- User Since
- Nov 7 2015, 11:25 PM (201 w, 3 d)
Wed, Sep 11
I noticed there was a recent release, so I updated
Sat, Sep 7
Aug 23 2018
OK, I reverted the rawdata change.
Aug 21 2018
Fixed signing of local cert, and added default DN generation
Added machine vs. local keys, fixed errors in the scripts, added checking for key expiry, fixed some other issues.
Aug 8 2018
Note: I want to let this sit for a while, and I'd prefer to commit this along with other components of the trust framework.
Aug 3 2018
Note, the man page for trust-config is moved to D16576
An alternative I'm considering: have a seldom-used master key named something like "machine", "master", "root", etc. which is the local trust root key. Have "local" be an intermediate keypair, signed by this master key. The master key acts only as a key-signing certificate; it cannot sign code or issue general signatures. The local key can issue more general signatures.
Aug 2 2018
Aug 1 2018
Background on this (and the other related change): I ran into both issues implementing signelf. They caused anomalous bugs, and I tracked them down and fixed them. So they're definitely issues, and the fixes definitely work.
Cut down to just the KMS API
Jul 18 2018
Some part of this ought to be committed, as it enables TPM support in EFI. It's worth discussing exactly which parts are necessary.
This is no longer necessary.
An alternate approach to GELI was merged.
Alternate approach to GELI was merged. This is no longer needed.
Jul 4 2018
I get compile errors trying to build the latest
Jun 16 2018
Some thoughts here:
Jun 8 2018
Rebased from HEAD
Jun 7 2018
Rebase from master and tried on real hardware
Apr 22 2018
Rebase to HEAD
Rebase to HEAD
Confirmed working on UFS, ZFS, and real hardware.
Mar 30 2018
Mar 29 2018
Rebase from HEAD
Rebase from HEAD
Rebase from HEAD
Accidental early rebase
Rebase to HEAD
Feb 2 2018
This review actually needs more work. Turns out there's more places where things need to be added.
Jan 11 2018
I'd like to get an author list for this work (and any related coming patches), as well as for the NetBSD system if possible for the bibliography.
Just as a note, I'm going to be editing a paper on a larger FreeBSD trust system for submission to BSDCan. I plan on incorporating this work into the overall design.
Jan 7 2018
This is now deployed on a laptop with a multi-device, all-GELI ZFS pool. It boots with loader.efi depolyed to the ESP (a no-boot1 configuration).
Fix error that prevented ZFS preferred pool detection
Fixed efi_zfs_is_preferred so ZFS preferred volumes are correctly detected again.
Jan 4 2018
The current state of things combines all the GELI precursors and the dual-purpose loader patch, then applies the GELI driver. This is placed here for testing.
Dec 31 2017
Updated to reflect move to /stand
Dec 29 2017
Update to reflect move to /stand
Dec 23 2017
(Sorry for the extreme delay on this one)
Dec 19 2017
Simplified search procedure.
Dec 16 2017
I'm taking the broader architecture discussion here to -arch
Dec 15 2017
The idea here is to implement what will eventually be a last-resort fallback mechanism (in the case of a blank install, or someone's EFI vars getting wiped, or something) as a means of starting the transition away from boot1. The legacy search behavior *should* be subsumed into the find_currdev_all path, but I'm unwilling to remove the legacy path completely at this point.
Nov 17 2017
Rebased to HEAD
Rebased to HEAD.
Oct 23 2017
OK, I know how to deal with the partition info from disks. I'm going to add a field to the pdinfo_list which contains the partition type, and I'll pluck it out of the devpaths when we register the partitions. The partition relationships can be obtained from the pdinfo list already.
Turns out this one is nowhere near complete. Need to add more stuff.
Oct 19 2017
Oct 17 2017
This one breaks up much easier, since it's mostly new code. Be aware, however, that the changes will introduce dead code until the GELI driver itself goes in.
Oct 16 2017
This one is finally on deck. I am currently running a build/test cycle after merging from HEAD following the commit of boot1_refactor. I don't anticipate breakage, but it's best to be sure. Allan should run his tests once I get through mine, since he found some issues I didn't.
Oct 13 2017
Is this applied against some branch? I'm getting complaints about sys/boot/ficl.mk not being there
That's how the EFI boot stuff originally functioned. At some point, boot1.efi got added, but in the very beginning, you just installed loader.efi to the ESP.
Oct 12 2017
Note: this needs to get a test before it's merged, because I did modify the code. But a basic smoke-test ought to do it.
Oct 11 2017
Addressed review comments
Oct 7 2017
Do you want me to fix these, or do you want me to just sit tight?
Oct 6 2017
Merged from current and updated. No conflicts, so I think the tests are still good.
Oct 2 2017
Confirmed this works in QEMU
Oct 1 2017
Also, just deployed to my laptop (multi-disk ZFS pool), and obviously it works.
Fixed issues with setting image_handle->DeviceHandle incorrectly. Correct behavior confirmed on all my QEMU tests.
Finally got time to do QEMU tests on this. Found some issues with setting the DeviceHandle on the loaded image. I fixed it for UFS detection. I also seem to have introduced a regression in ZFS preferred device detection, which I'm working to fix.
Sep 29 2017
Merged from HEAD, corrected a trivial merge conflict
Sep 19 2017
Also, someone please do a check for stray debug printfs. I am notoriously bad at spotting those.
Fixed issues with preferred device detection. This includes detailed analysis of the code via debug messages to make sure it's doing the right thing. Preferred devices should now be correctly detected.
Sep 12 2017
I'm unsure as to what needs to happen now. Do I need to do anything to my patches yet?
Sep 10 2017
If I'm not mistaken, this should work as a precursor to my GELI patch series. I will apply this, then attempt a build with boot1_refactor also applied. That should tell us whether it does the job.
Sep 9 2017
Overhauled preferred device detection
Aug 13 2017
Aug 4 2017
Rebased to HEAD after committing portions of it as independent patches.
Okay, I've broken this one up into a number of smaller ones. I will wait for the last of them to go in, then I'll rebase and we can go from there.
Aug 3 2017
I am not a committer. Feel free to put it in.
I will pull out some components of the patch and make some smaller ones.