Skip to content

Foxboron/stboot

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

107 Commits
.github
.github
 
 
host
host
 
 
opts
opts
 
 
ospkg
ospkg
 
 
sterror
sterror
 
 
stlog
stlog
 
 
trust
trust
 
 
vendor
vendor
 
 
.gitignore
.gitignore
 
 
.golangci.yaml
.golangci.yaml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
stboot.go
stboot.go
 
 
stboot_test.go
stboot_test.go
 
 

Repository files navigation

stboot

Build Test codecov

The reference bootloader implementation for System Transparency.

Description

The stboot bootloader can be used as an init program inside an initramfs and is designed to be combined with a Linux kernel to form a LinuxBoot distribution. It is closely related to the u-root project. On the one hand, stboot depends on some standard Linux tools packages provided by u-root, on the other hand, u-root is used to create an initramfs including stboot.

Usage

Make sure your Go version is >=1.13 && <1.16. Make sure your GOPATH is set up correctly. Although using modules, stboot still vendors dependencies to work smoothly with u-root. So if you are usually working with go modules enabled do the following in your working directory:

mkdir go
export GO111MODULE=off
export GOPATH=${PWD}/go

Download and install u-root and stboot:

go get github.com/u-root/u-root
go get github.com/system-transparency/stboot

Build an initramfs:

./go/bin/u-root -o initramfs.cpio -uinitcmd stboot github.com/u-root/u-root/cmds/core/{init,elvish,ls} github.com/system-transparency/stboot

There should be your brand new initramfs.cpio in you working directory.

Test your initramfs (assuming your OS kernel at /boot/vmlinuz):

qemu-system-x86_64 -kernel /boot/vmlinuz -nographic -append "console=ttyS0,115200 uroot.uinitargs='-debug'" -initrd initramfs.cpio -m 2048 --enable-kvm

You should see something like this:

[...]
[    0.689686] Run /init as init process
2021/05/03 12:01:15 Welcome to u-root!
                              _
   _   _      _ __ ___   ___ | |_
  | | | |____| '__/ _ \ / _ \| __|
  | |_| |____| | | (_) | (_) | |_
   \__,_|    |_|  \___/ \___/ \__|

init: 2021/05/03 12:01:15 no modules found matching '/lib/modules/*.ko'
stboot: 
  _____ _______   _____   ____   ____________
 / ____|__   __|  |  _ \ / __ \ / __ \__   __|
| (___    | |     | |_) | |  | | |  | | | |   
 \___ \   | |     |  _ <| |  | | |  | | | |   
 ____) |  | |     | |_) | |__| | |__| | | |   
|_____/   |_|     |____/ \____/ \____/  |_|   

recovery: load security config: read file: open /etc/security_configuration.json: no such file or directory

As long as you can see the stboot banner, everything is fine. The program will exit with an error because of missing configuration data. See https://github.com/system-transparency/system-transparency for details on how to set up System Transparency.

About

The reference bootloader implementation for System Transparency

www.system-transparency.org

Resources

Readme

License

BSD-3-Clause license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • Go 100.0%