stboot

command module

v0.1.0 Latest Latest Go to latest Published: May 16, 2023 License: BSD-3-Clause Imports: 14 Imported by: 0

README ¶

stboot

The reference bootloader implementation for System Transparency.

Description

The stboot bootloader can be used as an init program inside an initramfs and is designed to be combined with a Linux kernel to form a LinuxBoot distribution. It is closely related to the u-root project. On the one hand, stboot depends on some standard Linux tools packages provided by u-root, on the other hand, u-root is used to create an initramfs including stboot.

Usage

Make sure your Go version is >=1.13 && <1.16. Make sure your GOPATH is set up correctly. Although using modules, stboot still vendors dependencies to work smoothly with u-root. So if you are usually working with go modules enabled do the following in your working directory:

mkdir go
export GO111MODULE=off
export GOPATH=${PWD}/go

Download and install u-root and stboot:

go get github.com/u-root/u-root
go get system-transparency.org/stboot

Build an initramfs:

./go/bin/u-root -o initramfs.cpio -uinitcmd stboot github.com/u-root/u-root/cmds/core/{init,elvish,ls} system-transparency.org/stboot

There should be your brand new initramfs.cpio in you working directory.

Test your initramfs (assuming your OS kernel at /boot/vmlinuz):

qemu-system-x86_64 -kernel /boot/vmlinuz -nographic -append "console=ttyS0,115200 uroot.uinitargs='-debug'" -initrd initramfs.cpio -m 2048 --enable-kvm

You should see something like this:

[...]
[    0.689686] Run /init as init process
2021/05/03 12:01:15 Welcome to u-root!
                              _
   _   _      _ __ ___   ___ | |_
  | | | |____| '__/ _ \ / _ \| __|
  | |_| |____| | | (_) | (_) | |_
   \__,_|    |_|  \___/ \___/ \__|

init: 2021/05/03 12:01:15 no modules found matching '/lib/modules/*.ko'
stboot: 
  _____ _______   _____   ____   ____________
 / ____|__   __|  |  _ \ / __ \ / __ \__   __|
| (___    | |     | |_) | |  | | |  | | | |   
 \___ \   | |     |  _ <| |  | | |  | | | |   
 ____) |  | |     | |_) | |__| | |__| | | |   
|_____/   |_|     |____/ \____/ \____/  |_|   

recovery: load security config: read file: open /etc/security_configuration.json: no such file or directory

As long as you can see the stboot banner, everything is fine. The program will exit with an error because of missing configuration data. See https://git.glasklar.is/system-transparency/core/system-transparency for details on how to set up System Transparency.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

stboot.go

Directories ¶

Path	Synopsis
host Package host exposes functionality to interact with the host mashine.	Package host exposes functionality to interact with the host mashine.
network
internal
certutil
jsonutil Package host exposes functionality to interact with the host mashine.	Package host exposes functionality to interact with the host mashine.
opts
ospkg
sterror Package sterror provides the error handling used in stboot.	Package sterror provides the error handling used in stboot.
stlog Package stlog exposes leveled logging capabilities.	Package stlog exposes leveled logging capabilities.
trust

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL