tpm2vm #8
|
@ -1,11 +1,32 @@
|
||||||
|
## Build
|
||||||
FROM stagex/busybox:sx2024.08.1@sha256:8cb9360041cd17e8df33c5cbc6c223875045c0c249254367ed7e0eb445720757 AS busybox
|
FROM stagex/busybox:sx2024.08.1@sha256:8cb9360041cd17e8df33c5cbc6c223875045c0c249254367ed7e0eb445720757 AS busybox
|
||||||
FROM stagex/musl:sx2024.08.1@sha256:f888fcf45fabaaae3d0268bcec902ceb94edba7bf8d09ef6966ebb20e00b7127 AS musl
|
FROM stagex/musl:sx2024.08.1@sha256:f888fcf45fabaaae3d0268bcec902ceb94edba7bf8d09ef6966ebb20e00b7127 AS musl
|
||||||
FROM stagex/xorriso:sx2024.08.1@sha256:9ab45852aee077b68ea101173025be6e1cdbde93692efa4ee198e1960f02ab52 AS xorriso
|
FROM stagex/xorriso:sx2024.08.1@sha256:9ab45852aee077b68ea101173025be6e1cdbde93692efa4ee198e1960f02ab52 AS xorriso
|
||||||
FROM stagex/syslinux:sx2024.08.1@sha256:909dcabcf13bd39b0138309f6efdeb780e01c00bf17cb1e7ee851e8b8be74d2b AS syslinux
|
FROM stagex/syslinux:sx2024.08.1@sha256:909dcabcf13bd39b0138309f6efdeb780e01c00bf17cb1e7ee851e8b8be74d2b AS syslinux
|
||||||
FROM stagex/cpio:sx2024.08.1@sha256:25afad810fbb9b1d02762030c3e43e07259a79627dbea9b66ef7f797f8377a2a AS cpio
|
FROM stagex/cpio:sx2024.08.1@sha256:25afad810fbb9b1d02762030c3e43e07259a79627dbea9b66ef7f797f8377a2a AS cpio
|
||||||
FROM stagex/linux-airgap:sx2024.08.1@sha256:a4fac3ca7795e171a4d1b3b634fdae1790d4f8d076f3c1ac8a38f3ece72e1ec5 AS linux-airgap
|
|
||||||
FROM stagex/mtools:sx2024.08.1@sha256:b6202dc29906ea8d7594bce604cb676f5335cc51e75e3f12b5f619e8fc27cc28 AS mtools
|
|
||||||
FROM stagex/xz:sx2024.08.1@sha256:f6ca72fc9096ef5f694b6b7f9b7ad323a571d9447eb5cc790042f72e69b9aad8 AS xz
|
FROM stagex/xz:sx2024.08.1@sha256:f6ca72fc9096ef5f694b6b7f9b7ad323a571d9447eb5cc790042f72e69b9aad8 AS xz
|
||||||
|
FROM stagex/grub:sx2024.08.1@sha256:5f382615881470e0cf9c670bead785507545a2b829b391247313f516c63355e3 AS grub
|
||||||
|
FROM stagex/mtools:sx2024.08.1@sha256:b6202dc29906ea8d7594bce604cb676f5335cc51e75e3f12b5f619e8fc27cc28 AS mtools
|
||||||
|
|
||||||
|
## Development
|
||||||
|
FROM stagex/gcc AS gcc
|
||||||
|
FROM stagex/glib AS glib
|
||||||
|
FROM stagex/alsa-lib AS alsa-lib
|
||||||
|
FROM stagex/lzo AS lzo
|
||||||
|
FROM stagex/dtc AS dtc
|
||||||
|
FROM stagex/zlib AS zlib
|
||||||
|
FROM stagex/numactl AS numactl
|
||||||
|
FROM stagex/libaio AS libaio
|
||||||
|
FROM stagex/libseccomp AS libseccomp
|
||||||
|
FROM stagex/libzstd AS libzstd
|
||||||
|
FROM stagex/libffi AS libffi
|
||||||
|
FROM stagex/libslirp AS libslirp
|
||||||
|
FROM stagex/seabios AS seabios
|
||||||
|
FROM stagex/ipxe AS ipxe
|
||||||
|
FROM stagex/qemu AS qemu
|
||||||
|
|
||||||
|
## Target
|
||||||
|
FROM stagex/linux-airgap:sx2024.08.1@sha256:a4fac3ca7795e171a4d1b3b634fdae1790d4f8d076f3c1ac8a38f3ece72e1ec5 AS linux-airgap
|
||||||
FROM stagex/eudev:sx2024.08.1@sha256:66020d28246af1d1e5f8fe3b5bca3da3cbfbd1f89cc1c616b7f8d13f61419026 AS eudev
|
FROM stagex/eudev:sx2024.08.1@sha256:66020d28246af1d1e5f8fe3b5bca3da3cbfbd1f89cc1c616b7f8d13f61419026 AS eudev
|
||||||
FROM stagex/ccid:sx2024.08.1@sha256:0f50ff4441d8b20ff73babab652fc0a563bce46385100240de4ae587012c9505 AS ccid
|
FROM stagex/ccid:sx2024.08.1@sha256:0f50ff4441d8b20ff73babab652fc0a563bce46385100240de4ae587012c9505 AS ccid
|
||||||
FROM stagex/libusb:sx2024.08.1@sha256:c67807377fb18d2a874d975b43e37056eb4067a5be74ebf8c1f5e5ec65ae5650 AS libusb
|
FROM stagex/libusb:sx2024.08.1@sha256:c67807377fb18d2a874d975b43e37056eb4067a5be74ebf8c1f5e5ec65ae5650 AS libusb
|
||||||
|
@ -13,7 +34,6 @@ FROM stagex/keyfork:sx2024.08.1@sha256:bd6167d2a4a6c3b1c3f9c0accbb1fe0d5854f6499
|
||||||
FROM stagex/openpgp-card-tools:sx2024.08.1@sha256:088dbc336e34f16f7a8e323f114918468a7e4b13b190c43593ca7b0dffea54b4 AS openpgp-card-tools
|
FROM stagex/openpgp-card-tools:sx2024.08.1@sha256:088dbc336e34f16f7a8e323f114918468a7e4b13b190c43593ca7b0dffea54b4 AS openpgp-card-tools
|
||||||
FROM stagex/gpg:sx2024.08.1@sha256:b5b0726171f66da437dbd24d2398cd324b96f00115770767b4f72df2547c5323 AS gpg
|
FROM stagex/gpg:sx2024.08.1@sha256:b5b0726171f66da437dbd24d2398cd324b96f00115770767b4f72df2547c5323 AS gpg
|
||||||
FROM stagex/bash:sx2024.08.1@sha256:395e85b2f017c3fd30810d12eea5d59b015f6f5387f79bdec808ca01408cfe86 AS bash
|
FROM stagex/bash:sx2024.08.1@sha256:395e85b2f017c3fd30810d12eea5d59b015f6f5387f79bdec808ca01408cfe86 AS bash
|
||||||
FROM stagex/grub:sx2024.08.1@sha256:5f382615881470e0cf9c670bead785507545a2b829b391247313f516c63355e3 AS grub
|
|
||||||
FROM stagex/npth:sx2024.08.1@sha256:7899c399f2924c5ba0dfbce9ce6f8391e27ecd0564f0341fb85f83ba293e1ebe AS npth
|
FROM stagex/npth:sx2024.08.1@sha256:7899c399f2924c5ba0dfbce9ce6f8391e27ecd0564f0341fb85f83ba293e1ebe AS npth
|
||||||
FROM stagex/libksba:sx2024.08.1@sha256:a5aac434ffd8fca96c435756fac9e300b3d06e04a15c707d09e5e8a16c0bcd89 AS libksba
|
FROM stagex/libksba:sx2024.08.1@sha256:a5aac434ffd8fca96c435756fac9e300b3d06e04a15c707d09e5e8a16c0bcd89 AS libksba
|
||||||
FROM stagex/libgpg-error:sx2024.08.1@sha256:e7e4797f38ba1a09ba700c91e2a5c99230f04f31e7961101a72d4e95f653f284 AS libgpg-error
|
FROM stagex/libgpg-error:sx2024.08.1@sha256:e7e4797f38ba1a09ba700c91e2a5c99230f04f31e7961101a72d4e95f653f284 AS libgpg-error
|
||||||
|
@ -48,6 +68,23 @@ COPY --from=mtools . /
|
||||||
COPY --from=xz . /
|
COPY --from=xz . /
|
||||||
COPY --from=grub . /
|
COPY --from=grub . /
|
||||||
|
|
||||||
|
FROM base as dev
|
||||||
|
COPY --from=gcc . /
|
||||||
|
COPY --from=glib . /
|
||||||
|
COPY --from=alsa-lib . /
|
||||||
|
COPY --from=lzo . /
|
||||||
|
COPY --from=dtc . /
|
||||||
|
COPY --from=zlib . /
|
||||||
|
COPY --from=numactl . /
|
||||||
|
COPY --from=libaio . /
|
||||||
|
COPY --from=libseccomp . /
|
||||||
|
COPY --from=libffi . /
|
||||||
|
COPY --from=libzstd . /
|
||||||
|
COPY --from=libslirp . /
|
||||||
|
COPY --from=seabios . /
|
||||||
|
COPY --from=ipxe . /
|
||||||
|
COPY --from=qemu . /
|
||||||
|
|
||||||
FROM base AS build
|
FROM base AS build
|
||||||
|
|
||||||
## Kernel
|
## Kernel
|
||||||
|
|
36
Makefile
36
Makefile
|
@ -40,41 +40,27 @@ out/airgap.iso: Containerfile $(shell git ls-files rootfs)
|
||||||
|
|
||||||
## Development Targets
|
## Development Targets
|
||||||
|
|
||||||
|
out/dev-shell.digest: Containerfile
|
||||||
|
docker build --target dev -f Containerfile -q . > $@
|
||||||
|
|
||||||
|
.PHONY: shell
|
||||||
|
shell: out/dev-shell.digest
|
||||||
|
docker run -it $(shell cat $<) /bin/sh
|
||||||
|
|
||||||
.PHONY: vm
|
.PHONY: vm
|
||||||
vm: vm-bios
|
vm: out/dev-shell.digest out/airgap.iso out/sdcard.img
|
||||||
|
docker run -it -v ./out:/out $(shell cat $<) \
|
||||||
.PHONY: vm-bios
|
|
||||||
vm-bios: out/airgap.iso
|
|
||||||
qemu-system-x86_64 \
|
qemu-system-x86_64 \
|
||||||
-m 4G \
|
-m 4G \
|
||||||
-machine pc \
|
-machine pc \
|
||||||
-serial stdio \
|
|
||||||
-usb \
|
-usb \
|
||||||
-device sdhci-pci \
|
-device sdhci-pci \
|
||||||
-device sd-card,drive=external \
|
-device sd-card,drive=external \
|
||||||
-usbdevice tablet \
|
|
||||||
-drive id=external,if=none,format=raw,file=out/sdcard.img \
|
-drive id=external,if=none,format=raw,file=out/sdcard.img \
|
||||||
-display gtk,show-menubar=off,zoom-to-fit=on \
|
|
||||||
-device usb-storage,drive=usbdrive \
|
-device usb-storage,drive=usbdrive \
|
||||||
-drive id=usbdrive,if=none,format=raw,file=out/airgap.iso \
|
-drive id=usbdrive,if=none,format=raw,file=out/airgap.iso \
|
||||||
-boot order=c
|
-boot order=c \
|
||||||
|
-nographic
|
||||||
.PHONY: vm-efi
|
|
||||||
vm-efi: out/airgap.iso
|
|
||||||
qemu-system-x86_64 \
|
|
||||||
-m 4G \
|
|
||||||
-machine pc \
|
|
||||||
-serial stdio \
|
|
||||||
-bios /usr/share/ovmf/OVMF.fd \
|
|
||||||
-usb \
|
|
||||||
-device sdhci-pci \
|
|
||||||
-device sd-card,drive=external \
|
|
||||||
-usbdevice tablet \
|
|
||||||
-drive id=external,if=none,format=raw,file=out/sdcard.img \
|
|
||||||
-display gtk,show-menubar=off,zoom-to-fit=on \
|
|
||||||
-device usb-storage,drive=usbdrive \
|
|
||||||
-drive id=usbdrive,if=none,format=raw,file=out/airgap.iso \
|
|
||||||
-boot order=c
|
|
||||||
|
|
||||||
## Signing, Verification, and Release Targets
|
## Signing, Verification, and Release Targets
|
||||||
|
|
||||||
|
|
|
@ -20,12 +20,13 @@ null::sysinit:/bin/ln -sf /proc/self/fd/2 /dev/stderr
|
||||||
# now run any rc scripts
|
# now run any rc scripts
|
||||||
::sysinit:/etc/init.d/rcS
|
::sysinit:/etc/init.d/rcS
|
||||||
|
|
||||||
# Put a getty on the serial port
|
# Put shells on the serial terminal and console
|
||||||
#console::respawn:/sbin/getty -L console 0 vt100 # GENERIC_SERIAL
|
console::respawn:-/bin/bash
|
||||||
|
ttyS0::respawn:-/bin/bash
|
||||||
::respawn:-/bin/bash
|
::respawn:-/bin/bash
|
||||||
|
|
||||||
# Stuff to do for the 3-finger salute
|
# Stuff to do for the 3-finger salute
|
||||||
#::ctrlaltdel:/sbin/reboot
|
::ctrlaltdel:/sbin/reboot
|
||||||
|
|
||||||
# Stuff to do before rebooting
|
# Stuff to do before rebooting
|
||||||
::shutdown:/etc/init.d/rcK
|
::shutdown:/etc/init.d/rcK
|
||||||
|
|
Loading…
Reference in New Issue