Adding Linux kernel firmware signature support

a project by mcgrof

The Linux kernel already has cryptographic support for signature verification on data. This is used to digitally sign kernel modules at build time, and verify integrity and provenance at load time. Likewise the 802.11 subsystem on the Linux kernel had historically in parallel prior to Linux's own kernel signing facility implemented and integrated support to verify file integrity and provenance for use on the Linux regulatory database. The 802.11 subsystem's components that provide this facility are CRDA and wireless-regdb. CRDA and wireless-regdb technically are split up as two separate trees for development, wireless-regdb helps provide the 802.11 regulatory database while CRDA exists as a udev helper to feed to the Linux kernel a regulatory domain when needed. By using a regulatory database in userspace the Linux kernel is able to get updates for regulatory rules without requiring a rebuild. Linux distributions need the digitally signed regulatory.bin file from wireless-regdb tree and the CRDA binary from the CRDA tree. Linux distributions often combine both into one package, some distributions separate the two. The regulatory database is digitally signed by the wireless-regdb maintainer, and distributions that have have compiled in support for digital signature support on CRDA verify the integrity of the file before feeding a regulatory domain to the Linux kernel. Since the kernel module signing facility was merged upstream on Linux we could replace both CRDA and wireless-regdb distribution mechanism by adding cryptographic file signature verification support on Linux on the firmware_class module which provides the APIs to load firmware, and having the regulatory.bin file merged and updated through the linux-firmware tree. Adding cryptographic signature verification support on the firmware APIs on Linux is the first step to replace CRDA and wireless-regdb's own signature functionality. The second step is to extend the firmware APIs to enable subsystems to customize cryptographic requirements.

Updated 3 months ago. No love.

Create working AppArmor profile for Chromium on openSUSE 13.2

a project by thardeck

I think AppArmor is a great tool to add an additional layer of security without much effort. While it is normally easy to create a profile for a simple server program it is much more complex in case of desktop applications. The most vulnerable desktop application is the browser so it would be great to have an AppArmor profile for it.

Updated about 3 years ago. 1 hackers ♥️. Has no hacker: grab it!

Package tools for RC model

a project by adrianSuSE

Package open source tools used for radio controled models. Some of them needs patching, since they rely on pre-build binary blobs of open source tools. Also many of them bring the same libraries again. Known candidates for this are:

Updated over 5 years ago. No love.

Enlightenment Live CD

a project by simotek

Create a openSUSE 13.2 Live CD. As enlightenment doesn't fit on the standard openSUSE CD I'd like to create a Image with it.

Updated over 5 years ago. No love.

Tell me a story!

a project by rsblendido

Write an Android app for children between 5 and 7 years. The app contains a story that the child can read and interact with.

Updated about 3 years ago. 1 hackers ♥️.

Hack Week 12 Lightning Talks

a project by cschum

We will have a series of short lightning talks to present what we have accomplished at Hack Week 12. In Nürnberg this will happen on Friday 17th Apr at 12:30 as part of the lunch session in the all-hands area. Lunch is served at 12:00, so you have a bit of time to settle in and satisfy your immediate needs before we go into presentation mode. If you would like to tell a bit about what you did at Hack Week 12, please leave a comment (preferably with a link to your projects), and I'll add you to the schedule.

Updated about 3 years ago. 1 hackers ♥️.

The future of systems management

a project by j_renner

A new web UI for saltstack, possibly the future of systems management. The official salt UI halite is now officially retired and saltpad is still very young and in alpha state. In addition to the creation of a new frontend to salt, the goal could be to work towards a full replacement for existing systems management solutions like spacewalk, including the migration (minionification) of systems from there.

Updated about 3 years ago. 3 hacker ♥️.

Build Time Source Service support

a project by adrianSuSE

OBS source services can currenlty run on the developer workstation and some of them also on the OBS server side. The goal of this project is to allow everybody running source services as part of their build job. Therefore we will introduce a new "buildtime" mode. The OBS server will pull in the needed service packages and run them before calling rpmbuild or friends.

Updated about 3 years ago. 1 hackers ♥️.

LogMeIn

an idea by cgrobertson

A browser extension/plugin that will use saved credentials from a local keyring (or a password safe program) to automatically log in the user to various online accounts.

Updated over 5 years ago. No love. Has no hacker: grab it!

Continue continuous integration improvements in virtualization

a project by mlatimer

In previous Hackweeks, we've gone to warp speed in our virtualization CI testing through: - Porting libvirt-tck to SUSE environments

Updated about 3 years ago. 3 hacker ♥️.

Create packages for SLES 12 s390x in obs.

a project by ihno

Create packages for SLES 12 s390x in obs. The problem is, that we do not have the native build power on our s390x system.

Updated about 3 years ago. 1 hackers ♥️.

Learn about video editing

an idea by ta-ro

Extract video snippets of two 90 minutes drum circles that we recently organized. Create a short video clip of 2-3 minutes length, using open source software.

Updated over 5 years ago. No love. Has no hacker: grab it!

openSUSE image for Scaleway cloud (arm based and leveraging docker)

a project by pgonin

Scaleway is a newly opened Cloud based in France (for now) offering ARM based servers. Those are BareMetal SSD cloud servers. They offer a range of operating systems to pick from (Debian, Ubuntu, ArchLinux...) as well as 'application images' (Docker, ownCloud...) but no openSUSE image yet.

Updated about 3 years ago. 2 hacker ♥️.

Build and boot every commit in the kernel-source tree

a project by michal-m

Or at least, test as many of them as possible.

Updated about 3 years ago. 2 hacker ♥️.

Explore Clojure with Project Euler

a project by bkutil

As a part of this hackweek, I'd like to take a look at Clojure and use it to solve as many problems as possible from the project euler.

Updated about 3 years ago. 1 hackers ♥️.

Validation of QEMU storage integrity

an idea by bfrogers

Spurred along by a recently reported bug, I'm producing methods, analysis and hopefully a validation tool to ensure data integrity of our storage formats and caching modes for QEMU storage interfaces.

Updated about 3 years ago. 2 hacker ♥️. Has no hacker: grab it!

Discourse forum instance for internal use

a project by kpimenov

Discourse is a really great opensource forum, written in Ruby on Rails and Ember.js. We should try to use it to complement mailing lists and IRC in internal communication, when we need persistent, searchable discussions (with helpful links to the outside world) for a broad and offtopicky subjects.

Updated about 3 years ago. 2 hacker ♥️.

Create a git project for VMDP

a project by kallan

Needing to learn git, I thought it would be a good time to clean up the code and create a git project for it.

Updated about 3 years ago. 2 hacker ♥️.

Rock n' Roll

a project by kwwii

Record two songs by the end of the week.

Updated about 3 years ago. 1 hackers ♥️.

updating rpms in docker containers

a project by jordimassaguerpla

The docker way of updating containers is to build a new image with the updated binaries and files, which creates a security concern. The docker way is not anymore running "zypper update" in the containment but to update the whole image in the image registry (hub docker if we are talking about public registry) and then pull the image update from there, stop the outdated containments and replace them by starting new containments based on the new image.

Updated about 3 years ago. 1 hackers ♥️.

kGraft: allow to define safe place where the code can be switched in kthreads

a project by pmladek

<p>kGraft allows to patch kernel at runtime. It implements a consistency model that allows to modify semantic of functions. e.g. fix lock order. For this, we need to find a safe place when a process/thread might start using the new code.</p> <p>Userspace tasks are switched on the kernel boundary when syscall is called/returns or when a signal is proceed.</p>

Updated over 5 years ago. No love.

Learn Haskell on Project Euler problems

a project by mvidner

I am a beginner: I have read 1½ books on Haskell. I want to practice. Haskell is a purely functional, lazily evaluated, strongly typed (with

Updated almost 3 years ago. 3 hacker ♥️.

Wireshark hacking & miscellanous fun

an idea by npower

I have no one vision of a project just some mish-mash random things I would like to explore for some hacking fun + would like to continue previous work from hackweek11 on the Windows Protocol dissector, some messages are still incomplete, also there are some known bugs (well at least I know about them) that I would like to address

Updated about 3 years ago. 1 hackers ♥️. Has no hacker: grab it!

SUSE Staff - Employee Directory with Ionic and Node.js

a project by vlewin

Ionic + AngularJS + Node.js (http://ionicframework.com/) staff.suse.de: demo

Updated about 3 years ago. 1 hackers ♥️.

static analysis

an idea by jirislaby

Various rests I have on my TODO on the bottom :).

Updated over 5 years ago. No love. Has no hacker: grab it!