summaryrefslogtreecommitdiffstats
path: root/ui
diff options
context:
space:
mode:
authortpearson@raptorengineering.com <tpearson@raptorengineering.com>2016-08-18 04:45:47 -0500
committerSamuel Mendoza-Jonas <sam@mendozajonas.com>2016-08-26 13:23:01 +1000
commit86c9d34380b0074dab1ba89a569a94280d6999c4 (patch)
tree22cf0cccbd4022d150e231adcb360b3bcf528cda /ui
parent5496eee36f70631ae45403f90ed7b4dc143f27c0 (diff)
downloadpetitboot-86c9d34380b0074dab1ba89a569a94280d6999c4.zip
petitboot-86c9d34380b0074dab1ba89a569a94280d6999c4.tar.gz
Add support for GPG signature enforcement on booted
kernels and related blobs This can be used to implement a form of organization-controlled secure boot, whereby kernels may be loaded from a variety of sources but they will only boot if a valid signature file is found for each component, and only if the signature is listed in the /etc/pb-lockdown file. Signed-off-by: Timothy Pearson <tpearson@raptorengineering.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com> (Minor build fixes and gpgme.m4, comment on secure boot in gpg.c)
Diffstat (limited to 'ui')
-rw-r--r--ui/common/discover-client.c1
-rw-r--r--ui/common/discover-client.h1
-rw-r--r--ui/ncurses/nc-boot-editor.c66
-rw-r--r--ui/ncurses/nc-cui.c2
4 files changed, 66 insertions, 4 deletions
diff --git a/ui/common/discover-client.c b/ui/common/discover-client.c
index 6247dd0..5dbd99b 100644
--- a/ui/common/discover-client.c
+++ b/ui/common/discover-client.c
@@ -312,6 +312,7 @@ static void create_boot_command(struct boot_command *command,
command->initrd_file = data->initrd;
command->dtb_file = data->dtb;
command->boot_args = data->args;
+ command->args_sig_file = data->args_sig_file;
command->tty = ttyname(STDIN_FILENO);
}
diff --git a/ui/common/discover-client.h b/ui/common/discover-client.h
index 542a275..59d2df9 100644
--- a/ui/common/discover-client.h
+++ b/ui/common/discover-client.h
@@ -11,6 +11,7 @@ struct pb_boot_data {
char *initrd;
char *dtb;
char *args;
+ char *args_sig_file;
};
/**
diff --git a/ui/ncurses/nc-boot-editor.c b/ui/ncurses/nc-boot-editor.c
index 4012ec5..7fa1a42 100644
--- a/ui/ncurses/nc-boot-editor.c
+++ b/ui/ncurses/nc-boot-editor.c
@@ -63,6 +63,8 @@ struct boot_editor {
struct nc_widget_textbox *dtb_f;
struct nc_widget_label *args_l;
struct nc_widget_textbox *args_f;
+ struct nc_widget_label *args_sig_file_l;
+ struct nc_widget_textbox *args_sig_file_f;
struct nc_widget_button *ok_b;
struct nc_widget_button *help_b;
struct nc_widget_button *cancel_b;
@@ -73,6 +75,9 @@ struct boot_editor {
char *initrd;
char *dtb;
char *args;
+ char *args_sig_file;
+
+ bool use_signature_files;
};
extern const struct help_text boot_editor_help_text;
@@ -198,6 +203,15 @@ static struct pb_boot_data *boot_editor_prepare_data(
s = widget_textbox_get_value(boot_editor->widgets.args_f);
bd->args = *s ? talloc_strdup(bd, s) : NULL;
+ if (boot_editor->use_signature_files) {
+ s = widget_textbox_get_value(
+ boot_editor->widgets.args_sig_file_f);
+ bd->args_sig_file = conditional_prefix(bd, prefix, s);
+ }
+ else {
+ bd->args_sig_file = NULL;
+ }
+
return bd;
}
@@ -323,6 +337,12 @@ static void boot_editor_layout_widgets(struct boot_editor *boot_editor)
y += layout_pair(boot_editor, y, boot_editor->widgets.args_l,
boot_editor->widgets.args_f);
+ if (boot_editor->use_signature_files) {
+ y += layout_pair(boot_editor, y,
+ boot_editor->widgets.args_sig_file_l,
+ boot_editor->widgets.args_sig_file_f);
+ }
+
y++;
widget_move(widget_button_base(boot_editor->widgets.ok_b), y,
@@ -445,6 +465,11 @@ static void boot_editor_find_device(struct boot_editor *boot_editor,
if (bd->dtb && !path_on_device(bd_info, bd->dtb))
return;
+ if (boot_editor->use_signature_files)
+ if (bd->args_sig_file && !path_on_device(bd_info,
+ bd->args_sig_file))
+ return;
+
/* ok, we match; preselect the device option, and remove the common
* prefix */
boot_editor->selected_device = bd_info->name;
@@ -454,6 +479,9 @@ static void boot_editor_find_device(struct boot_editor *boot_editor,
boot_editor->initrd += len;
if (boot_editor->dtb)
boot_editor->dtb += len;
+ if (boot_editor->use_signature_files)
+ if (boot_editor->args_sig_file)
+ boot_editor->args_sig_file += len;
}
static void boot_editor_setup_widgets(struct boot_editor *boot_editor,
@@ -501,6 +529,17 @@ static void boot_editor_setup_widgets(struct boot_editor *boot_editor,
boot_editor->widgets.args_f = widget_new_textbox(set, 0, 0,
field_size, boot_editor->args);
+ if (boot_editor->use_signature_files) {
+ boot_editor->widgets.args_sig_file_l = widget_new_label(set,
+ 0, 0, _("Argument signature file:"));
+ boot_editor->widgets.args_sig_file_f = widget_new_textbox(set,
+ 0, 0, field_size, boot_editor->args_sig_file);
+ }
+ else {
+ boot_editor->widgets.args_sig_file_l = NULL;
+ boot_editor->widgets.args_sig_file_f = NULL;
+ }
+
boot_editor->widgets.ok_b = widget_new_button(set, 0, 0, 10,
_("OK"), ok_click, boot_editor);
boot_editor->widgets.help_b = widget_new_button(set, 0, 0, 10,
@@ -547,12 +586,22 @@ struct boot_editor *boot_editor_init(struct cui *cui,
struct pb_boot_data *bd))
{
struct boot_editor *boot_editor;
+ int ncols1, ncols2, ncols3;
boot_editor = talloc_zero(cui, struct boot_editor);
if (!boot_editor)
return NULL;
+#if defined(HAVE_LIBGPGME)
+ if (access(LOCKDOWN_FILE, F_OK) == -1)
+ boot_editor->use_signature_files = false;
+ else
+ boot_editor->use_signature_files = true;
+#else
+ boot_editor->use_signature_files = false;
+#endif
+
talloc_set_destructor(boot_editor, boot_editor_destructor);
boot_editor->cui = cui;
boot_editor->item = item;
@@ -561,11 +610,15 @@ struct boot_editor *boot_editor_init(struct cui *cui,
boot_editor->need_redraw = false;
boot_editor->need_update = false;
- int ncols1 = strncols(_("Device tree:"));
- int ncols2 = strncols(_("Boot arguments:"));
+ ncols1 = strncols(_("Device tree:"));
+ ncols2 = strncols(_("Boot arguments:"));
+ if (boot_editor->use_signature_files)
+ ncols3 = strncols(_("Argument signature file:"));
+ else
+ ncols3 = 0;
boot_editor->label_x = 1;
- boot_editor->field_x = 2 + max(ncols1, ncols2);
+ boot_editor->field_x = 2 + max(max(ncols1, ncols2), ncols3);
nc_scr_init(&boot_editor->scr, pb_boot_editor_sig, 0,
cui, boot_editor_process_key,
@@ -584,10 +637,15 @@ struct boot_editor *boot_editor_init(struct cui *cui,
boot_editor->initrd = bd->initrd;
boot_editor->dtb = bd->dtb;
boot_editor->args = bd->args;
+ if (boot_editor->use_signature_files)
+ boot_editor->args_sig_file = bd->args_sig_file;
+ else
+ boot_editor->args_sig_file = talloc_strdup(bd, "");
boot_editor_find_device(boot_editor, bd, sysinfo);
} else {
boot_editor->image = boot_editor->initrd =
- boot_editor->dtb = boot_editor->args = "";
+ boot_editor->dtb = boot_editor->args =
+ boot_editor->args_sig_file = "";
}
boot_editor->pad = newpad(
diff --git a/ui/ncurses/nc-cui.c b/ui/ncurses/nc-cui.c
index 0c355cc..09b63b0 100644
--- a/ui/ncurses/nc-cui.c
+++ b/ui/ncurses/nc-cui.c
@@ -543,6 +543,7 @@ static int cui_boot_option_add(struct device *dev, struct boot_option *opt,
cod->bd->initrd = talloc_strdup(cod->bd, opt->initrd_file);
cod->bd->dtb = talloc_strdup(cod->bd, opt->dtb_file);
cod->bd->args = talloc_strdup(cod->bd, opt->boot_args);
+ cod->bd->args_sig_file = talloc_strdup(cod->bd, opt->args_sig_file);
/* This disconnects items array from menu. */
result = set_menu_items(cui->main->ncm, NULL);
@@ -566,6 +567,7 @@ static int cui_boot_option_add(struct device *dev, struct boot_option *opt,
pb_log(" image '%s'\n", cod->bd->image);
pb_log(" initrd '%s'\n", cod->bd->initrd);
pb_log(" args '%s'\n", cod->bd->args);
+ pb_log(" argsig '%s'\n", cod->bd->args_sig_file);
/* Re-attach the items array. */
result = set_menu_items(cui->main->ncm, cui->main->items);
OpenPOWER on IntegriCloud