summaryrefslogtreecommitdiff
path: root/man/systemd-stub.xml
Commit message (Collapse)AuthorAgeFilesLines
* man: Use ukify instead of objcopy in examplesJan Janssen2023-01-111-41/+3
| | | | | These hardcoded VMA section offsets are a terrible thing and should vanish from earth.
* tree-wide: BLS and DPS are now on uapi-group websiteZbigniew Jędrzejewski-Szmek2022-11-211-1/+1
|
* NEWS: Clarify overlapping UKI PE section offsetsJan Janssen2022-10-311-0/+4
|
* man: "the initial RAM disk" → "the initrd"Zbigniew Jędrzejewski-Szmek2022-09-201-11/+11
| | | | | | | | | | | | | | | In many places we spelled out the phrase behind "initrd" in full, but this isn't terribly useful. In fact, no "RAM disk" is used, so emphasizing this is just confusing to the reader. Let's just say "initrd" everywhere, people understand what this refers to, and that it's in fact an initramfs image. Also, s/i.e./e.g./ where appropriate. Also, don't say "in RAM", when in fact it's virtual memory, whose pages may or may not be loaded in page frames in RAM, and we have no control over this. Also, add <filename></filename> and other minor cleanups.
* man: say early what a unified kernel image/UKI isLennart Poettering2022-09-091-3/+3
|
* man: be more careful regarding TPM vs. TPM2Lennart Poettering2022-09-091-1/+1
| | | | | | | | We support PCR measurements for both classic TPM1.2 and TPM2, hence just say "TPM" generically in that context. But the signed policies are exclusive to TPM2, hence always say TPM2 there. We mostly got that right, except at one place. Fix that.
* man: document the new .pcrsig/.pcrpkey sections for unified kernel imagesLennart Poettering2022-09-091-5/+110
|
* sd-stub: measure sysext images picked up by sd-stub into PCR 13Lennart Poettering2022-08-021-2/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Let's grab another so far unused PCR, and measure all sysext images into it that we load from the ESP. Note that this is possibly partly redundant, since sysext images should have dm-verity enabled, and that is hooked up to IMA. However, measuring this explicitly has the benefit that we can measure filenames too, easily, and that all without need for IMA or anything like that. This means: when booting a unified sd-stub kernel through sd-boot we'll now have: 1. PCR 11: unified kernel image payload (i.e. kernel, initrd, boot splash, dtb, osrelease) 2. PCR 12: kernel command line (i.e. the one embedded in the image, plus optionally an overriden one) + any credential files picked up by sd-stub 3. PCR 13: sysext images picked up by sd-stub And each of these three PCRs should carry just the above, and start from zero, thus be pre-calculatable. Thus, all components and parameters of the OS boot process (i.e. everything after the boot loader) is now nicely pre-calculable. NOTE: this actually replaces previous measuring of the syext images into PCR 4. I added this back in 845707aae23b3129db635604edb95c4048a5922a, following the train of thought, that sysext images for the initrd should be measured like the initrd itself they are for, and according to my thinking that would be a unified kernel which is measured by firmware into PCR 4 like any other UEFI executables. However, I think we should depart from that idea. First and foremost that makes it harder to pre-calculate PCR 4 (since we actually measured quite incompatible records to the TPM event log), but also I think there's great value in being able to write policies that bind to the used sysexts independently of the earlier boot chain (i.e. shim, boot loader, unified kernel), hence a separate PCR makes more sense. Strictly speaking, this is a compatibility break, but I think one we can get away with, simply because the initrd sysext images are currently not picked up by systemd-sysext yet in the initrd, and because of that we can be reasonably sure noone uses this yet, and hence relies on the PCR register used. Hence, let's clean this up before people actually do start relying on this.
* efi: from the stub measure the ELF kernel + built-in initrd and so on into ↵Lennart Poettering2022-08-021-8/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | PCR 11 Here we grab a new – on Linux so far unused (by my Googling skills, that is) – and measure all static components of the PE kernel image into. This is useful since for the first time we'll have a PCR that contains only a PCR of the booted kernel, nothing else. That allows putting together TPM policies that bind to a specific kernel (+ builtin initrd), without having to have booted that kernel first. PCRs can be pre-calculated. Yay! You might wonder, why we measure just the discovered PE sections we are about to use, instead of the whole PE image. That's because of the next step I have in mind: PE images should also be able to carry an additional section that contains a signature for its own expected, pre-calculated PCR values. This signature data should then be passed into the booted kernel and can be used there in TPM policies. Benefit: TPM policies can now be bound to *signatures* of PCRs, instead of the raw hash values themselves. This makes update management a *lot* easier, as policies don't need to be updated whenever a kernel is updated, as long as the signature is available. Now, if the PCR signature is embedded in the kernel PE image it cannot be of a PCR hash of the kernel PE image itself, because that would be a chicken-and-egg problem. Hence, by only measuring the relavent payload sections (and that means excluding the future section that will contain the PCR hash signature) we avoid this problem, naturally.
* efi: tell userspace where the stub measured the kernel command ↵Lennart Poettering2022-08-021-1/+9
| | | | | | | line/credentials into This is useful for userspace to know, so that policies can be put together safely, matching what the stub actually measured.
* tree-wide: Fix typoYu Watanabe2022-04-251-1/+1
|
* man: update TPM2 PCR documentationLennart Poettering2022-04-201-4/+76
| | | | | | | | | | | | The assignments were partly simply incorrectly documented, partly changed with 4d32507f5186a89e98093659fbbe386787a97b9f and partly missing. Moreover kernel 5.17 now measures all initrds to PCR 9 on its own (https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f046fff8bc4c4d8f8a478022e76e40b818f692df) Let's correct all this and bring it up-to-date. And while we are at it extend the docs about this in systemd-stub, with a new table that indicates which OS resource is protected by which PCR.
* Fix man page linksZbigniew Jędrzejewski-Szmek2022-04-121-4/+4
| | | | Based on linkchecker as usual.
* man: also install systemd-stub man page as sd-stubLennart Poettering2022-03-221-0/+1
| | | | | | | | | So, typically systemd-boot is referenced as sd-boot, due to te usual shorter naming in ESP resources. systemd-stub didnt do that so far, since it never appears as separate files in the ESP. However it's super annoying that you can find "man sd-boot", but not the very closely related "man sd-stub". Let's fix that, and also add an "sd-stub" alias to the "systemd-stub" man page.
* man: various issues reported in #22432Zbigniew Jędrzejewski-Szmek2022-02-231-2/+5
| | | | Fixes #22432.
* man: do not install sd-boot man pages when -Dgnu-efi=false is setDavide Cavalca2021-12-141-1/+1
|
* stub: Load credentials from \loader\credentials\*.credAdrian Vovk2021-12-101-7/+17
| | | | | | | | | Some types of credentials that a user would want to pass into the initrd do not depend on the specific kernel/initrd version. For instance, this can include SSH keys, rootfs encryption keys, dm-integrity keys, and so on. This introduces a directory where such credentials can be placed so that any kernel image will load them
* [st-stub] documenting the .dtb sectionMax Resch2021-10-161-1/+9
|
* man: add man page for the systemd UEFI stubLennart Poettering2021-09-231-0/+204
Fixes: #17215
View Lorry Controller Status