Ecosyste.ms: OpenCollective

An open API service for software projects hosted on Open Collective.

Insurgo Initiative

Non-profit initiative to promote open source development with a focus towards security and privacy.
Collective - Host: opensource - https://opencollective.com/insurgo - Website: https://fosdem.org/2020/schedule/event/firmware_hodorateatria/ - Code: https://github.com/tlaurion

Merge branch 'usb-boot' of https://github.com/flammit/heads into flammit-usb-boot

github.com/tlaurion/heads-ci-fedora30 - ba98d5dda66c7d1de4668089bbc131729ddb949e authored over 7 years ago by Trammell Hudson <[email protected]>
Fixed edge case in kernel argument injection

Debian 9 installer doesn't have kernel arguments so the iommu fix
wasn't being applied properly.

github.com/tlaurion/heads-ci-fedora30 - 11aca354e9b4c7e50c95f7b7209eeddbfb535e02 authored over 7 years ago by Francis Lam <[email protected]>
Fixed regression on kexec-save-key

github.com/tlaurion/heads-ci-fedora30 - 2a9ca6fdba3e5fd41153c59caf1b652d369623d8 authored over 7 years ago by Francis Lam <[email protected]>
Added TPM secret management to generic boot

Also cleaned up error handling and boot parsing edge cases

github.com/tlaurion/heads-ci-fedora30 - 22a52ec4b82411198c1032caa6a722395b557d62 authored over 7 years ago by Francis Lam <[email protected]>
Added rollback protection to generic boot

Changed the checking of required hashes or required rollback state
to be right before boot, allo...

github.com/tlaurion/heads-ci-fedora30 - d67360a24b215a65974253da6e8f18acd46a42bf authored over 7 years ago by Francis Lam <[email protected]>
Added the ability to persist a default boot option

Similar to qubes-update, it will save then verify the hashes of
the kexec files. Once TOTP is ve...

github.com/tlaurion/heads-ci-fedora30 - 8004b5df2a4dd626a01f6c8b7b67abe222ebb134 authored over 7 years ago by Francis Lam <[email protected]>
Minor tweaks to signing params and boot options

Also split out usb-scan to allow manual initiation of scan from
the recovery shell

github.com/tlaurion/heads-ci-fedora30 - ce4b91cad98f11f696bd320a4d6990cf831f1e3a authored over 7 years ago by Francis Lam <[email protected]>
Added a generic boot config and persistent params

Refactored boot parsing code and applied that in local-init to
scan /boot for grub options and a...

github.com/tlaurion/heads-ci-fedora30 - 3614044fffbf702c49e79e48e12dcd9988a8cbc3 authored over 7 years ago by Francis Lam <[email protected]>
Tweaks to allow qubes install w/o custom script

usb-boot automatically uses internal xen binary / command line
when multiboot is detected.

also...

github.com/tlaurion/heads-ci-fedora30 - 76a20288a33085d041f8396068528e413506e61a authored over 7 years ago by Francis Lam <[email protected]>
fix Xen reproducibility by not using figlet #207

github.com/tlaurion/heads-ci-fedora30 - 7e5c9bf5f846bf6e8c5d885670ba011706949342 authored over 7 years ago by Trammell Hudson <[email protected]>
Reverted submodule name back to xen

github.com/tlaurion/heads-ci-fedora30 - 7f6f365afe74115172b1d473a8db12aa6a47c624 authored over 7 years ago by Francis Lam <[email protected]>
Fixes the patched qubes-vmm-xen Makefile

Prevents subsequent builds from trying to unpack/repatch

github.com/tlaurion/heads-ci-fedora30 - e1e654696b0f360df054cf9fa65391825c758d8f authored over 7 years ago by Francis Lam <[email protected]>
Changed xen submodule to track Qubes Xen

Closes #159

github.com/tlaurion/heads-ci-fedora30 - c2ec62bfcd41f4b8409cf59d85c2cd83f43b1d1b authored over 7 years ago by Francis Lam <[email protected]>
do not enable libkmod (issue #164)

github.com/tlaurion/heads-ci-fedora30 - 265424b101fc5f7fd1a614cc0c8dbad18b3eb913 authored over 7 years ago by Trammell Hudson <[email protected]>
use SHA256 digest on signatures to avoid SHA1 collision attacks (issue #120)

github.com/tlaurion/heads-ci-fedora30 - a5d4c6553317d9e5a25c47e9417f2ba5baabab41 authored over 7 years ago by Trammell Hudson <[email protected]>
typo in comment

github.com/tlaurion/heads-ci-fedora30 - 2b2c00e594431accc1656f10e6d5af926023a438 authored over 7 years ago by Trammell Hudson <[email protected]>
Added blob directory for non-free blobs Also basic documentation for the binaries needed for the X220 and how the get to them

github.com/tlaurion/heads-ci-fedora30 - 8b3ed5fd7a1a7b77ed2c404f7b1d23b1f0966232 authored over 7 years ago by Johan Grip <[email protected]>
Also enable the correct flash chip for x220

github.com/tlaurion/heads-ci-fedora30 - dea6cb60d3d9e311fa8646b4807183c0590d6f14 authored over 7 years ago by Johan Grip <[email protected]>
Re-enabled x220 components in flashrom.

github.com/tlaurion/heads-ci-fedora30 - ceb81944a1be0da9fec5688026f6ae21abef37dc authored over 7 years ago by Johan Grip <[email protected]>
Inital test of a lenovo x220 port. Uses hardcoded paths for the blobs required. Uses a stripped ME blob.

github.com/tlaurion/heads-ci-fedora30 - 186b641385209ec5c5e26ef1241f291f63635b45 authored over 7 years ago by Johan Grip <[email protected]>
make the ME a module (issue #194)

github.com/tlaurion/heads-ci-fedora30 - 2cad84a76861652352091ec43e14230e2b1746d6 authored over 7 years ago by Trammell Hudson <[email protected]>
minor tweaks to config parsing

github.com/tlaurion/heads-ci-fedora30 - 1f8eaa696e792694f8fb866b6b3a0cb86a46a9e4 authored over 7 years ago by Francis Lam <[email protected]>
adds a USB boot option with basic parsing to kexec

Supports booting from USB media using either the root device or
a signed ISO as the boot device....

github.com/tlaurion/heads-ci-fedora30 - efd662c63a18192b1c82597b17822c61dc28c00d authored over 7 years ago by Francis Lam <[email protected]>
pass -ic option to tpm extend (issue #198)

github.com/tlaurion/heads-ci-fedora30 - 7f600072ade503c6e57cd40b4316264f1a3a0ed2 authored over 7 years ago by Trammell Hudson <[email protected]>
cherry pick Linux config from zfs branch with multi-user set

github.com/tlaurion/heads-ci-fedora30 - 448d0731a9756d7a9a1a09cdec866354b6cbb62e authored over 7 years ago by Trammell Hudson <[email protected]>
Use kernel headers from our Linux kernel tree (issue #188)

github.com/tlaurion/heads-ci-fedora30 - 964b967c9e07c7108d785b168304ef6e3b1e5715 authored over 7 years ago by Trammell Hudson <[email protected]>
load usb-storage module in x230-flash.init

github.com/tlaurion/heads-ci-fedora30 - ad732939c339506b4b15a6aa9516f2a5fc8ce6c1 authored over 7 years ago by Francis Lam <[email protected]>
cbmem was not being built

github.com/tlaurion/heads-ci-fedora30 - a71f84c08f57a8a134cf6413a34d13ff2115a3d1 authored over 7 years ago by Trammell Hudson <[email protected]>
hardware token key

github.com/tlaurion/heads-ci-fedora30 - 8f4455bc5724215287f56339cb0679e561d94b60 authored over 7 years ago by Trammell Hudson <[email protected]>
fix patch for -p1

github.com/tlaurion/heads-ci-fedora30 - 4310b596866d21e8ea75f294cb98ab3293f42d1a authored over 7 years ago by Trammell Hudson <[email protected]>
use 0.3.0 release of tpmtotp

github.com/tlaurion/heads-ci-fedora30 - bf95aa1839f28b3a9de3fe48213257e965dab04c authored over 7 years ago by Trammell Hudson <[email protected]>
print and update the timestamp on the TOTP while waiting for disk unlock code

github.com/tlaurion/heads-ci-fedora30 - 9d4b7a5b73935bb4380e32c0fc2e3ace394115cf authored over 7 years ago by Trammell Hudson <[email protected]>
supress mlock error

github.com/tlaurion/heads-ci-fedora30 - 87b6f1e4896c057cfbc88d7901479b567e532e11 authored over 7 years ago by Trammell Hudson <[email protected]>
totp program outputs the date

github.com/tlaurion/heads-ci-fedora30 - 3fc174b0f78a73eb0bdc6279ff512a879b880d13 authored over 7 years ago by Trammell Hudson <[email protected]>
signing of files is now possible on the laptop

github.com/tlaurion/heads-ci-fedora30 - 782d4cdc7bfd1d905d3769463a7e8308a15f04b9 authored over 7 years ago by Trammell Hudson <[email protected]>
Rework /init and qubes setup scripts (issue #27, #155, #32, #29, #110)

This adds support for seamless booting of Qubes with a TPM disk key,
as well as signing of qubes...

github.com/tlaurion/heads-ci-fedora30 - 353a0efe6f18f540a0fa51d58dc889cfab4f8398 authored over 7 years ago by Trammell Hudson <[email protected]>
use the external functions (issue #161)

github.com/tlaurion/heads-ci-fedora30 - 8464227aa109c727d5fc0524ed5f2708521e385e authored over 7 years ago by Trammell Hudson <[email protected]>
helper to install qubes from the recovery shell (issue #27)

github.com/tlaurion/heads-ci-fedora30 - 8d2d6ad6c38e7081faeaf764bf16ccdf3f4a847e authored over 7 years ago by Trammell Hudson <[email protected]>
try creating NVRAM entry before prompting for owner password (issue #151)

github.com/tlaurion/heads-ci-fedora30 - 6a734208b07cf671dc99be63d17e70fa42b7380b authored over 7 years ago by Trammell Hudson <[email protected]>
put board configuration file into /etc/config

github.com/tlaurion/heads-ci-fedora30 - fa8c3abe98d7edf00c831ab39d2de9417ebcd9df authored over 7 years ago by Trammell Hudson <[email protected]>
use xen.gz since we have zlib support in kexec again (issue #170)

github.com/tlaurion/heads-ci-fedora30 - 122bacab37071b799a7ceb3815b1b2ff03875bb3 authored over 7 years ago by Trammell Hudson <[email protected]>
copy file and compute sha256 before flashing

github.com/tlaurion/heads-ci-fedora30 - 84f1d0af3980618581f9f48bfac45982dd2a933f authored over 7 years ago by Trammell Hudson <[email protected]>
import the seal/unseal totp scripts since they are very specialized to the heads install, skip owner password if not required (issue #151)

github.com/tlaurion/heads-ci-fedora30 - 7a9ab72144d2a1c092dc85d97a63b236740c263f authored over 7 years ago by Trammell Hudson <[email protected]>
common recovery shell functions (issue #161)

github.com/tlaurion/heads-ci-fedora30 - c5c47c6b1c0a31203e4f8f5de20b2cd1f2a61e18 authored over 7 years ago by Trammell Hudson <[email protected]>
quiet down the boot process

github.com/tlaurion/heads-ci-fedora30 - d73c92e63f071fd7f96af3b9503ac66d78eec0a0 authored over 7 years ago by Trammell Hudson <[email protected]>
add some color

github.com/tlaurion/heads-ci-fedora30 - da9bde721c9e5b6ae7cb020695422ceff25c0abb authored over 7 years ago by Trammell Hudson <[email protected]>
helper to do a forcible TPM reset (issue #27)

github.com/tlaurion/heads-ci-fedora30 - ea9b2c0da088bec47a26d0fcb096e718adc11123 authored over 7 years ago by Trammell Hudson <[email protected]>
x230-flash configuration and initialization

github.com/tlaurion/heads-ci-fedora30 - 8c57ac59e78061a9810618a9b16eaf707cdf6397 authored over 7 years ago by Trammell Hudson <[email protected]>
"$@" does not expand correctly in test expressions, use "$*" instead (issue #181)

github.com/tlaurion/heads-ci-fedora30 - 51ecbdc8cb7e280744c6a00eb3a8b2a1f116c1be authored over 7 years ago by Trammell Hudson <[email protected]>
check for TPM program and device before loading modules (issue #181)

github.com/tlaurion/heads-ci-fedora30 - c19193d7c6b40a4456a8742c1b2a37253a4eb346 authored over 7 years ago by Trammell Hudson <[email protected]>
remember to add /dev to /etc/fstab

github.com/tlaurion/heads-ci-fedora30 - b6eaa5c2959a4cd0108e54c7ffedddb3af77c086 authored over 7 years ago by Trammell Hudson <[email protected]>
mount only takes one filesystem

github.com/tlaurion/heads-ci-fedora30 - 1744612df63fd81e132215b203a0992b4f6abec7 authored over 7 years ago by Trammell Hudson <[email protected]>
add /etc/fstab and /etc/mtab to initrd image

github.com/tlaurion/heads-ci-fedora30 - 4c982856a368b4284243b640147a88ccfac9651b authored over 7 years ago by Trammell Hudson <[email protected]>
build xen for the qemu image so that we can test kexec

github.com/tlaurion/heads-ci-fedora30 - 85f0586615d16f9475ed88189d7ca3caa238437c authored over 7 years ago by Trammell Hudson <[email protected]>
Merge branch 'flammit-master'

github.com/tlaurion/heads-ci-fedora30 - 4eab928339ce53fcd28e83bc454613b190767ad6 authored over 7 years ago by Trammell Hudson <[email protected]>
Merge branch 'master' of https://github.com/flammit/heads into flammit-master

github.com/tlaurion/heads-ci-fedora30 - ca06e7598dbab3cbbab1824da6250fc5182ebe1c authored over 7 years ago by Trammell Hudson <[email protected]>
Fix coreboot build where gcc defaults to pie (issue #177)

See https://github.com/coreboot/coreboot/commit/8bbd596de631adc8b677e69603e978b848eb1708

github.com/tlaurion/heads-ci-fedora30 - a39a24665c3369dc1dcdf9abc0300add3b5024ba authored over 7 years ago by Francis Lam <[email protected]>
typo in $(CROSS_TOOLS_NOCC), building xen with system ld (issue #173)

github.com/tlaurion/heads-ci-fedora30 - 1043517371d6ea5d0e2d0e692c6002222b607233 authored over 7 years ago by Trammell Hudson <[email protected]>
do two make passes to avoid concurrency errors in lvm2 (issue #175)

github.com/tlaurion/heads-ci-fedora30 - 132d26de05590e94ea6539e4d3cbf621c721005a authored over 7 years ago by Trammell Hudson <[email protected]>
Linux does not need the musl-libc, just the cross compiler (issue #175)

github.com/tlaurion/heads-ci-fedora30 - 740f197487b91deaed791a8e0016c0972f4c7cec authored over 7 years ago by Trammell Hudson <[email protected]>
typo in gnupg, remove the install directory on a real.clean

github.com/tlaurion/heads-ci-fedora30 - 4e88d5d59c96dc864bc0c27901e24d0f90768cc7 authored over 7 years ago by Trammell Hudson <[email protected]>
add real.clean target and fix DAG for parallel top-level makes (issue #175)

github.com/tlaurion/heads-ci-fedora30 - a2b0ef878ea1c765c164522f83d58203ad6806f1 authored over 7 years ago by Trammell Hudson <[email protected]>
xen depends on musl-cross (issue #175)

github.com/tlaurion/heads-ci-fedora30 - a42aaa37c6aed1ca418b185a19f9b0e54f00a7c6 authored over 7 years ago by Trammell Hudson <[email protected]>
add bootstrap target to build cross compilers (issue #162)

github.com/tlaurion/heads-ci-fedora30 - 8c3b5877a356177756bed61821c0aec2f5095186 authored over 7 years ago by Trammell Hudson <[email protected]>
disable more unnecessary LVM components

github.com/tlaurion/heads-ci-fedora30 - 46a2ae8c2b09efcdadd1006eb7e6a2539cd63b31 authored over 7 years ago by Trammell Hudson <[email protected]>
Define $(CROSS_TOOLS) to ensure reproducible builds (issue #173)

Each of the submodule configuration files defined a subset of the
cross compiler tools that it u...

github.com/tlaurion/heads-ci-fedora30 - 07eb5e971782ca75ed542a72b1f7d8d25711e534 authored over 7 years ago by Trammell Hudson <[email protected]>
lvm Makefile was defining $(STRIP) (issue #174)

github.com/tlaurion/heads-ci-fedora30 - ae6bed14a2abf0732ccb425224f03ac60fc14911 authored over 7 years ago by Trammell Hudson <[email protected]>
kexec/util/bin-to-hex needs to be HOST_CC, not LD (issue #173)

github.com/tlaurion/heads-ci-fedora30 - c262de30a4eb12d28b35e22fb5dfcb705d8f3d45 authored over 7 years ago by Trammell Hudson <[email protected]>
use cross compiler ar (issue #166)

github.com/tlaurion/heads-ci-fedora30 - 9fb1f247ad5c892037293d4de8de5d3a6500883f authored over 7 years ago by Trammell Hudson <[email protected]>
use cross compiler ar (issue #166)

github.com/tlaurion/heads-ci-fedora30 - 2b0b6f33c0957129ac94e1cd4ea088f694190e51 authored over 7 years ago by Trammell Hudson <[email protected]>
use cross compiler ar (issue #166)

github.com/tlaurion/heads-ci-fedora30 - ea175466a05274c26030eb4ea04f2e32c84d4da3 authored over 7 years ago by Trammell Hudson <[email protected]>
use cross compiler ar (issue #166)

github.com/tlaurion/heads-ci-fedora30 - 8241f190acd9dc98af7275ac1b48d67d43b175dc authored over 7 years ago by Trammell Hudson <[email protected]>
reconfigure submodules if their config files ever change (issue #172)

github.com/tlaurion/heads-ci-fedora30 - 75117c0e5b2c1a6570cf9bba79135348a1aaf4d2 authored over 7 years ago by Trammell Hudson <[email protected]>
use -9 instead of --extreme for reproducibility (issue #171)

github.com/tlaurion/heads-ci-fedora30 - 5a0f3dc10b1c16c5a3cfaeca7807bc02496c623b authored over 7 years ago by Trammell Hudson <[email protected]>
add dropbear ssh to qubes and moc configurations (issue #169)

github.com/tlaurion/heads-ci-fedora30 - 300b17fa25e0611de8e33a201dace14386352748 authored over 7 years ago by Trammell Hudson <[email protected]>
re-enable zlib and use it in kexec (issue #170)

github.com/tlaurion/heads-ci-fedora30 - ac74b92157b852ff6ed8ad9089ae8d3ac70bebe4 authored over 7 years ago by Trammell Hudson <[email protected]>
prefix should not be empty

github.com/tlaurion/heads-ci-fedora30 - 3c07e27d73c483762e8eb3a830ea75b71c3e0ff1 authored over 7 years ago by Trammell Hudson <[email protected]>
parallel crosscompiler build (issue #168)

github.com/tlaurion/heads-ci-fedora30 - f65136c1a2d92ad66736e5594b8072733cbe4bac authored over 7 years ago by Trammell Hudson <[email protected]>
use the non-musl-libc wrapped gcc (issue #167)

github.com/tlaurion/heads-ci-fedora30 - 6b0013e0384481c5d2731445ae2362a2ed220f52 authored over 7 years ago by Trammell Hudson <[email protected]>
use our cross compiler ld (issue #166)

github.com/tlaurion/heads-ci-fedora30 - c76a618b1ec09349e2682552fc21db8fb3f04b7f authored over 7 years ago by Trammell Hudson <[email protected]>
lvm2 builds reproducibly again (issue #166)

github.com/tlaurion/heads-ci-fedora30 - 7c8f86bc529151d8299540641859140051c0da40 authored over 7 years ago by Trammell Hudson <[email protected]>
use our cross compiler ar, not /usr/bin/ar (issue #166)

github.com/tlaurion/heads-ci-fedora30 - 2b55d8bcf85087702bf9528bd47c5a2c74436765 authored over 7 years ago by Trammell Hudson <[email protected]>
report sha256 of stages as they are built

github.com/tlaurion/heads-ci-fedora30 - 727e2fbc5641e0279c5be9488c5fd4306b4a8fa8 authored over 7 years ago by Trammell Hudson <[email protected]>
replaced PREFIX= with DESTDIR= to make builds reproducible (issue #166)

github.com/tlaurion/heads-ci-fedora30 - 96fe3f3f09a9e2376d3e50712198edaa9b55f84d authored over 7 years ago by Trammell Hudson <[email protected]>
replace __FILE__ with "__FILE__" to make Xen reproducible (issue #166)

github.com/tlaurion/heads-ci-fedora30 - 09718fc97ed894f8cf7e854604e20e622072c495 authored over 7 years ago by Trammell Hudson <[email protected]>
shell syntax, not makefile syntax (issue #131)

github.com/tlaurion/heads-ci-fedora30 - ea8a55fe5b755a4d508fb45bf54ed0350001ea05 authored over 7 years ago by Trammell Hudson <[email protected]>
scale the max load by the number of CPUs (issue #131)

github.com/tlaurion/heads-ci-fedora30 - 192e1227198d0198c83caa27b354260012ced926 authored over 7 years ago by Trammell Hudson <[email protected]>
enable usb storage module (issue #160)

github.com/tlaurion/heads-ci-fedora30 - 830828f2a29d6d18b12d535de9aac216021b349e authored over 7 years ago by Trammell Hudson <[email protected]>
move usb-storage into a kernel module (issue #160)

github.com/tlaurion/heads-ci-fedora30 - 350a3564b1ed2ee4d124b4e1dabbe8a0eea831d3 authored over 7 years ago by Trammell Hudson <[email protected]>
gpg uses pubring.gpg instead of trustedkeys.gpg

github.com/tlaurion/heads-ci-fedora30 - 362785b81cf5b6e1a7279dc99744e03e8b98152f authored over 7 years ago by Trammell Hudson <[email protected]>
ignore tilde files

github.com/tlaurion/heads-ci-fedora30 - 06d2f7728bb06209db29ed35df422d6b056cf49e authored over 7 years ago by Trammell Hudson <[email protected]>
fix gpg tty reading from /dev/console to support yubikey (issue #32)

github.com/tlaurion/heads-ci-fedora30 - 9d6c5c5da84f4ef06d9f1023b4074ce1cd4077b5 authored over 7 years ago by Trammell Hudson <[email protected]>
fix build to avoid libusb installed on host system

github.com/tlaurion/heads-ci-fedora30 - a2e51a599cec5220ccb5a5fc39a513f5a19157e9 authored over 7 years ago by Trammell Hudson <[email protected]>
fix build to avoid libusb installed on host system

github.com/tlaurion/heads-ci-fedora30 - a1efbb8e02288c93981ca63344d1a0ce689fd3b1 authored over 7 years ago by Trammell Hudson <[email protected]>
hash update

github.com/tlaurion/heads-ci-fedora30 - 71f6cf3315e52157c51cfcef6347c76bc4730584 authored over 7 years ago by Trammell Hudson <[email protected]>
Enable gpg with card support (issue #32)

github.com/tlaurion/heads-ci-fedora30 - 0da184fe0154fcc287f30dea7e6f2c0087f00755 authored over 7 years ago by Trammell Hudson <[email protected]>
Purism Librem 13v1 initial configuration

github.com/tlaurion/heads-ci-fedora30 - cfcf6c46d5d6d48b8a0a7389c9ba1dce32147415 authored over 7 years ago by Trammell Hudson <[email protected]>
make %.rom generic

github.com/tlaurion/heads-ci-fedora30 - 0019d8031c4b0535df9429f412aeb959edcfded9 authored over 7 years ago by Trammell Hudson <[email protected]>
remove initrd unpacking, since Qubes dracut /etc/cryptab can be fixed

github.com/tlaurion/heads-ci-fedora30 - 5195a74422d3dce16e2c4f53809e6f83aef53a13 authored over 7 years ago by Trammell Hudson <[email protected]>
LVM patches to compile with musl

github.com/tlaurion/heads-ci-fedora30 - ce766bdc58d6800923417fb26dee4d57b34a9ddb authored over 7 years ago by Trammell Hudson <[email protected]>