[v2 5/8] install-config: API to enable/disable driver signing

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



From: "Zeeshan Ali (Khattak)" <zeeshanak@xxxxxxxxx>

Currently only used by Windows XP.
---
 data/install-scripts/windows-sif.xml |  8 ++++++++
 osinfo/libosinfo.syms                |  2 ++
 osinfo/osinfo_install_config.c       | 25 +++++++++++++++++++++++++
 osinfo/osinfo_install_config.h       |  6 ++++++
 4 files changed, 41 insertions(+)

diff --git a/data/install-scripts/windows-sif.xml b/data/install-scripts/windows-sif.xml
index 262e6ec..3bb79c8 100644
--- a/data/install-scripts/windows-sif.xml
+++ b/data/install-scripts/windows-sif.xml
@@ -11,6 +11,7 @@
       <param name="admin-password" policy="optional"/>
       <param name="reg-product-key" policy="required"/>
       <param name="user-realname" policy="required"/>
+      <param name="driver-signing" policy="optional"/>
     </config>
     <template>
       <xsl:stylesheet
@@ -30,6 +31,9 @@
     UnattendMode=FullUnattended
     OemSkipEula=Yes
     OemPreinstall=No
+<xsl:if test="config/driver-signing = 'false'">
+    DriverSigningPolicy=Ignore
+</xsl:if>
     TargetPath=\WINDOWS
     Repartition=Yes
     WaitForReboot=No
@@ -80,6 +84,7 @@
       <param name="user-realname" policy="required"/>
       <param name="hostname" policy="required"/>
       <param name="script-disk" policy="optional"/>
+      <param name="driver-signing" policy="optional"/>
     </config>
     <template>
       <xsl:stylesheet
@@ -136,6 +141,9 @@
     UnattendMode=FullUnattended
     OemSkipEula=Yes
     OemPreinstall=No
+<xsl:if test="config/driver-signing = 'false'">
+    DriverSigningPolicy=Ignore
+</xsl:if>
 <xsl:choose>
   <xsl:when test="os/version &gt; 5.0"> <!-- winxp, win2k3, win2k3r2 -->
     TargetPath=\WINDOWS
diff --git a/osinfo/libosinfo.syms b/osinfo/libosinfo.syms
index 70202f5..17083ea 100644
--- a/osinfo/libosinfo.syms
+++ b/osinfo/libosinfo.syms
@@ -401,6 +401,8 @@ LIBOSINFO_0.2.3 {
 
 LIBOSINFO_0.2.4 {
     global:
+	osinfo_install_config_get_driver_signing;
+	osinfo_install_config_set_driver_signing;
 	osinfo_device_driver_format_get_type;
 	osinfo_device_driver_get_format;
 	osinfo_device_driver_get_signed;
diff --git a/osinfo/osinfo_install_config.c b/osinfo/osinfo_install_config.c
index 1712be5..f6d2561 100644
--- a/osinfo/osinfo_install_config.c
+++ b/osinfo/osinfo_install_config.c
@@ -641,6 +641,31 @@ const gchar *osinfo_install_config_get_post_install_drivers_location(OsinfoInsta
              OSINFO_INSTALL_CONFIG_PROP_POST_INSTALL_DRIVERS_LOCATION);
 }
 
+/**
+ * osinfo_install_config_set_driver_signing:
+ * @config: the install config
+ * @signing: boolean value
+ *
+ * If a script requires drivers to be signed, this function can be used to
+ * disable that security feature. WARNING: Disable driver signing may very well
+ * mean disabling it permanently.
+ */
+void osinfo_install_config_set_driver_signing(OsinfoInstallConfig *config,
+                                              gboolean signing)
+{
+    osinfo_entity_set_param_boolean(OSINFO_ENTITY(config),
+                                    OSINFO_INSTALL_CONFIG_PROP_DRIVER_SIGNING,
+                                    signing);
+}
+
+gboolean osinfo_install_config_get_driver_signing(OsinfoInstallConfig *config)
+{
+    return osinfo_entity_get_param_value_boolean_with_default
+            (OSINFO_ENTITY(config),
+             OSINFO_INSTALL_CONFIG_PROP_DRIVER_SIGNING,
+             TRUE);
+}
+
 /*
  * Local variables:
  *  indent-tabs-mode: nil
diff --git a/osinfo/osinfo_install_config.h b/osinfo/osinfo_install_config.h
index d650a0a..b3cfa7e 100644
--- a/osinfo/osinfo_install_config.h
+++ b/osinfo/osinfo_install_config.h
@@ -67,6 +67,8 @@
 #define OSINFO_INSTALL_CONFIG_PROP_POST_INSTALL_DRIVERS_DISK "post-install-drivers-disk"
 #define OSINFO_INSTALL_CONFIG_PROP_POST_INSTALL_DRIVERS_LOCATION "post-install-drivers-location"
 
+#define OSINFO_INSTALL_CONFIG_PROP_DRIVER_SIGNING "driver-signing"
+
 typedef struct _OsinfoInstallConfig        OsinfoInstallConfig;
 typedef struct _OsinfoInstallConfigClass   OsinfoInstallConfigClass;
 typedef struct _OsinfoInstallConfigPrivate OsinfoInstallConfigPrivate;
@@ -193,6 +195,10 @@ void osinfo_install_config_set_post_install_drivers_location(OsinfoInstallConfig
                                                              const gchar *location);
 const gchar *osinfo_install_config_get_post_install_drivers_location(OsinfoInstallConfig *config);
 
+void osinfo_install_config_set_driver_signing(OsinfoInstallConfig *config,
+                                              gboolean signing);
+gboolean osinfo_install_config_get_driver_signing(OsinfoInstallConfig *config);
+
 #endif /* __OSINFO_INSTALL_CONFIG_H__ */
 /*
  * Local variables:
-- 
1.8.1.2

_______________________________________________
Libosinfo mailing list
Libosinfo@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libosinfo


[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Fedora Users]     [Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]

  Powered by Linux