com>
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
(Minor build fixes and gpgme.m4, comment on secure boot in gpg.c)
Diffstat (limited to 'lib/pb-protocol')
-rw-r--r-- | lib/pb-protocol/pb-protocol.c | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/lib/pb-protocol/pb-protocol.c b/lib/pb-protocol/pb-protocol.c index 7887fb0..1560ef7 100644 --- a/lib/pb-protocol/pb-protocol.c +++ b/lib/pb-protocol/pb-protocol.c @@ -37,6 +37,7 @@ * 4-byte len, initrd_file * 4-byte len, dtb_file * 4-byte len, boot_args + * 4-byte len, args_sig_file * * action = 0x2: device remove message * payload: @@ -49,6 +50,7 @@ * 4-byte len, initrd_file * 4-byte len, dtb_file * 4-byte len, boot_args + * 4-byte len, args_sig_file * */ @@ -72,6 +74,7 @@ void pb_protocol_dump_device(const struct device *dev, const char *text, fprintf(stream, "%s\t\tinit: %s\n", text, opt->initrd_file); fprintf(stream, "%s\t\tdtb: %s\n", text, opt->dtb_file); fprintf(stream, "%s\t\targs: %s\n", text, opt->boot_args); + fprintf(stream, "%s\t\tasig: %s\n", text, opt->args_sig_file); } } @@ -197,6 +200,7 @@ int pb_protocol_boot_option_len(const struct boot_option *opt) 4 + optional_strlen(opt->initrd_file) + 4 + optional_strlen(opt->dtb_file) + 4 + optional_strlen(opt->boot_args) + + 4 + optional_strlen(opt->args_sig_file) + sizeof(opt->is_default); } @@ -207,6 +211,7 @@ int pb_protocol_boot_len(const struct boot_command *boot) 4 + optional_strlen(boot->initrd_file) + 4 + optional_strlen(boot->dtb_file) + 4 + optional_strlen(boot->boot_args) + + 4 + optional_strlen(boot->args_sig_file) + 4 + optional_strlen(boot->tty); } @@ -360,6 +365,7 @@ int pb_protocol_serialise_boot_option(const struct boot_option *opt, pos += pb_protocol_serialise_string(pos, opt->initrd_file); pos += pb_protocol_serialise_string(pos, opt->dtb_file); pos += pb_protocol_serialise_string(pos, opt->boot_args); + pos += pb_protocol_serialise_string(pos, opt->args_sig_file); *(bool *)pos = opt->is_default; pos += sizeof(bool); @@ -380,6 +386,7 @@ int pb_protocol_serialise_boot_command(const struct boot_command *boot, pos += pb_protocol_serialise_string(pos, boot->initrd_file); pos += pb_protocol_serialise_string(pos, boot->dtb_file); pos += pb_protocol_serialise_string(pos, boot->boot_args); + pos += pb_protocol_serialise_string(pos, boot->args_sig_file); pos += pb_protocol_serialise_string(pos, boot->tty); assert(pos <= buf + buf_len); @@ -750,6 +757,9 @@ int pb_protocol_deserialise_boot_option(struct boot_option *opt, if (read_string(opt, &pos, &len, &opt->boot_args)) goto out; + if (read_string(opt, &pos, &len, &opt->args_sig_file)) + goto out; + if (len < sizeof(bool)) goto out; opt->is_default = *(bool *)(pos); @@ -785,6 +795,9 @@ int pb_protocol_deserialise_boot_command(struct boot_command *cmd, if (read_string(cmd, &pos, &len, &cmd->boot_args)) goto out; + if (read_string(cmd, &pos, &len, &cmd->args_sig_file)) + goto out; + if (read_string(cmd, &pos, &len, &cmd->tty)) goto out; |