Age | Commit message (Collapse) | Author |
|
We've been using patch attestation for over a year now, so remove the
EXPERIMENTAL claim -- it's no more experimental by this point than the
rest of b4.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
- the default attestation policy is now "softfail"
- include instructions about installing the patatt submodule
Better read-the-docs style documentation will be coming in 0.8.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Move end-to-end attestation code into its own library: patatt. See
https://git.kernel.org/pub/scm/utils/patatt/patatt.git/about/
It is included into b4 as a submodule, but you will need to init it
first:
git submodule update --init
This change significantly simplifies our attestation code, dropping
thousands of lines of rather hairy code. Notably, patatt-style
attestation is incompatible with previous attestation implementations
done directly in b4, but that's just as well -- we've always marked it
as "experimental" and the lack of adoption was proving that we weren't
on the right path.
Next to come is keyring management and documentation.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Looks like it's not properly rendering on git.kernel.org.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
This adds a symlinkable hook that can perform inline attstation straight
from the b4 checkout dir, plus documentation that explains some of the
core concepts behind in-header attestation.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Add links to the Groups.io instance at https://linux.kernel.org/g/tools
in the man page, the README and on PyPI.
Signed-off-by: Philippe Blain <levraiphilippeblain@gmail.com>
|
|
It's time to graduate to 0.4.0 with these features.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Signed-off-by: Geert Uytterhoeven <geert@linux-m68k.org>
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Make the name a bit more convenient to invoke and document that it can
be set as an alias.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
Add the b4-wrapper.sh script that allows running
b4 from a git working directory.
Signed-off-by: Geoff Levand <geoff@infradead.org>
|
|
Anyone who wants a convenient wrapper to run things from the git
checkout without installing pip packages can set up a two-liner wrapper
script and put it in their path.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
- Uses the correct mailing list tools@linux.kernel.org
- Properly handles the Fixes: follow-up trailers
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|
|
This should be most of what's needed for the pip release.
Signed-off-by: Konstantin Ryabitsev <konstantin@linuxfoundation.org>
|