Brett Grandbois [Tue, 15 May 2018 00:55:49 +0000 (10:55 +1000)]
lib/security: add in openssl support
Refactor to export a generic API rather than specific gpg_ prefixes by
changing gpg.h to security.h and renaming some of the exports.
Break out the common and specific functionality into common.c and
none.c/gpg.c/openssl.c for no/gpgme/openssl modes respectively.
gpgme should work as before
OpenSSL support works like this:
The pb-lockdown file is a PKCS12 file or X509 certificate or PEM-encoded
raw public key. To follow the current conventions the presence of a
PKCS12 file as a lockdown signals decrypt mode because of the presence
of the private key, anything else signals signature verification mode.
The keyring path is currently ignored but in the future could be used to
point to an X509 certificate chain for validity checking. Because of
this self-signed certificates are currently supported and really just
used as a public key container.
Signature verification mode supports:
* Cryptographic Message Syntax (CMS) as detached S/MIME, this is really
more for consistency for the encryption mode (see below). This mode
requires the lockdown file to be an X509 certificate.
* Raw signature digest as output from openssl dgst -sign command. This
mode can have the lockdown file be an X509 certificate or a PEM raw
public key but the digest algorithm must be pre-defined by the
VERIFY_DIGEST configure argument. The default is SHA256.
A sample creation command would be:
openssl dgst -sign (private key) -out (outfile) -(digest mode) \
(infile)
Decryption mode supports:
* CMS signed-envelope as attached S/MIME. This is for consistency with
the current expectation of no external file for decryption. Some
future enhancement could be to come up with some proprietary external
file format containing the cipher used, the encrypted cipher key, and
the IV (if necessary).
Brett Grandbois [Tue, 15 May 2018 00:55:48 +0000 (10:55 +1000)]
configure: Add signed-boot openssl configuration support
Change the with-signed-boot option to take the following values:
no - disable signed boot (as before)
gpgme - configure for gpgme, fail if not found
openssl - configure for openssl, fail if not found
yes - look first for gpgme then openssl using first found, fail on none
this should behave as before if gpgme has been installed
fail on any other invalid options
add in the ax_check_openssl.m4 macro to facilitate openssl probing
Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Geoff Levand [Mon, 21 May 2018 19:59:39 +0000 (19:59 +0000)]
docker: Add DOCKER_FROM arg
The dockerfile for each architecture is the same except for the 'FROM' image.
Add a new Dockerfile argument DOCKER_FROM that allows for a commom dockerfile.
If the docker version is older than 17.05 generate a docker file from
the common one.
Signed-off-by: Geoff Levand <geoff@infradead.org> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Brett Grandbois [Wed, 16 May 2018 03:23:49 +0000 (13:23 +1000)]
discover/boot: abort kexec on any error from validation
gpg_validate_boot_files() can return error codes for a variety of
reasons but kexec_load only aborts for signature or decryption failure.
In any other failure case like unable to open LOCKDOWN_FILE or do the
secure copy the validation is bypassed by an early return but kexec_load
does not abort.
Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Brett Grandbois [Thu, 3 May 2018 06:02:04 +0000 (16:02 +1000)]
lib/file: remove mkstemp umask in copy_file_secure_dest
mkstemp will generate the temp file with permissions 0600 so the
umask(0644) is causing the file to have permissions of 0000, making
signature files unreadable
Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Andrew Donnellan [Mon, 30 Apr 2018 07:29:04 +0000 (17:29 +1000)]
travis: Enable ppc64le Travis builds
Travis now supports building on ppc64le. Given that Power machines are
currently the largest use case of petitboot, it seems appropriate that we
enable this.
Signed-off-by: Andrew Donnellan <andrew.donnellan@au1.ibm.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/syslinux-parser: filter out duplicate conf files
in case insensitive filesystems like vfat the duplicate conf file list
will create duplicate boot options. to filter that out strore the
struct stat of each parsed conf file and compare inodes
Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/grub: Allow to set a default index for BLS entries
When the BLS support was added, the conclusion was that default indexes
didn't apply for BLS snippets. But for GRUB 2 the indexes refers to the
boot menu entries in memory, regardless of how these were generated.
Since in GRUB 2 is valid to set a default index even for menu entries
generated from BLS fragments, allow this to also be done in Petitboot.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/grub: Don't add discover context boot options in blscfg handler
Instead of adding a boot option explicitly, just add it to the grub script
boot option list and increment the number of options. That way BLS entries
will be known by the grub script handler and can check if is a valid index.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/grub: Reverse BLS entries sorting to match Petitboot's boot order
The BLS entries were sorted so that the latest entry was at the top in the
Petitboot UI, since it matches how menu entries are sorted in GRUB2 config
and the GRUB2 UI.
But in the Petitboot's UI, the latest entry is expected to be at the bottom
and the older one at the top. Sort the BLS entries to match what's expected.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/grub: Add blscfg command support to parse BootLoaderSpec files
The BootLoaderSpec (BLS) defines a file format for boot configurations,
so bootloaders can parse these files and create their boot menu entries
by using the information provided by them [0].
This allow to configure the boot items as drop-in files in a directory
instead of having to parse and modify a bootloader configuration file.
The GRUB 2 bootloader provides a blscfg command that parses these files
and creates menu entries using this information. Add support for it.
lib/security: Fix broken if statements in gpg_validate_boot_files()
The patch ccb478ac "Add encrypted file support" removes two
result = KEXEC_LOAD_SIGNATURE_FAILURE;
statements from after the `if (verify_file_signature)` lines for the
kernel and cmdline signatures. This appears to have been a mistake that
snuck through testing, and would allow incorrect signatures to pass
validation.
Also fix up some confusing indenting in the decryption section.
Reported-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Include the CCAN endian.h header in build sources and change the
--with-twin-foo options to default off - most users are not building
with libtwin so avoid having configure fail for them.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
In dc85de97 "Allow load_async_url() to call callback for local paths"
several load_url_result fields of the boot_task struct were deprecated
but were accidentally left in the struct. This caused the now out of
date code in cleanup_cancellations() to go unnoticed since it can return
safely if these fields are NULL. However freeing the boot task can free
the memory associated with each load before it is complete, resulting in
a confusing segfault.
This brings cleanup_cancellations() up to date and along the way
implicitly includes the signature resources in cleanup which were missed
originally.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Joel Stanley [Tue, 6 Mar 2018 04:02:20 +0000 (14:32 +1030)]
discover: pxe: Avoid dereferencing null pointer
When result is null, we may end up in the error handling path where we
try to dereference null to call cleanup_local. This adds a check for
result.
Found with scan-build.
Signed-off-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Cyril Bur <cyrilbur@gmail.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
[Fixed up commit message typo]
Joel Stanley [Tue, 6 Mar 2018 04:02:18 +0000 (14:32 +1030)]
discover: Fix unused function warning
clang errors out about an unused have_busybox function:
discover/paths.c:44:13: error: unused function 'have_busybox' [-Werror,-Wunused-function]
static bool have_busybox(void)
^
Move have_busybox() to inside the #ifndef PETITBOOT_TEST scope to
eliminate the warning and avoid having #ifdefs in load_url_async().
Signed-off-by: Joel Stanley <joel@jms.id.au> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
[Moved definition into #ifndef PETITBOOT_TEST instead of using
#ifdef at the call site]
Joel Stanley [Tue, 6 Mar 2018 04:02:17 +0000 (14:32 +1030)]
ncurses: Fix bad strncmp
ui/ncurses/nc-cui.c:967:58: warning: size argument in 'strncmp' call is a comparison [-Wmemsize-comparison]
if (strncmp(cod->opt->id, "dummy", strlen("dummy") == 0 &&
~~~~~~~~~~~~~~~~~~~~~^~
ui/ncurses/nc-cui.c:967:6: note: did you mean to compare the result of 'strncmp' instead?
if (strncmp(cod->opt->id, "dummy", strlen("dummy") == 0 &&
^
There appears to be two bonus conditions inside the length field. I
chose to drop the pointless strncmp(foo, bar, strlen(bar)), as this is
equivalent to strcmp(foo, bar).
Signed-off-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Cyril Bur <cyrilbur@gmail.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
[Fixed up commit message typo]
Joel Stanley [Tue, 6 Mar 2018 04:02:16 +0000 (14:32 +1030)]
discover: Fix bad check of version string
Clang says this:
discover/device-handler.c:1564:27: warning: size argument in 'strncmp' call is a comparison [-Wmemsize-comparison]
strlen(opt->version) == 0)) {
~~~~~~~~~~~~~~~~~~~~~^~~~
discover/device-handler.c:1563:5: note: did you mean to compare the result of 'strncmp' instead?
strncmp(opt->version, tmp->version,
^
It looks like it's correct. However, we can go one better and drop the
pointless strncmp(foo, bar, strlen(bar)), as this is equivalent to
strcmp(foo, bar).
Signed-off-by: Joel Stanley <joel@jms.id.au> Reviewed-by: Cyril Bur <cyrilbur@gmail.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
The linux,stdout-path property was deprecated in favour of stdout-path
in the v3.14 kernel. 'stdout-path' takes priority in newer kernels but
older kernels won't be aware of it, so set both at boot time.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/platform-powerpc: Avoid confusing gateway and URL
If we have a static network config with a URL set but not a gateway we
can confuse the URL as the gateway due to how we write the network
string in NVRAM.
To avoid changing the parameter format if we only have one of the two
tokens check whether or not it's actually a URL; the gateway and the URL
will have distinct formats.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
The boot option editor screen segfaults on a system info update since it
loses track of which fields actually exist.
The boot editor screen's setup and drawing logic is a bit different from
other screens, so to fix this bug and preserve the maintainer's sanity,
bring the screen setup and redraw into line with other screens. This
includes a full teardown of the widgets on update, so save the content
of any textboxes on update so the user's changes are not lost.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover: Allow load_async_url() to call callback for local paths
Several pxe-parser tests fail because the test harness's version of
load_async_url() will call the callback directly, but in pxe-parser the
caller checks if the path was local and calls the callback immediately.
Being called twice, a use-after-free occurs in the callback.
For consistency change the load_async_url() semantics such that it is
possible for load_async_url() to call the callback before it returns in
the case of local paths. Callers need to know this is possible, but now
won't need to check to call it manually.
This requires a slight reorganisation of the boot_process() code, since
it checks the result of several asynchronous load operations in the same
callback, and with this change not all of those results will necessarily
be initialised at callback time. Add a list of 'boot_resources' which
carry the required information for the resource and allow the boot
handler to treat different resources generically.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/device-handler: Treat empty boot order as 'boot any'
It is possible to have autoboot enabled with an empty boot order.
Currently this acts as if autoboot is disabled, but it likely makes more
sense to the user for this to behave as "autoboot any device".
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/ncurses: Clear remaining space when drawing help line
When drawing the screen's help line clear each character after the new
help line to avoid stale parts of the previous screen's help line
remaining on the screen.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Brett Grandbois [Mon, 5 Feb 2018 20:40:31 +0000 (06:40 +1000)]
grub2/grub2-parser: accept no whitespace in grub menuentry
The Yocto wic grub support will generate a grub.cfg with no whitespace
between the ending quote of the menuentry label and the opening bracket.
There doesn't seem to be anything in the specification that this is
illegal so accept it here.
Signed-off-by: Brett Grandbois <brett.grandbois@opengear.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/ncurses: Allow multiple hot key handlers per pmenu
The main menu and plugin menu are separate screens but they share the
pmenu_process_key() handler. This means all the key shortcuts intended
for the main menu can also be used in the plugin menu, which is
particularly odd for "add new boot option" for example.
To work around this extend the 'hot_key' functionality in pmenu to allow
multiple handlers. This allows all pmenus to have the usual navigation
and action keys, and then add extra handlers as needed. For example,
ps3_mm_init() needs main menu shortcuts as well as some PS3-specific
shortcuts, whereas plugin_menu_init() only needs the generic key
handler.
This changes the functionality of pmenu_process_key() such that if a
hot_key_fn successfully handles a key, pmenu_process_key() returns
instead of continuing to process the key. This does not affect the
current usage.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/pxe-parser: Fix relative parsing for manual config files
Manually specified config files are asynchronously downloaded by
device_handler_process_url() before being parsed. This overwrites the
'pxeconffile' parameter, causing the parser to create relative paths
relative to the downloaded file's path, not the original remote path.
Work around this by setting 'pxeconffile-local' instead to differentiate
between the original config file's location and the local copy.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
If the ncurses UI exits before it has contacted the server it is meant
to fork a process to wait until the connection is made and cancel
autoboot. This prevents users dropping to the shell and then having the
machine boot out from underneath them.
In e1e2ca68 "Spawn shell in exit handler" the UI doesn't actually exit
on "exit", but it isn't listening to server events either while the
shell is active. In this case make sure we still fork to notify the
server.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
In the vt100 'application' cursor mode arrow keys produce ^[Ox rather
than the usual ^[[x. Add this pattern to our defined keys so we don't
accidentally catch the escape key.
For reference:
http://www.tldp.org/HOWTO/Keyboard-and-Console-HOWTO-21.html
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Cyril Bur [Thu, 16 Nov 2017 03:49:14 +0000 (14:49 +1100)]
discover/pxe-parser: Fine grained proxy control
Petitboot provides a method for a user to manually specify a
configuration file that should be retrieved. Petitboot also has a
global proxy configuration.
This patch aims to marry the two so that a custom configuration file
can specify that a specific proxy should be used to access one (or all)
of the options within it.
This makes custom configuration files more powerful as they can point
to files behind proxies without the user needing to also specify the
global proxy for that specific custom configuration file to work.
This adds parsing for a `proxy` option which will apply to all boot
items found after.
Signed-off-by: Cyril Bur <cyrilbur@gmail.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
The commit message reads:
If ax_with_ncurses finds a ncursesw instance the former code checks
only for <ncursesw/panelh>. If not there the search fails.
That let to problems at least in Arch Linux which has only <panel.h>
installed.
The patched version here checks first for <ncursesw/panel.h> and if
not found also for <panel.h>.
Tested for the following distributions:
Gentoo, Debian 7..9, Linux Mint 17 and 18.1, Arch Linux, Ubuntu
ARCH Linux builds ncurses with wide character support but does not add
any ncurses specific headers. nurses its self (by default) adds almost
no ncurses specific headers. No {prefix}/include/ncurses directory. In
fact the only ncurses specific file is the ncurses.h symlink to
curses.h, other than that there are no ncurses headers.
The ax_with_curses.m4 script detects if the installed ncurses has wide
character support. It checks using code snippets against all possible
ncurses header files.
If the ax_with_curses.m4 script detects wide character support the
ax_with_curses_extra.m4 will only look for extra curses features (in
the case of petitboot, form.h and menu.h) inside the
{prefix}/include/ncurses directory, when they could simply be in
{prefix}/include.
Signed-off-by: Cyril Bur <cyrilbur@gmail.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/ncurses: Safely handle lost terminal control commands
Normally terminal control commands are caught and handled before ncurses
or Petitboot could see them. However several combinations of broken
terminal emulators or console connections can cause these command
sequences to be seen by Petitboot, usually resulting in Petitboot
exiting due to the ESC character and then the rest printed to the
console.
Aside from confusing the user this can also cancel autoboot, so it's
important we don't let these sequences go unnoticed if possible.
In ui/ncurses/console-codes we add a state machine that recognises the
syntax of these control/escape sequences and handles the lost
characters. We don't try to emulate the functionality of these commands,
instead just logging them for reference.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
On OpenBMC platforms IPMI requests can take over five seconds to
complete. OpenBMC does inform OPAL in BT init that it may take up to
ten seconds to respond to any requests, so update our timeout value to
accommodate this extra delay.
On other platforms this will won't change anything (AMI- and SMC- based
BMCs for example respond in under a second), but on OpenBMC platforms
such as Witherspoon this will delay Petitboot significantly while we
wait for the response. This is not ideal but we need to wait in order to
receive important information such as a safe mode request.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/device-handler: Fallback to device if snapshot fails to mount
In the event that a snapshot fails to mount, destroy it and fall back to
the actual source device. While this loses the protection afforded by a
snapshot it avoids users being greeted with an empty boot menu and
unable to continue booting.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/ncurses: Display multibyte strings correctly in textscreens
In nc-textscreen each line of text is capped at a certain length to
avoid running off the side of the viewable screen. However it appears
the ncurses function mvwaddnstr() counts by byte instead of actual
character, causing strings which contain multibyte characters to be cut
short.
To avoid this check the displayed length of each string against the
screen width, and if under instruct mvwaddnstr() to print the whole
string.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
In cui_on_exit()_ instead of exiting the program spawn a sh instance.
This allows the user to drop to the shell and return without losing any
custom boot options, for example.
SIGINT still calls cui_abort() to properly exit Petitboot.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/ncurses: Don't modify config when clearing IPMI override
When safe mode is active the config displayed in nc-config is only a
subset of the actual config since device init has not yet occurred.
However when the "clear override" checkbox is ticked and the config
saved, the form will set the config as it is displayed, resulting in
device-specific config (eg. boot order and network settings) being
cleared. If the user only ticked the "clear override" checkbox this most
likely isn't what they intended.
Instead change the checkbox to a button which when pressed clears the
override and exits safe mode if active, without modifying the rest of
the configuration.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/device-handler: Disable safe mode warning on reinit
If a user pressed "Rescan Devices" in safe mode the reinit would
complete successfully, but the big warning that safe mode is active
would remain. On reinit clear the safe_mode flag properly.
This has no functional change aside from clearing the UI warning - the
IPMI override remains active until cleared or a successful boot occurs.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Skiboot commit c043065 "flash: Make size 64 bit safe" updated the
prototype of blocklevel_get_info() to use a uint64_t for the size
parameter. Update our usage to reflect this.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover: Update env vars at init and suppress LVM warnings
Environment variables are not platform-specific so move
set_proxy_variables to device-handler and call it at handler init.
At the same time set LVM_SUPPRESS_FD_WARNINGS to ignore the "file
descriptor leaked" warnings when calling LVM-utilities, since we must
keep some file descriptors open in lib/process.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover/device-handler: Be ready for user events earlier
Actions performed in network and udev init may result in pb-event
callbacks (such as from udhcpc or pb-plugin), so make sure the user
event interface is set up beforehand.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Add a second pmenu accessible via the main menu which displays
uninstalled and installed pb-plugins. Uninstalled options can be
selected to trigger pb-plugin to install them, after which they are
updated and marked as installed in the menu.
Installed plugins can be investigated by entering the new plugin screen,
where plugin metadata and executables are displayed. Executables can be
run from this screen via cui_run_cmd().
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
ui/ncurses: Update cui_run_cmd() to pass display to command
Update cui_run_cmd() to setup a process that uses 'raw_stdout' so that
output is displayed on the screen instead of being caught in the log.
Also update cui_run_cmd() to take a more generic list of arguments, and
add a cui_run_cmd_from_item() wrapper for the existing user.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Handle "_PLUGIN_INSTALL" requests from clients. Calling the pb-plugin
script from pb-discover ensures different clients don't trip over each
other. Successfully installed plugins are automatically communicated
back to clients once pb-plugin sends a 'plugin' user event.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
utils/pb-plugin: Advertise pb-plugins to discover server
Update the pb-plugin utility to create a 'plugin' pb-event when it
successfully scans or installs a pb-plugin.
To aid invoking pb-plugin from pb-discover there following two commands
are updated:
- `pb-plugin scan` can now be called for a single directory.
- `pb-plugin install` now has an optional "auto" argument that will
skip asking for confirmation before installation.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Add a small wrapper script for the Petitboot UI to call interactable
programs with. The wrapper calls the program and waits for user input
before returning to the Petitboot UI.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Add a new user event to advertise pb-plugins and add them to the
device_handler. Plugins described by this event can either be
uninstalled pb-plugin files or successfully installed pb-plugins
depending on the associated parameters.
The is primarily intended for use by the pb-plugin utility itself to
notify Petitboot as it operates on pb-plugin files.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Track plugin_options in the device_handler. Plugins can be added with
device_handler_add_plugin_option() and accessed via
device_handler_get_plugin().
Extend discover_server to support the new 'add' and 'remove' pb-protocol
actions and advertise new plugins to connecting clients.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Extend the pxe-parser to recognise 'PLUGIN' as well as the usual 'LABEL'
when parsing a config file. 'PLUGIN' will be used to specify an option
that provides the location of an installable pb-plugin file, named by
the 'TARBALL' label.
Since plugin options are discovered via the same mechanism as boot
options treat them the same as boot options and at the 'type' field to
the boot_option struct to differentiate between them.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Add a new struct 'plugin_option' to represent pb-plugins that are
installed on the system. This consists of plugin metadata and an array
of installed executables.
This also adds two new pb-protocol actions to advertise the addition of
a new plugin_option, and to remove known plugin_options.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Bring setup for the add-url screen into line with other screens. This
fixes an issue with a proper redraw not occurring on help screen init or
screen exit, and facilitates other work on simplifying screen init.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
Similarly to nc-subset, extend the maximum height of the boot-editor pad
to account for the fields of the device select potentially wrapping due
to long device names.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
pb-sos: effectively compress the pb-sos file with gzip
Currently the pb-sos tool creates a TAR file with logs, but without
compressing it using gzip, for example. Even the output of command
says "Compressing...", but in fact no compression is done.
This patch uses gzip to effectively compress the logs. It achieves
83% of compression, observed after a simple experiment.
Also, makes use of $tarflags variable instead of pass the flags
directly in the command call.
Signed-off-by: Guilherme G. Piccoli <gpiccoli@linux.vnet.ibm.com> Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
discover: Wait for net interfaces to be marked ready
If pb-discover is started before udev has settled there is a race
between Petitboot configuring interfaces and udev renaming them. If an
interface is set "up" the name change will fail and interfaces can be
inconsistently named, eg:
Device: (*) eth0 [0c:c4:7a:f4:1c:50, link up]
( ) enP1p9s0f1 [0c:c4:7a:f4:1c:51, link down]
( ) enP1p9s0f2 [0c:c4:7a:f4:1c:52, link down]
( ) enP1p9s0f3 [0c:c4:7a:f4:1c:53, link down]
Add "net" devices to the udev filter and wait for them to be announced
by udev before configuring them.
udev_enumerate_add_match_is_initialized() ensures that by the time an
interface appears via udev its name will be consistent.
This also swaps the network and udev init order, but since interfaces
now will not be configured until after udev is ready this should not
have a user-visible effect.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
If logical volumes are active and recognised by udev, no longer ignore
them. We also do some extra handling to use user-friendly device names
and mount the /dev/mapper/foo device rather than the /dev/dm-xx device.
Additionally if we see "LMV2_member" devices start a rescan in case
LVM-formatted disks came up after the LVM initscript.
Signed-off-by: Samuel Mendoza-Jonas <sam@mendozajonas.com>
projects / petitboot / log