Add secure thumb drive creation premisses

Makefile

@@ -525,6 +525,8 @@ bin_modules-$(CONFIG_IO386) += io386
 bin_modules-$(CONFIG_IOPORT) += ioport
 bin_modules-$(CONFIG_KBD) += kbd
 bin_modules-$(CONFIG_ZSTD) += zstd
+bin_modules-$(CONFIG_E2FSPROGS) += e2fsprogs
+bin_modules-$(CONFIG_EXFATPROGS) += exfatprogs
 
 $(foreach m, $(bin_modules-y), \
 	$(call map,initrd_bin_add,$(call bins,$m)) \

boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.config

@@ -98,7 +98,7 @@ $(MEMORY_SIZE_FILE):
 	@echo "$(QEMU_MEMORY_SIZE)" >"$(MEMORY_SIZE_FILE)"
 USB_FD_IMG=$(build)/$(BOARD)/usb_fd.raw
 $(USB_FD_IMG):
-	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=128
+	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=256
 	# Debian obnoxiously does not include /usr/sbin in PATH for non-root, even
 	# though it is meaningful to use mkfs.vfat (etc.) as non-root
 	MKFS_VFAT=mkfs.vfat; \

boards/qemu-coreboot-fbwhiptail-tpm1/qemu-coreboot-fbwhiptail-tpm1.config

@@ -96,7 +96,7 @@ $(MEMORY_SIZE_FILE):
 	@echo "$(QEMU_MEMORY_SIZE)" >"$(MEMORY_SIZE_FILE)"
 USB_FD_IMG=$(build)/$(BOARD)/usb_fd.raw
 $(USB_FD_IMG):
-	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=128
+	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=256
 	# Debian obnoxiously does not include /usr/sbin in PATH for non-root, even
 	# though it is meaningful to use mkfs.vfat (etc.) as non-root
 	MKFS_VFAT=mkfs.vfat; \

boards/qemu-coreboot-fbwhiptail-tpm2-hotp/qemu-coreboot-fbwhiptail-tpm2-hotp.config

@@ -104,7 +104,7 @@ $(MEMORY_SIZE_FILE):
 	@echo "$(QEMU_MEMORY_SIZE)" >"$(MEMORY_SIZE_FILE)"
 USB_FD_IMG=$(build)/$(BOARD)/usb_fd.raw
 $(USB_FD_IMG):
-	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=128
+	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=256
 	# Debian obnoxiously does not include /usr/sbin in PATH for non-root, even
 	# though it is meaningful to use mkfs.vfat (etc.) as non-root
 	MKFS_VFAT=mkfs.vfat; \

boards/qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.config

@@ -103,7 +103,7 @@ $(MEMORY_SIZE_FILE):
 	@echo "$(QEMU_MEMORY_SIZE)" >"$(MEMORY_SIZE_FILE)"
 USB_FD_IMG=$(build)/$(BOARD)/usb_fd.raw
 $(USB_FD_IMG):
-	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=128
+	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=256
 	# Debian obnoxiously does not include /usr/sbin in PATH for non-root, even
 	# though it is meaningful to use mkfs.vfat (etc.) as non-root
 	MKFS_VFAT=mkfs.vfat; \

boards/qemu-coreboot-whiptail-tpm1-hotp/qemu-coreboot-whiptail-tpm1-hotp.config

@@ -98,7 +98,7 @@ $(MEMORY_SIZE_FILE):
 	@echo "$(QEMU_MEMORY_SIZE)" >"$(MEMORY_SIZE_FILE)"
 USB_FD_IMG=$(build)/$(BOARD)/usb_fd.raw
 $(USB_FD_IMG):
-	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=128
+	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=256
 	# Debian obnoxiously does not include /usr/sbin in PATH for non-root, even
 	# though it is meaningful to use mkfs.vfat (etc.) as non-root
 	MKFS_VFAT=mkfs.vfat; \

boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.config

@@ -96,7 +96,7 @@ $(MEMORY_SIZE_FILE):
 	@echo "$(QEMU_MEMORY_SIZE)" >"$(MEMORY_SIZE_FILE)"
 USB_FD_IMG=$(build)/$(BOARD)/usb_fd.raw
 $(USB_FD_IMG):
-	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=128
+	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=256
 	# Debian obnoxiously does not include /usr/sbin in PATH for non-root, even
 	# though it is meaningful to use mkfs.vfat (etc.) as non-root
 	MKFS_VFAT=mkfs.vfat; \

boards/qemu-coreboot-whiptail-tpm1/qemu-coreboot-whiptail-tpm1.md

@@ -1 +1 @@
-boards/qemu-coreboot-fbwhiptail-tpm1-hotp/qemu-coreboot-fbwhiptail-tpm1-hotp.md
+../qemu-coreboot-fbwhiptail-tpm2/qemu-coreboot-fbwhiptail-tpm2.md

boards/qemu-coreboot-whiptail-tpm2-hotp/qemu-coreboot-whiptail-tpm2-hotp.config

@@ -104,7 +104,7 @@ $(MEMORY_SIZE_FILE):
 	@echo "$(QEMU_MEMORY_SIZE)" >"$(MEMORY_SIZE_FILE)"
 USB_FD_IMG=$(build)/$(BOARD)/usb_fd.raw
 $(USB_FD_IMG):
-	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=128
+	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=256
 	# Debian obnoxiously does not include /usr/sbin in PATH for non-root, even
 	# though it is meaningful to use mkfs.vfat (etc.) as non-root
 	MKFS_VFAT=mkfs.vfat; \

boards/qemu-coreboot-whiptail-tpm2/qemu-coreboot-whiptail-tpm2.config

@@ -103,7 +103,7 @@ $(MEMORY_SIZE_FILE):
 	@echo "$(QEMU_MEMORY_SIZE)" >"$(MEMORY_SIZE_FILE)"
 USB_FD_IMG=$(build)/$(BOARD)/usb_fd.raw
 $(USB_FD_IMG):
-	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=128
+	dd if=/dev/zero bs=1M of="$(USB_FD_IMG)" bs=1M count=256
 	# Debian obnoxiously does not include /usr/sbin in PATH for non-root, even
 	# though it is meaningful to use mkfs.vfat (etc.) as non-root
 	MKFS_VFAT=mkfs.vfat; \

config/busybox.config

@@ -1,7 +1,7 @@
 #
 # Automatically generated make config: don't edit
-# Busybox version: 1.33.2
-# Mon Jul  3 16:24:44 2023
+# Busybox version: 1.36.1
+# Fri Jul 21 14:38:54 2023
 #
 CONFIG_HAVE_DOT_CONFIG=y
 
@@ -93,10 +93,16 @@ CONFIG_FEATURE_BUFFERS_USE_MALLOC=y
 # CONFIG_FEATURE_BUFFERS_GO_IN_BSS is not set
 CONFIG_PASSWORD_MINLEN=6
 CONFIG_MD5_SMALL=1
+CONFIG_SHA1_SMALL=3
+CONFIG_SHA1_HWACCEL=y
+CONFIG_SHA256_HWACCEL=y
 CONFIG_SHA3_SMALL=1
-# CONFIG_FEATURE_FAST_TOP is not set
-# CONFIG_FEATURE_ETC_NETWORKS is not set
-# CONFIG_FEATURE_ETC_SERVICES is not set
+CONFIG_FEATURE_NON_POSIX_CP=y
+# CONFIG_FEATURE_VERBOSE_CP_MESSAGE is not set
+CONFIG_FEATURE_USE_SENDFILE=y
+CONFIG_FEATURE_COPYBUF_KB=4
+CONFIG_MONOTONIC_SYSCALL=y
+CONFIG_IOCTL_HEX2STR_ERROR=y
 CONFIG_FEATURE_EDITING=y
 CONFIG_FEATURE_EDITING_MAX_LEN=1024
 # CONFIG_FEATURE_EDITING_VI is not set
@@ -120,14 +126,9 @@ CONFIG_LAST_SUPPORTED_WCHAR=767
 # CONFIG_UNICODE_BIDI_SUPPORT is not set
 # CONFIG_UNICODE_NEUTRAL_TABLE is not set
 # CONFIG_UNICODE_PRESERVE_BROKEN is not set
-CONFIG_FEATURE_NON_POSIX_CP=y
-# CONFIG_FEATURE_VERBOSE_CP_MESSAGE is not set
-CONFIG_FEATURE_USE_SENDFILE=y
-CONFIG_FEATURE_COPYBUF_KB=4
-CONFIG_FEATURE_SKIP_ROOTFS=y
-CONFIG_MONOTONIC_SYSCALL=y
-CONFIG_IOCTL_HEX2STR_ERROR=y
-CONFIG_FEATURE_HWIB=y
+# CONFIG_LOOP_CONFIGURE is not set
+# CONFIG_NO_LOOP_CONFIGURE is not set
+CONFIG_TRY_LOOP_CONFIGURE=y
 
 #
 # Applets
@@ -162,6 +163,8 @@ CONFIG_FEATURE_BZIP2_DECOMPRESS=y
 CONFIG_CPIO=y
 CONFIG_FEATURE_CPIO_O=y
 CONFIG_FEATURE_CPIO_P=y
+CONFIG_FEATURE_CPIO_IGNORE_DEVNO=y
+CONFIG_FEATURE_CPIO_RENUMBER_INODES=y
 # CONFIG_DPKG is not set
 # CONFIG_DPKG_DEB is not set
 CONFIG_GZIP=y
@@ -197,6 +200,22 @@ CONFIG_FEATURE_LZMA_FAST=y
 #
 # Coreutils
 #
+CONFIG_FEATURE_VERBOSE=y
+
+#
+# Common options for date and touch
+#
+# CONFIG_FEATURE_TIMEZONE is not set
+
+#
+# Common options for cp and mv
+#
+CONFIG_FEATURE_PRESERVE_HARDLINKS=y
+
+#
+# Common options for df, du, ls
+#
+CONFIG_FEATURE_HUMAN_READABLE=y
 CONFIG_BASENAME=y
 CONFIG_CAT=y
 CONFIG_FEATURE_CATN=y
@@ -207,11 +226,13 @@ CONFIG_CHMOD=y
 # CONFIG_FEATURE_CHOWN_LONG_OPTIONS is not set
 CONFIG_CHROOT=y
 # CONFIG_CKSUM is not set
+CONFIG_CRC32=y
 # CONFIG_COMM is not set
 CONFIG_CP=y
 CONFIG_FEATURE_CP_LONG_OPTIONS=y
 CONFIG_FEATURE_CP_REFLINK=y
 CONFIG_CUT=y
+CONFIG_FEATURE_CUT_REGEX=y
 CONFIG_DATE=y
 CONFIG_FEATURE_DATE_ISOFMT=y
 # CONFIG_FEATURE_DATE_NANO is not set
@@ -223,6 +244,7 @@ CONFIG_FEATURE_DD_IBS_OBS=y
 CONFIG_FEATURE_DD_STATUS=y
 CONFIG_DF=y
 CONFIG_FEATURE_DF_FANCY=y
+CONFIG_FEATURE_SKIP_ROOTFS=y
 CONFIG_DIRNAME=y
 # CONFIG_DOS2UNIX is not set
 # CONFIG_UNIX2DOS is not set
@@ -316,13 +338,13 @@ CONFIG_TEST2=y
 CONFIG_FEATURE_TEST_64=y
 # CONFIG_TIMEOUT is not set
 CONFIG_TOUCH=y
-CONFIG_FEATURE_TOUCH_NODEREF=y
 CONFIG_FEATURE_TOUCH_SUSV3=y
 CONFIG_TR=y
 CONFIG_FEATURE_TR_CLASSES=y
 CONFIG_FEATURE_TR_EQUIV=y
 CONFIG_TRUE=y
 CONFIG_TRUNCATE=y
+CONFIG_TSORT=y
 CONFIG_TTY=y
 CONFIG_UNAME=y
 CONFIG_UNAME_OSNAME="GNU/Linux"
@@ -342,21 +364,6 @@ CONFIG_FEATURE_WC_LARGE=y
 # CONFIG_WHOAMI is not set
 # CONFIG_YES is not set
 
-#
-# Common options
-#
-CONFIG_FEATURE_VERBOSE=y
-
-#
-# Common options for cp and mv
-#
-CONFIG_FEATURE_PRESERVE_HARDLINKS=y
-
-#
-# Common options for df, du, ls
-#
-CONFIG_FEATURE_HUMAN_READABLE=y
-
 #
 # Console Utilities
 #
@@ -420,6 +427,7 @@ CONFIG_VI=y
 CONFIG_FEATURE_VI_MAX_LEN=4096
 # CONFIG_FEATURE_VI_8BIT is not set
 CONFIG_FEATURE_VI_COLON=y
+CONFIG_FEATURE_VI_COLON_EXPAND=y
 CONFIG_FEATURE_VI_YANKMARK=y
 CONFIG_FEATURE_VI_SEARCH=y
 # CONFIG_FEATURE_VI_REGEX_SEARCH is not set
@@ -433,6 +441,7 @@ CONFIG_FEATURE_VI_ASK_TERMINAL=y
 CONFIG_FEATURE_VI_UNDO=y
 CONFIG_FEATURE_VI_UNDO_QUEUE=y
 CONFIG_FEATURE_VI_UNDO_QUEUE_MAX=256
+CONFIG_FEATURE_VI_VERBOSE_STATUS=y
 CONFIG_FEATURE_ALLOW_EXEC=y
 
 #
@@ -441,14 +450,19 @@ CONFIG_FEATURE_ALLOW_EXEC=y
 CONFIG_FIND=y
 CONFIG_FEATURE_FIND_PRINT0=y
 CONFIG_FEATURE_FIND_MTIME=y
+CONFIG_FEATURE_FIND_ATIME=y
+CONFIG_FEATURE_FIND_CTIME=y
 CONFIG_FEATURE_FIND_MMIN=y
+CONFIG_FEATURE_FIND_AMIN=y
+CONFIG_FEATURE_FIND_CMIN=y
 CONFIG_FEATURE_FIND_PERM=y
 CONFIG_FEATURE_FIND_TYPE=y
 CONFIG_FEATURE_FIND_EXECUTABLE=y
 CONFIG_FEATURE_FIND_XDEV=y
 CONFIG_FEATURE_FIND_MAXDEPTH=y
 CONFIG_FEATURE_FIND_NEWER=y
 CONFIG_FEATURE_FIND_INUM=y
+CONFIG_FEATURE_FIND_SAMEFILE=y
 CONFIG_FEATURE_FIND_EXEC=y
 CONFIG_FEATURE_FIND_EXEC_PLUS=y
 CONFIG_FEATURE_FIND_USER=y
@@ -641,7 +655,7 @@ CONFIG_LSUSB=y
 # CONFIG_FEATURE_MDEV_DAEMON is not set
 # CONFIG_MESG is not set
 # CONFIG_FEATURE_MESG_ENABLE_ONLY_GROUP is not set
-CONFIG_MKE2FS=y
+# CONFIG_MKE2FS is not set
 # CONFIG_MKFS_EXT2 is not set
 # CONFIG_MKFS_MINIX is not set
 # CONFIG_FEATURE_MINIX2 is not set
@@ -739,6 +753,7 @@ CONFIG_FEATURE_VOLUMEID_XFS=y
 # Miscellaneous Utilities
 #
 # CONFIG_ADJTIMEX is not set
+CONFIG_ASCII=y
 # CONFIG_BBCONFIG is not set
 # CONFIG_FEATURE_COMPRESS_BBCONFIG is not set
 # CONFIG_BC is not set
@@ -819,10 +834,12 @@ CONFIG_PARTPROBE=y
 # CONFIG_RFKILL is not set
 # CONFIG_RUNLEVEL is not set
 # CONFIG_RX is not set
+CONFIG_SEEDRNG=y
 CONFIG_SETFATTR=y
 CONFIG_SETSERIAL=y
 CONFIG_STRINGS=y
 CONFIG_TIME=y
+CONFIG_TREE=y
 # CONFIG_TS is not set
 # CONFIG_TTYSIZE is not set
 # CONFIG_UBIATTACH is not set
@@ -834,6 +851,7 @@ CONFIG_TIME=y
 # CONFIG_UBIRENAME is not set
 # CONFIG_VOLNAME is not set
 # CONFIG_WATCHDOG is not set
+# CONFIG_FEATURE_WATCHDOG_OPEN_TWICE is not set
 
 #
 # Networking Utilities
@@ -842,6 +860,9 @@ CONFIG_TIME=y
 # CONFIG_FEATURE_UNIX_LOCAL is not set
 # CONFIG_FEATURE_PREFER_IPV4_ADDRESS is not set
 # CONFIG_VERBOSE_RESOLUTION_ERRORS is not set
+# CONFIG_FEATURE_ETC_NETWORKS is not set
+# CONFIG_FEATURE_ETC_SERVICES is not set
+CONFIG_FEATURE_HWIB=y
 # CONFIG_FEATURE_TLS_SHA1 is not set
 CONFIG_ARP=y
 # CONFIG_ARPING is not set
@@ -860,6 +881,7 @@ CONFIG_ARP=y
 # CONFIG_HOSTNAME is not set
 # CONFIG_DNSDOMAINNAME is not set
 # CONFIG_HTTPD is not set
+CONFIG_FEATURE_HTTPD_PORT_DEFAULT=0
 # CONFIG_FEATURE_HTTPD_RANGES is not set
 # CONFIG_FEATURE_HTTPD_SETUID is not set
 # CONFIG_FEATURE_HTTPD_BASIC_AUTH is not set
@@ -952,6 +974,7 @@ CONFIG_SSL_CLIENT=y
 # CONFIG_FEATURE_TELNET_WIDTH is not set
 # CONFIG_TELNETD is not set
 # CONFIG_FEATURE_TELNETD_STANDALONE is not set
+CONFIG_FEATURE_TELNETD_PORT_DEFAULT=0
 # CONFIG_FEATURE_TELNETD_INETD_WAIT is not set
 CONFIG_TFTP=y
 CONFIG_FEATURE_TFTP_PROGRESS_BAR=y
@@ -972,6 +995,7 @@ CONFIG_VCONFIG=y
 CONFIG_WGET=y
 CONFIG_FEATURE_WGET_LONG_OPTIONS=y
 # CONFIG_FEATURE_WGET_STATUSBAR is not set
+CONFIG_FEATURE_WGET_FTP=y
 # CONFIG_FEATURE_WGET_AUTHENTICATION is not set
 CONFIG_FEATURE_WGET_TIMEOUT=y
 CONFIG_FEATURE_WGET_HTTPS=y
@@ -988,6 +1012,7 @@ CONFIG_UDHCPC=y
 CONFIG_FEATURE_UDHCPC_ARPING=y
 CONFIG_FEATURE_UDHCPC_SANITIZEOPT=y
 CONFIG_UDHCPC_DEFAULT_SCRIPT="/sbin/config-dhcp.sh"
+CONFIG_UDHCPC6_DEFAULT_SCRIPT=""
 # CONFIG_UDHCPC6 is not set
 # CONFIG_FEATURE_UDHCPC6_RFC3646 is not set
 # CONFIG_FEATURE_UDHCPC6_RFC4704 is not set
@@ -997,6 +1022,7 @@ CONFIG_UDHCPC_DEFAULT_SCRIPT="/sbin/config-dhcp.sh"
 #
 # Common options for DHCP applets
 #
+CONFIG_UDHCPC_DEFAULT_INTERFACE="eth0"
 # CONFIG_FEATURE_UDHCP_PORT is not set
 CONFIG_UDHCP_DEBUG=9
 CONFIG_UDHCPC_SLACK_FOR_BUGGY_SERVERS=80
@@ -1014,17 +1040,19 @@ CONFIG_IFUPDOWN_UDHCPC_CMD_OPTIONS=""
 #
 # Mail Utilities
 #
+CONFIG_FEATURE_MIME_CHARSET=""
 # CONFIG_MAKEMIME is not set
 # CONFIG_POPMAILDIR is not set
 # CONFIG_FEATURE_POPMAILDIR_DELIVERY is not set
 # CONFIG_REFORMIME is not set
 # CONFIG_FEATURE_REFORMIME_COMPAT is not set
 # CONFIG_SENDMAIL is not set
-CONFIG_FEATURE_MIME_CHARSET=""
 
 #
 # Process Utilities
 #
+# CONFIG_FEATURE_FAST_TOP is not set
+CONFIG_FEATURE_SHOW_THREADS=y
 # CONFIG_FREE is not set
 # CONFIG_FUSER is not set
 # CONFIG_IOSTAT is not set
@@ -1063,7 +1091,6 @@ CONFIG_FEATURE_TOPMEM=y
 # CONFIG_UPTIME is not set
 # CONFIG_FEATURE_UPTIME_UTMP_SUPPORT is not set
 # CONFIG_WATCH is not set
-CONFIG_FEATURE_SHOW_THREADS=y
 
 #
 # Runit Utilities
@@ -1120,6 +1147,7 @@ CONFIG_ASH_EXPAND_PRMT=y
 CONFIG_ASH_ECHO=y
 CONFIG_ASH_PRINTF=y
 CONFIG_ASH_TEST=y
+CONFIG_ASH_SLEEP=y
 CONFIG_ASH_HELP=y
 CONFIG_ASH_GETOPTS=y
 CONFIG_ASH_CMDCMD=y
@@ -1128,8 +1156,8 @@ CONFIG_ASH_CMDCMD=y
 # CONFIG_SHELL_HUSH is not set
 # CONFIG_HUSH_BASH_COMPAT is not set
 # CONFIG_HUSH_BRACE_EXPANSION is not set
-# CONFIG_HUSH_LINENO_VAR is not set
 # CONFIG_HUSH_BASH_SOURCE_CURDIR is not set
+# CONFIG_HUSH_LINENO_VAR is not set
 # CONFIG_HUSH_INTERACTIVE is not set
 # CONFIG_HUSH_SAVEHISTORY is not set
 # CONFIG_HUSH_JOB is not set