mirror of
https://gitlab.archlinux.org/tpowa/archboot.git
synced 2024-09-19 03:20:38 +02:00
add uki generator script, analogue to iso script
This commit is contained in:
parent
c296588252
commit
9fb9daf3db
5 changed files with 135 additions and 2 deletions
1
usr/bin/archboot-aarch64-uki.sh
Symbolic link
1
usr/bin/archboot-aarch64-uki.sh
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
../lib/archboot/run/uki.sh
|
1
usr/bin/archboot-x86_64-uki.sh
Symbolic link
1
usr/bin/archboot-x86_64-uki.sh
Symbolic link
|
@ -0,0 +1 @@
|
||||||
|
../lib/archboot/run/uki.sh
|
|
@ -128,12 +128,10 @@ _create_iso() {
|
||||||
# add INTEL ucode license
|
# add INTEL ucode license
|
||||||
mkdir -p licenses/intel-ucode
|
mkdir -p licenses/intel-ucode
|
||||||
cp /usr/share/licenses/intel-ucode/* licenses/intel-ucode/
|
cp /usr/share/licenses/intel-ucode/* licenses/intel-ucode/
|
||||||
_EFISTUB="/usr/lib/systemd/boot/efi/linuxx64.efi.stub"
|
|
||||||
echo "console=ttyS0,115200 console=tty0 audit=0 systemd.show_status=auto" > ${_CMDLINE}
|
echo "console=ttyS0,115200 console=tty0 audit=0 systemd.show_status=auto" > ${_CMDLINE}
|
||||||
fi
|
fi
|
||||||
if [[ "${_ARCH}" == "aarch64" ]]; then
|
if [[ "${_ARCH}" == "aarch64" ]]; then
|
||||||
echo "nr_cpus=1 console=ttyAMA0,115200 console=tty0 loglevel=4 audit=0 systemd.show_status=auto" > ${_CMDLINE}
|
echo "nr_cpus=1 console=ttyAMA0,115200 console=tty0 loglevel=4 audit=0 systemd.show_status=auto" > ${_CMDLINE}
|
||||||
_EFISTUB="/usr/lib/systemd/boot/efi/linuxaa64.efi.stub"
|
|
||||||
_INTEL_UCODE=""
|
_INTEL_UCODE=""
|
||||||
# replace aarch64 Image.gz with Image kernel for UKI, compressed image is not working at the moment
|
# replace aarch64 Image.gz with Image kernel for UKI, compressed image is not working at the moment
|
||||||
cp "${_W_DIR}/boot/Image" "boot/Image-${_ARCH}"
|
cp "${_W_DIR}/boot/Image" "boot/Image-${_ARCH}"
|
||||||
|
|
20
usr/lib/archboot/run/uki.sh
Executable file
20
usr/lib/archboot/run/uki.sh
Executable file
|
@ -0,0 +1,20 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||||
|
# created by Tobias Powalowski <tpowa@archlinux.org>
|
||||||
|
. /usr/lib/archboot/common.sh
|
||||||
|
. /usr/lib/archboot/uki.sh
|
||||||
|
[[ -z "${1}" ]] && _usage
|
||||||
|
_parameters "$@"
|
||||||
|
[[ "${_GENERATE}" == "1" ]] || _usage
|
||||||
|
_root_check
|
||||||
|
_architecture_check
|
||||||
|
_config
|
||||||
|
echo "Starting UKI creation..."
|
||||||
|
_prepare_kernel_initramfs || exit 1
|
||||||
|
_prepare_ucode || exit 1
|
||||||
|
_prepare_background || exit 1
|
||||||
|
_prepare_osrelease || exit 1
|
||||||
|
_reproducibility || exit 1
|
||||||
|
_create_cksum || exit 1
|
||||||
|
_cleanup_uki || exit 1
|
||||||
|
echo "Finished UKI creation."
|
113
usr/lib/archboot/uki.sh
Normal file
113
usr/lib/archboot/uki.sh
Normal file
|
@ -0,0 +1,113 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||||
|
# created by Tobias Powalowski <tpowa@archlinux.org>
|
||||||
|
. /etc/archboot/defaults
|
||||||
|
_AMD_UCODE="/boot/amd-ucode.img"
|
||||||
|
_INTEL_UCODE="/boot/intel-ucode.img"
|
||||||
|
_SPLASH="/usr/share/archboot/uki/archboot-background.bmp"
|
||||||
|
_OSREL="/usr/share/archboot/base/etc/os-release"
|
||||||
|
_CONFIG_DIR="/etc/archboot"
|
||||||
|
_UKIDIR="$(mktemp -d UKIDIR.XXX)"
|
||||||
|
|
||||||
|
_usage () {
|
||||||
|
echo -e "\e[1m\e[36mArchboot\e[m\e[1m - Create ${_ARCH} UKI Image\e[m"
|
||||||
|
echo -e "\e[1m--------------------------------------\e[m"
|
||||||
|
echo "This will create an Archboot UKI image."
|
||||||
|
echo
|
||||||
|
echo "Options:"
|
||||||
|
echo -e " \e[1m-g\e[m Starting generation of image."
|
||||||
|
echo -e " \e[1m-c=CONFIG\e[m Which CONFIG should be used."
|
||||||
|
echo " ${_CONFIG_DIR} includes the config files"
|
||||||
|
echo " default=${_ARCH}.conf"
|
||||||
|
echo -e " \e[1m-i=IMAGENAME\e[m Your IMAGENAME."
|
||||||
|
echo
|
||||||
|
echo -e "Usage: \e[1m${_BASENAME} <options>\e[m"
|
||||||
|
exit 0
|
||||||
|
}
|
||||||
|
|
||||||
|
_parameters() {
|
||||||
|
while [ $# -gt 0 ]; do
|
||||||
|
case ${1} in
|
||||||
|
-g|--g) export _GENERATE="1" ;;
|
||||||
|
-c=*|--c=*) _CONFIG="$(echo "${1}" | rg -o '=(.*)' -r '$1')" ;;
|
||||||
|
-i=*|--i=*) _UKI="$(echo "${1}" | rg -o '=(.*)' -r '$1')" ;;
|
||||||
|
*) _usage ;;
|
||||||
|
esac
|
||||||
|
shift
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
_config() {
|
||||||
|
# set defaults, if nothing given
|
||||||
|
[[ -z "${_CONFIG}" ]] && _CONFIG="${_ARCH}.conf"
|
||||||
|
_CONFIG="${_CONFIG_DIR}/${_CONFIG}"
|
||||||
|
#shellcheck disable=SC1090
|
||||||
|
. "${_CONFIG}"
|
||||||
|
#shellcheck disable=SC2116,2086
|
||||||
|
_KERNEL="$(echo ${_KERNEL})"
|
||||||
|
#shellcheck disable=SC2154
|
||||||
|
[[ -z "${_UKI}" ]] && _UKI="archboot-$(date +%Y.%m.%d-%H.%M)-$(_kver "${_KERNEL}")-${_ARCH}".efi
|
||||||
|
}
|
||||||
|
|
||||||
|
_prepare_kernel_initramfs() {
|
||||||
|
mkdir -p "${_UKIDIR}"
|
||||||
|
# needed to hash the kernel for secureboot enabled systems
|
||||||
|
echo "Preparing kernel..."
|
||||||
|
install -m644 "${_KERNEL}" "${_UKIDIR}/kernel"
|
||||||
|
_INITRD="initrd-${_ARCH}.img"
|
||||||
|
echo "Running archboot-cpio.sh for ${_INITRD}..."
|
||||||
|
#shellcheck disable=SC2154
|
||||||
|
archboot-cpio.sh -c "${_CONFIG}" -k "${_KERNEL}" \
|
||||||
|
-g "${_UKIDIR}/${_INITRD}" || exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
_prepare_ucode() {
|
||||||
|
# only x86_64
|
||||||
|
if [[ "${_ARCH}" == "x86_64" ]]; then
|
||||||
|
echo "Preparing intel-ucode..."
|
||||||
|
cp "${_INTEL_UCODE}" "${_UKIDIR}/"
|
||||||
|
fi
|
||||||
|
echo "Preparing amd-ucode..."
|
||||||
|
cp "${_AMD_UCODE}" "${_UKIDIR}/"
|
||||||
|
}
|
||||||
|
|
||||||
|
_prepare_background() {
|
||||||
|
echo "Preparing UKI splash..."
|
||||||
|
cp "${_SPLASH}" "${_UKIDIR}/splash.png"
|
||||||
|
}
|
||||||
|
|
||||||
|
_prepare_osrelease() {
|
||||||
|
echo "Preparing os-release..."
|
||||||
|
cp "${_OSREL}" "${_UKIDIR}/os-release"
|
||||||
|
}
|
||||||
|
|
||||||
|
_reproducibility() {
|
||||||
|
# Reproducibility: set all timestamps to 0
|
||||||
|
fd . "${_UKIDIR}" -u --min-depth 1 -X touch -hcd "@0"
|
||||||
|
}
|
||||||
|
|
||||||
|
_systemd_ukify() {
|
||||||
|
echo "Generating ${_ARCH} UKI image..."
|
||||||
|
cd "${_UKIDIR}"
|
||||||
|
[[ "${_ARCH}" == "aarch64" ]] && _CMDLINE="console=ttyS0,115200 console=tty0 audit=0 systemd.show_status=auto"
|
||||||
|
[[ "${_ARCH}" == "aarch64" ]] && _CMDLINE="nr_cpus=1 console=ttyAMA0,115200 console=tty0 loglevel=4 audit=0 systemd.show_status=auto"
|
||||||
|
[[ -n "${_INTEL_UCODE}" ]] && _INTEL_UCODE="--initrd=intel-ucode"
|
||||||
|
[[ -n "${_AMD_UCODE}" ]] && _AMD_UCODE="--initrd=amd-ucode"
|
||||||
|
/usr/lib/systemd/ukify build --linux=kernel \
|
||||||
|
${_INTEL_UCODE} ${_AMD_UCODE} --initrd=${_INITRD} --cmdline=@${_CMDLINE} \
|
||||||
|
--os-release=@os-release --splash=splash.png --output=../${_UKI} &>"${_NO_LOG}" || exit 1
|
||||||
|
cd ..
|
||||||
|
}
|
||||||
|
|
||||||
|
_create_cksum() {
|
||||||
|
## create b2sums.txt
|
||||||
|
echo "Generating b2sum..."
|
||||||
|
[[ -f "b2sums.txt" ]] && rm "b2sums.txt"
|
||||||
|
[[ "$(echo ./*.iso)" == "./*.efi" ]] || cksum -a blake2b ./*.efi > "b2sums.txt"
|
||||||
|
}
|
||||||
|
|
||||||
|
_cleanup_uki() {
|
||||||
|
# cleanup
|
||||||
|
echo "Removing ${_UKIDIR}..."
|
||||||
|
[[ -d "${_UKIDIR}" ]] && rm -r "${_UKIDIR}"
|
||||||
|
}
|
Loading…
Reference in a new issue