Commit 5f588e52 authored by intrigeri's avatar intrigeri
Browse files

Merge remote-tracking branch 'origin/bugfix/12354-drop-kexec-memory-wipe' into...

Merge remote-tracking branch 'origin/bugfix/12354-drop-kexec-memory-wipe' into feature/stretch (Fix-committed: #12428, #12354)
parents 29918347 33085184
...@@ -76,7 +76,7 @@ $RUN_LB_CONFIG \ ...@@ -76,7 +76,7 @@ $RUN_LB_CONFIG \
--iso-application="The Amnesic Incognito Live System" \ --iso-application="The Amnesic Incognito Live System" \
--iso-publisher="https://tails.boum.org/" \ --iso-publisher="https://tails.boum.org/" \
--iso-volume="TAILS ${AMNESIA_FULL_VERSION}" \ --iso-volume="TAILS ${AMNESIA_FULL_VERSION}" \
--linux-flavours amd64-unsigned \ --linux-flavours amd64 \
--memtest none \ --memtest none \
--mirror-binary "$DEBIAN_MIRROR" \ --mirror-binary "$DEBIAN_MIRROR" \
--mirror-bootstrap "$DEBIAN_MIRROR" \ --mirror-bootstrap "$DEBIAN_MIRROR" \
......
...@@ -22,7 +22,7 @@ AMNESIA_ISOHYBRID_OPTS="-h 255 -s 63" ...@@ -22,7 +22,7 @@ AMNESIA_ISOHYBRID_OPTS="-h 255 -s 63"
REQUIRED_SYSLINUX_UTILS_UPSTREAM_VERSION="6.03~pre20" REQUIRED_SYSLINUX_UTILS_UPSTREAM_VERSION="6.03~pre20"
# Kernel version # Kernel version
KERNEL_VERSION='4.9.0-2' KERNEL_VERSION='4.9.0-3'
KERNEL_SOURCE_VERSION=$( KERNEL_SOURCE_VERSION=$(
echo "$KERNEL_VERSION" \ echo "$KERNEL_VERSION" \
| perl -p -E 's{\A (\d+ [.] \d+) [.] .*}{$1}xms' | perl -p -E 's{\A (\d+ [.] \d+) [.] .*}{$1}xms'
......
#!/bin/bash
set -e
# Including common functions
. "${LB_BASE:-/usr/share/live/build}"/scripts/build.sh
# Setting static variables
DESCRIPTION="$(Echo 'renaming kernels')"
HELP=""
USAGE="${PROGRAM}"
# Reading configuration files
Read_conffiles config/all config/common config/binary
Set_defaults
Echo_message "Renaming kernels"
mv binary/live/vmlinuz-*-amd64 binary/live/vmlinuz
mv binary/live/initrd.img-*-amd64 binary/live/initrd.img
#!/bin/sh #!/bin/sh
set -e set -e
set -u set -u
echo "Explicitly disable Wayland in GDM, and adjust permissions accordingly" echo "Explicitly disable Wayland in GDM"
sed --in-place --regexp-extended \ sed --in-place --regexp-extended \
's/^#WaylandEnable=false$/WaylandEnable=false/' /etc/gdm3/daemon.conf 's/^#WaylandEnable=false$/WaylandEnable=false/' /etc/gdm3/daemon.conf
# rootless X.Org may require access to /dev/fb0, that's owned by root:video
adduser Debian-gdm video
...@@ -8,12 +8,11 @@ set -e ...@@ -8,12 +8,11 @@ set -e
systemctl enable memlockd.service systemctl enable memlockd.service
# Enable our own systemd unit files # Enable our own systemd unit files
systemctl enable initramfs-shutdown.service
systemctl enable onion-grater.service systemctl enable onion-grater.service
systemctl enable tails-autotest-remote-shell.service systemctl enable tails-autotest-remote-shell.service
systemctl enable tails-reconfigure-kexec.service
systemctl enable tails-reconfigure-memlockd.service
systemctl enable tails-sdmem-on-media-removal.service
systemctl enable tails-set-wireless-devices-state.service systemctl enable tails-set-wireless-devices-state.service
systemctl enable tails-shutdown-on-media-removal.service
systemctl enable tails-tor-has-bootstrapped.target systemctl enable tails-tor-has-bootstrapped.target
systemctl enable tails-wait-until-tor-has-bootstrapped.service systemctl enable tails-wait-until-tor-has-bootstrapped.service
systemctl enable tails-tor-has-bootstrapped-flag-file.service systemctl enable tails-tor-has-bootstrapped-flag-file.service
...@@ -46,11 +45,6 @@ systemctl disable tor.service ...@@ -46,11 +45,6 @@ systemctl disable tor.service
systemctl disable NetworkManager.service systemctl disable NetworkManager.service
systemctl disable NetworkManager-wait-online.service systemctl disable NetworkManager-wait-online.service
# Don't hide tails-kexec's shutdown messages with an empty splash screen
for suffix in halt kexec poweroff reboot shutdown ; do
systemctl mask "plymouth-${suffix}.service"
done
# systemd-networkd fallbacks to Google's nameservers when no other nameserver # systemd-networkd fallbacks to Google's nameservers when no other nameserver
# is provided by the network configuration. In Jessie, this service is disabled # is provided by the network configuration. In Jessie, this service is disabled
# by default, but it feels safer to make this explicit. Besides, it might be # by default, but it feels safer to make this explicit. Besides, it might be
......
#!/bin/sh
set -e
echo "Adding memory_wipe to the prereqs of all other init-top initramfs scripts"
(
cd /usr/share/initramfs-tools/scripts/init-top
for script in * ; do
[ "$script" != memory_wipe ] || continue
sed --regexp-extended -i \
-e 's/^(PREREQS?)="(.*)"/\1="memory_wipe \2"/' \
"$script"
done
)
...@@ -43,7 +43,9 @@ systemctl --no-block restart tails-tor-has-bootstrapped.target ...@@ -43,7 +43,9 @@ systemctl --no-block restart tails-tor-has-bootstrapped.target
# a HTTP proxy or allowed firewall ports won't get the sandboxing, but # a HTTP proxy or allowed firewall ports won't get the sandboxing, but
# much better than nothing. # much better than nothing.
if [ "$(tails_netconf)" = "direct" ]; then if [ "$(tails_netconf)" = "direct" ]; then
tor_set_in_torrc Sandbox 1 # https://trac.torproject.org/projects/tor/ticket/21943
# tor_set_in_torrc Sandbox 1
true
fi fi
# We would like Tor to be started during init time, even before the # We would like Tor to be started during init time, even before the
......
# Defaults for kexec initscript
# sourced by kexec-tools.config, /etc/init.d/kexec and /etc/init.d/kexec-load
# Load a kexec kernel (true/false)
LOAD_KEXEC=true
# Kernel and initrd image
# Unused: tails-reconfigure-kexec appends the correct values to this file
# at boot time.
KERNEL_IMAGE=/vmlinux
INITRD=/initrd.img
rebooting() {
systemctl list-jobs systemd-reboot.service | grep -qs systemd-reboot.service
}
if rebooting ; then
APPEND="${APPEND} sdmem=reboot sdmemopts=vllf"
else
APPEND="${APPEND} sdmem=halt sdmemopts=vllf"
fi
+/bin/cat +/bin/cat
+/bin/echo +/bin/echo
+/bin/grep
+/bin/kill
+/bin/loginctl
+/bin/ls
+/bin/mkdir
+/bin/mktemp
+/bin/mount
+/bin/mv
+/bin/plymouth
+/bin/rm
+/bin/sh +/bin/sh
+/bin/sleep +/bin/sleep
+/bin/stty +/bin/systemctl
/etc/default/locale /lib/systemd/system-shutdown/tails
/etc/init.d/kexec-load +/lib/systemd/systemd-shutdown
/lib/systemd/system-shutdown/tails-kexec
+/sbin/kexec
+/usr/bin/eject +/usr/bin/eject
+/usr/bin/pkill +/usr/bin/pkill
+/usr/local/sbin/udev-watchdog +/usr/local/sbin/udev-watchdog
#!/bin/sh
set -x
# This script is only run by the instance of systemd-shutdown that's
# run outside of the initramfs, and not by the other instance of
# systemd-shutdown that's run (as /shutdown) after returning to the
# initramfs during shutdown: in the initramfs, this script is
# overwritten with /usr/local/lib/initramfs-pre-shutdown-hook.
# Otherwise systemd-shutdown cannot execute /run/initramfs/shutdown
/bin/mount -o remount,exec /run
# Debugging
/bin/ls -l /run/initramfs
echo 3 > /proc/sys/vm/drop_caches
#! /bin/sh
# FIXME: this script should be translatable in a better way than the
# ugly case..esac thing. Note that using gettext at this point -i.e.
# after the DVD has been ejected- is probably too brittle. A possible
# solution would be to turn this script into a .in file, with
# placeholders for translatable string. Translatable strings and their
# translations could be managed by ikiwiki+po, and the placeholders
# could be replaced at boot time -depending on the chosen locale- by
# the appropriate strings. Unfortunately po4a does not support shell
# scripts.
PATH=/sbin:/bin
print_text () {
echo "$1" > /dev/console
}
print_empty_line () {
print_text ''
}
### Main
test "x`/bin/cat /sys/kernel/kexec_loaded`y" = "x1y" || exit 0
/bin/stty sane < /dev/console
print_empty_line
print_empty_line
print_text "--------------------------------------------------------------------------------"
# $LANG was set there by the FIXME live-config upstream script
. /etc/default/locale
# Note to translators: any text line must fit on a 80 characters wide screen
case "${LANG}" in
de_DE.UTF-8)
print_text " Sie können nun die Start-DVD oder den Start-USB-Stick entfernen"
print_empty_line
print_text " Der Systemspeicher wird in einigen Sekunden gelöscht..."
print_empty_line
print_text " Die Anzeige könnte anschließend fehlerhaft sein."
print_empty_line
print_text " Falls sich das System in einigen Sekunden nicht selbst ausschaltet,"
print_text " bedeutet dies, dass die Speicherlöschung fehlgeschlagen ist."
;;
es_ES.UTF-8)
print_text " Puede ahora retirar el DVD o el USB de arranque."
print_empty_line
print_text " Se borrará dentro de pocos segundos la memoria RAM del sistema..."
print_empty_line
print_text "Pueden aparecer problemas de visualización en el monitor durante esta operación."
print_empty_line
print_text " If the system does not power off automatically in a few seconds,"
print_text " it may mean the memory wiping has failed."
;;
fr_FR.UTF-8)
print_text " Vous pouvez maintenant retirer le DVD / clé USB de boot."
print_empty_line
print_text " La mémoire vive va être effacée dans quelques secondes..."
print_empty_line
print_text " Il est possible que l'affichage soit corrompu au cours de cette opération."
print_empty_line
print_text " Si l'ordinateur ne s'éteint pas automatiquement après quelques secondes,"
print_text " il est possible que l'effacement de la mémoire ait échoué."
;;
it*)
print_text " Adesso puoi rimuovere il cd o la penna USB."
print_empty_line
print_text " La memoria del computer verra' cancellata tra pochi secondi..."
print_empty_line
print_text " Il display potra' essere corrotto durante questa operazione."
print_empty_line
print_text " Se vostro PC non si spegnera' automaticamente in pochi secondi"
print_text " la cancellazione della memoria potrebbe essere incompleta."
;;
*)
print_text " You can now remove the boot DVD or USB stick."
print_empty_line
print_text " The system memory is going to be wiped in a few seconds..."
print_empty_line
print_text " Display might be corrupted during this operation."
print_empty_line
print_text " If the system does not power off automatically in a few seconds,"
print_text " it may mean the memory wiping has failed."
;;
esac
print_text "--------------------------------------------------------------------------------"
print_empty_line
print_empty_line
/bin/sleep 5
/sbin/kexec -e --reset-vga
[Unit] [Unit]
Description=Reconfigure kexec depending on running kernel Description=Prepare /run/initramfs for shutdown
Documentation=https://tails.boum.org/contribute/design/memory_erasure/ Documentation=https://tails.boum.org/contribute/design/memory_erasure/
ConditionPathExists=!/run/initramfs/bin/sh
[Service] [Service]
Type=oneshot
ExecStart=/usr/local/sbin/tails-reconfigure-kexec
RemainAfterExit=yes RemainAfterExit=yes
CapabilityBoundingSet= Type=oneshot
PrivateDevices=yes ExecStart=/usr/local/lib/initramfs-restore
PrivateNetwork=yes
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=yes
[Install] [Install]
WantedBy=multi-user.target WantedBy=multi-user.target
[Unit]
Description=Reconfigure memlockd depending on running kernel
Documentation=https://tails.boum.org/contribute/design/memory_erasure/
Before=memlockd.service
[Service]
Type=oneshot
ExecStart=/usr/local/sbin/tails-reconfigure-memlockd
RemainAfterExit=yes
CapabilityBoundingSet=
PrivateDevices=yes
PrivateNetwork=yes
PrivateTmp=yes
ProtectHome=yes
ProtectSystem=yes
[Install]
WantedBy=multi-user.target
[Unit] [Unit]
Description=Wipe memory on live media removal Description=Wipe memory on live media removal
Documentation=https://tails.boum.org/contribute/design/memory_erasure/ Documentation=https://tails.boum.org/contribute/design/memory_erasure/
After=memlockd.service tails-reconfigure-kexec.service tails-reconfigure-memlockd.service After=memlockd.service
[Service] [Service]
Type=simple Type=simple
......
#!/bin/sh
# This script is installed by /usr/share/initramfs-tools/hooks/shutdown
# into the initramfs, as /lib/systemd/system-shutdown/tails. It's run by the
# copy of systemd-shutdown that runs (as /shutdown) from inside
# the unpacked initramfs, immediately before executing the requested action
# (halt/poweroff/reboot).
set -x
### Unmount relevant filesystems
# Debugging
mount
# Otherwise aufs pseudo-links can't be cleaned and we cannot drop caches.
# This may also help for tracking remaining mounts.
mount -o remount,rw /proc
# Otherwise we can't create new mountpoints in /mnt
mount -o remount,rw /
# Otherwise aufs pseudo-links can't be removed while unmounting /oldroot,
# and we can't clean up the content of /mnt/live/overlay.
mount -o remount,rw /oldroot/lib/live/mount/overlay
# Move /oldroot/* mountpoints out of the way
mkdir -p /mnt/live/overlay
mount --move \
/oldroot/lib/live/mount/overlay \
/mnt/live/overlay
mkdir -p /mnt/live/squashfs
mount --move \
/oldroot/lib/live/mount/rootfs/filesystem.squashfs \
/mnt/live/squashfs
mkdir -p /mnt/live/medium
mount --move \
/oldroot/lib/live/mount/medium \
/mnt/live/medium
# Finally, really unmount relevant filesystems
umount /oldroot
rm -rf /mnt/live/overlay/.w* /mnt/live/overlay/*
umount /mnt/live/overlay
# Debugging
mount
### Ensure any remaining disk cache is erased by Linux' memory poisoning
echo 3 > /proc/sys/vm/drop_caches
### Pause if the test suite wants us to
if [ -e /tails_shutdown_debugging ] ; then
echo "Going to sleep 2 minutes. Happy dumping!"
sleep 120
fi
#!/bin/sh
set -e
set -u
WORKDIR=$(/bin/mktemp -d)
/usr/bin/unmkinitramfs \
"$(/usr/local/bin/tails-get-bootinfo initrd)" \
"$WORKDIR"
# We should not need any kernel modules in there at shutdown time,
# and they take 66% of the entire uncompressed initramfs size, so
# let's save some RAM.
/bin/rm -rf "$WORKDIR"/main/lib/modules
/bin/mv "$WORKDIR"/main/* /run/initramfs/
/bin/rm -rf "$WORKDIR"
...@@ -51,9 +51,17 @@ do_stop() { ...@@ -51,9 +51,17 @@ do_stop() {
/usr/bin/eject -m "${BOOT_DEVICE}" || true /usr/bin/eject -m "${BOOT_DEVICE}" || true
fi fi
/usr/bin/pkill gdm3 || true # Kill everything run by amnesia or Debian-gdm, otherwise emergency
/etc/init.d/kexec-load stop || true # shutdown fails for some reason. Incidentally, this also allows
/lib/systemd/system-shutdown/tails-kexec || true # the test suite to look for a known message ("Happy dumping!")
# on the screen.
/bin/loginctl --signal=9 kill-user amnesia || true
/bin/systemctl stop gdm.service || true
/bin/systemctl --signal=9 kill gdm.service || true
/bin/loginctl --signal=9 kill-user Debian-gdm || true
# Finally, return to the initramfs and poweroff the system
/bin/systemctl --force poweroff
} }
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment