Enable additional cryptographic kernel options required for using
AES-CTR via the AF_ALG userspace interface in future features:
- CONFIG_CRYPTO_PCRYPT: parallel crypto wrapper for symmetric ciphers
- CONFIG_CRYPTO_USER_API_SKCIPHER: AF_ALG user API for skcipher
- CONFIG_CRYPTO_AES_NI_INTEL: AES-NI accelerated AES implementation on x86_64
These options prepare the kernel for an AF_ALG-based AES-CTR PRNG and
other potential AF_ALG-backed cryptographic functionality in nwipe.
Allow to append a FAT16 partition image when building an ISO in hybrid mode.
This allows to add an extra writeable partition for when the ISO is burned to USB.
This feature is experimental and disabled by default.
Signed-off-by: desertwitch <24509509+desertwitch@users.noreply.github.com>
The EFI partition for hybrid ISOs does not reliably show on all Windows systems, so we cannot use our "hack" of writing the configurations/PDFs to it. Reverted instead to a sane-sized EFI partition which is used just for booting. Added a note to the README that some tools such as Rufus support an ISO-mode to add a writeable partition at burning-time.
Signed-off-by: desertwitch <24509509+desertwitch@users.noreply.github.com>
It is more convenient to not have to search for configuration files in different directories, and also helpful to see the standard configuration files, so move all ShredOS configurations into board/shredos.
Signed-off-by: desertwitch <24509509+desertwitch@users.noreply.github.com>
Helps GRUB find the ShredOS volume when it otherwise cannot (such as when the IMG is used with Ventoy in BIOS)
Signed-off-by: desertwitch <24509509+desertwitch@users.noreply.github.com>
This adds a configuration for a jack-of-all-trades ISO, which allows BIOS and UEFI booting, being written to CD/DVD-ROM and USB drives, as well as having a writeable partition when being used from an USB drive. It basically combines the functionality of all prior release versions into one single ISO (per architecture).
Signed-off-by: desertwitch <24509509+desertwitch@users.noreply.github.com>
Post-processing used a static (outdated?) GRUB image for USB image generation, but it is better to use the GRUB image produced as part of the building process, which ensures that the actual compiled GRUB version is used as bootloader in our images and not an outdated one.
Post-processing previously embedded the 64-bit EFI bootloader to 32-bit builds, as no architecture checks were in place. This was changed to check for architecture and embed the correct EFI bootloader for the respective target architecture instead.
The GRUB configuration was changed to use a menu, to allow the user to choose between standard and nomodeset parameters, while also allowing the user to edit the command line to append other kernel parameters they may need for their systems.
The vanity kernel image name was returned to bzImage to clearly mark the image for what it is, and to remain consistent with the ISO file generation where we have no direct control over the image now.
Signed-off-by: desertwitch <24509509+desertwitch@users.noreply.github.com>
As the board is now using a GRUB menu, replacing these messages no longer makes sense (most users will never see them), so the additional patch is better removed.
Signed-off-by: desertwitch <24509509+desertwitch@users.noreply.github.com>
