ui/ncurses: Add prompt for LUKS device password Implement device_add() in cui_client_ops and use this interface to recognise when the server notifies the client of an encrypted device. A "device header" will be created for this device and added to the menu with no associated boot options. The nc-auth prompt is extended to ask for a disk password when the device header for an encrypted device is selected. Assuming the password is correct pb-discover will remove the original device and notify the client about the newly opened device, which will be reflected in the menu. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/common: Client authentication helpers Track the client's authentication status and provide methods for the client to send authentication requests to the server. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
lib/log: Switch to pb_log_fn The only functional change should be an additional '/n' to a few log messagees that seemed to be missing it. Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/ncurses: Implement F10-F12 for autoboot device control Add a few mappings to specify temporary autoboot settings: F10: Only autoboot from disk F11: Only autoboot from USB devices F12: Only autoboot from network These use the new code to prevent cancelling autoboot. Signed-off-by: Jeremy Kerr <jk@ozlabs.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/common/discover-client: explicit #include <string.h> for musl libc Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/ncurses: Add plugin menu and nc-plugin screen Add a second pmenu accessible via the main menu which displays uninstalled and installed pb-plugins. Uninstalled options can be selected to trigger pb-plugin to install them, after which they are updated and marked as installed in the menu. Installed plugins can be investigated by entering the new plugin screen, where plugin metadata and executables are displayed. Executables can be run from this screen via cui_run_cmd(). Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
types: shorten boot_status definitions struct boot_status is a bit misnamed; we report status on things that aren't just the boot status (eg, discovery). This change refactors struct boot_status into just struct status. We give the type enum a name, and shorten the enum values to suit. Signed-off-by: Jeremy Kerr <jk@ozlabs.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Use 'consoles' instead of 'tty' to refer to interfaces 'Console' is more readily understandable and technically more correct than 'tty' for referring to the interfaces that Petitboot starts a UI on. Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Add support for GPG signature enforcement on booted kernels and related blobs This can be used to implement a form of organization-controlled secure boot, whereby kernels may be loaded from a variety of sources but they will only boot if a valid signature file is found for each component, and only if the signature is listed in the /etc/pb-lockdown file. Signed-off-by: Timothy Pearson <tpearson@raptorengineering.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com> (Minor build fixes and gpgme.m4, comment on secure boot in gpg.c)
ui/common: Set current console on boot command Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/common: Free message on return Fixes Coverity defect #30468 Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com>
ui/ncurses: Add support for 'add-url' action Creates a menu option to specify a remote conf file url to send to the server for parsing. Signed-off-by: Samuel Mendoza-Jonas <sam.mj@au1.ibm.com> Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
ui/common: Add discover_client_enumerate to re-add device data Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
ui/common: associate boot options with devices The discover client isn't currently associating boot options with their devices. This change adds appropriate device list management. Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
protocol: expose discovery reinit over client/server protocol Now that we can re-initialise the device handler, allow this to be triggered from UIs over the petitboot protocol. Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
ui/ncurses: Parse configuration form & send to server This change implements the configuration save action, when the user submits the nc-config form. Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
ui/common: Don't talloc_free sysinfo and status explicitly Currently, we talloc_free() the sysinfo and status messages in the discover client, right after performing the ui's callback. However, the client may wish to keep a reference to this information beyond the callback invocation. This change introduces a per-message talloc context, which these structures are allocated under. This allows the callbacks to talloc_steal() anything they wish to keep a reference to. Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
config: Implement config messages On client connect, send a PB_PROTOCOL_ACTION_CONFIG message. Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
ui/ncurses: Allow booting custom boot options Currently, we can't boot user-created boot options, as they have no option ID associated. This change removes the check for option ID. Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
Add system info messages Add a little infrastructure for communicating information about the system to the petitboot UIs. We just send some identifying info (type and identifier), as well as the interfaces. Signed-off-by: Jeremy Kerr <jk@ozlabs.org>