Skip to content
Snippets Groups Projects
Forked from system-transparency / core / stboot
24 commits behind the upstream repository.
To find the state of this project's repository at the time of any of these versions, check out the tags.
NEWS 7.48 KiB
NEWS for stboot v0.5.x

    Bug fixes:

    New features and improvements:

    * Display stboot version when booting. See README.md for how to
      override the version string at build time.

    * Log IP addresses used when downloading the OS package.

    * Log validity dates of root certificates, and fail early if they
      are all expired.

    Incompatible changes:

    * This version requires go version 1.22 or later when building.

    * The experimental code to do TPM measurements has been deleted.
      We expect measurements to come back, in a different form, when
      support for remote attestation is added.

    Miscellaneous:

    * Improved documentation of backwards compatible host
      configuration. See doc/stboot-system.md.

NEWS for stboot v0.4.3

    This release of stboot includes bug fixes and new features.  The
    most notable feature is the ability to enter provisioning mode even
    if a host configuration has already been provisioned on the system.

    Bug fixes:

    * When running stboot as the init process, load kernel modules
      before trying to mount /sys/firmware/efi/efivars.  This ensures
      EFI variables will work when the efivarfs driver is provided as a
      loadable kernel module (rather than being built into the kernel).
      For users that use u-root as the init process: be aware that the
      same issue which has now been fixed in stboot still remains open
      in u-root, see https://github.com/u-root/u-root/issues/2993.

    * Properly wait for the selected network interfaces to reach state
      UP before considering the network to be configured successfully.
      This ensures stboot will not spend any of its retries due to
      interfaces that are not up yet.

    New features and improvements:

    * If a provisioning OS package is included in the stboot image,
      it is now possible to enter provisioning mode if the provisioned
      host configuration is invalid or if the user presses Ctrl-C.  See
      docs/stboot-system.md for details and security implications.

    * The OS package descriptor now supports "os_pkg_url" to be
      relative to the descriptor's (absolute) base URI.  Refer to the OS
      package specification for the exact resolution rules.

    This release has been tested to work with:

    * Artifacts produced by stmgr v0.4.0 (pre-release version).
      https://git.glasklar.is/system-transparency/core/stmgr/-/tree/v0.4.0
    * Systems provisioned with stprov v0.3.8 (pre-release version)
      https://git.glasklar.is/system-transparency/core/stprov/-/tree/v0.3.8

    This release implements the specifications at
    https://git.glasklar.is/system-transparency/project/docs/-/tree/v0.3.0/content/docs/reference

NEWS for stboot v0.3.6

    This stboot release is intended as a stable "status quo" release.
    There are few new features. Compatibility with existing
    deployments has been improved, and both documentation and testing
    has been improved compared to previous releases.

    When upgrading, the intention is that this release should be
    compatible with host config files as used by stboot v0.2.2, as
    well as with host config files for even older stboot versions
    deployed by early adopters. However, deployment processes and
    scripts will need updates. E.g., the initramfs where you install
    stboot needs to have the tls root certificates in a new location
    (see below), and you may want to arrange so that stboot is the
    system's init process.

    Security fixes:

    * The threshold signature logic has been updated to require
      distinct public keys (the SubjectPublicKeyInfo field in the x509
      certificate) in order to consider two certificates as distinct.
      Previously, multiple signatures by the same key could count as
      distinct, e.g., if there are multiple certificates for that key,
      with overlapping vality periods.

    Incompatible changes:

    * The location where stboot reads the https root certificates has
      been moved, from /etc/ssl/certs/isrgrootx1.pem to
      /etc/trust_policy/tls_roots.pem. See
      https://git.glasklar.is/system-transparency/project/documentation/-/blob/main/proposals/2023-12-05-clean-up-ca-selection.md
      for details.

    * Delete the feature of "$ID" and "$AUTH" substitution in the host
      config's os_pkg_pointer value. We are not aware of anyone ever
      using this feature. Constructing the url or filename by
      substituting host specific settings in a template is useful, but
      better left to the provisioning tools that create the host
      config.

    * Network configuration in stboot has been fixed to respect the
      order of interfaces in the host config's network_interfaces
      list; previously, it would prefer the last rather than the first
      listed interface.

    New stboot features and improvements:

    * The tls root certificate file is required only for network
      boot, for initramfs boot that file can now be omitted.

    * Add backwards compatibility to parsing of the host config.
      Stboot now recognizes old ways of using the json keys "dns",
      "network_interfaces", and adds fallbacks for recognizing the
      obsolete json keys "provisioning_urls" and "network_interface"
      (singular).

    * Relax parsing of host config and other json data to treat
      missing keys in the same way as keys explicitly set to null.

    * Add informative logging when starting file downloads.

    * Documentation updates, including a new file docs/stboot-system.md
      and specifications at https://docs.system-transparency.org.

    * Support for running stboot as the system's init (pid 1) process.
      Previously, it was recommended to use u-root as the init
      process, and let u-root spawn stboot as a regular process.

    Go library changes (no expected stability between stboot releases):

    * Delete the sterror package.

    * Change method OSPackage.Sign to use crypto.Signer for the
      private key. Delete the ospkg.Signer interface, in favor of
      crypto.Signer.

    * Delete lots of unused code, including various exported functions.

    Miscellaneous:

    * Improved test coverage, both unit tests and integration tests.

    This release has been tested to work with:

    * Artifacts produced by stmgr v0.3.2 (pre-release version).
      https://git.glasklar.is/system-transparency/core/stmgr/-/tree/v0.3.2
    * Provisioning using stprov v0.3.3 (pre-release version)
      https://git.glasklar.is/system-transparency/core/stprov/-/tree/v0.3.3

    This release implements the specifications at
    https://git.glasklar.is/system-transparency/project/docs/-/tree/96fe394b162f926cba3af36dcab95625c9b4071a/content/docs/reference

NEWS for stboot v0.2.2

    First advertised release following the common System Transparency
    release policy. The previous release v0.2.1
    (https://git.glasklar.is/system-transparency/core/stboot/-/releases/v0.2.1)
    was a random snapshot of the repository with a tag and dump of the
    recent commit messages as release info.

    Changed since v0.2.1:

    * Change the order of Host Configuration auto-detect order to prefer loading
    from initrams over loading from EFI-NVRAM.

    This release has been tested to work with:

    * Artifacts being produced by stmgr v0.2.1
        https://git.glasklar.is/system-transparency/core/stmgr/-/tree/v0.2.1

    This release implements the specifications at
      https://git.glasklar.is/system-transparency/project/documentation/-/tree/dd4469e99ae35faf5d2ea068066627559e4a71ef/docs.system-transparency.org/content/docs/reference