diff --git a/build_library/build_image_util.sh b/build_library/build_image_util.sh index 5c2cfb44d6..be41387b28 100755 --- a/build_library/build_image_util.sh +++ b/build_library/build_image_util.sh @@ -379,10 +379,16 @@ finish_image() { for target in ${target_list}; do if [[ "${PROD_IMAGE}" -eq 1 && ${FLAGS_enable_verity} -eq ${FLAGS_TRUE} ]]; then ${BUILD_LIBRARY_DIR}/grub_install.sh \ - --target="${target}" --disk_image="${disk_img}" --verity + --board="${BOARD}" \ + --target="${target}" \ + --disk_image="${disk_img}" \ + --verity else ${BUILD_LIBRARY_DIR}/grub_install.sh \ - --target="${target}" --disk_image="${disk_img}" --noverity + --board="${BOARD}" \ + --target="${target}" \ + --disk_image="${disk_img}" \ + --noverity fi done ${BUILD_LIBRARY_DIR}/generate_grub_hashes.py ${disk_img} /usr/lib/grub/ ${pcr_dir} ${COREOS_VERSION} diff --git a/build_library/grub_install.sh b/build_library/grub_install.sh index 1fa5c8376e..dd2022600a 100755 --- a/build_library/grub_install.sh +++ b/build_library/grub_install.sh @@ -14,6 +14,8 @@ SCRIPT_ROOT=$(readlink -f $(dirname "$0")/..) assert_inside_chroot # Flags. +DEFINE_string board "${DEFAULT_BOARD}" \ + "The name of the board" DEFINE_string target "" \ "The GRUB target to install such as i386-pc or x86_64-efi" DEFINE_string disk_image "" \ @@ -26,15 +28,26 @@ FLAGS "$@" || exit 1 eval set -- "${FLAGS_ARGV}" switch_to_strict_mode +# must be sourced after flags are parsed. +. "${BUILD_LIBRARY_DIR}/toolchain_util.sh" || exit 1 +. "${BUILD_LIBRARY_DIR}/board_options.sh" || exit 1 + # Our GRUB lives under coreos/grub so new pygrub versions cannot find grub.cfg GRUB_DIR="coreos/grub/${FLAGS_target}" +# GRUB install location inside the SDK +GRUB_SRC="/usr/lib/grub/${FLAGS_target}" + # Modules required to boot a standard CoreOS configuration CORE_MODULES=( normal search test fat part_gpt search_fs_uuid gzio search_part_label terminal gptprio configfile memdisk tar echo ) # Name of the core image, depends on target CORE_NAME= +# Whether the SDK's grub or the board root's grub is used. Once amd64 is +# fixed up the board root's grub will always be used. +BOARD_GRUB=0 + case "${FLAGS_target}" in i386-pc) CORE_MODULES+=( biosdisk serial ) @@ -50,12 +63,20 @@ case "${FLAGS_target}" in arm64-efi) CORE_MODULES+=( serial efi_gop getenv smbios efinet verify http ) CORE_NAME="core-arm64.efi" + BOARD_GRUB=1 ;; *) die_notrace "Unknown GRUB target ${FLAGS_target}" ;; esac +if [[ $BOARD_GRUB -eq 1 ]]; then + info "Updating GRUB in ${BOARD_ROOT}" + emerge-${BOARD} --nodeps --select -qugKN sys-boot/grub + GRUB_SRC="${BOARD_ROOT}/usr/lib/grub/${FLAGS_target}" +fi +[[ -d "${GRUB_SRC}" ]] || die "GRUB not installed at ${GRUB_SRC}" + # In order for grub-setup-bios to properly detect the layout of the disk # image it expects a normal partitioned block device. For most of the build # disk_util maps individual loop devices to each partition in the image so @@ -107,7 +128,7 @@ sudo mount -t vfat "${LOOP_DEV}p1" "${ESP_DIR}" sudo mkdir -p "${ESP_DIR}/${GRUB_DIR}" info "Compressing modules in ${GRUB_DIR}" -for file in "/usr/lib/grub/${FLAGS_target}"/*{.lst,.mod}; do +for file in "${GRUB_SRC}"/*{.lst,.mod}; do out="${ESP_DIR}/${GRUB_DIR}/${file##*/}" gzip --best --stdout "${file}" | sudo_clobber "${out}" done @@ -149,7 +170,7 @@ info "Generating ${GRUB_DIR}/${CORE_NAME}" sudo grub-mkimage \ --compression=auto \ --format "${FLAGS_target}" \ - --prefix "(,gpt1)/coreos/grub" \ + --directory "${GRUB_SRC}" \ --config "${ESP_DIR}/${GRUB_DIR}/load.cfg" \ --memdisk "${ESP_DIR}/coreos/grub/grub.cfg.tar" \ --output "${ESP_DIR}/${GRUB_DIR}/${CORE_NAME}" \ @@ -159,7 +180,7 @@ sudo grub-mkimage \ case "${FLAGS_target}" in i386-pc) info "Installing MBR and the BIOS Boot partition." - sudo cp "/usr/lib/grub/i386-pc/boot.img" "${ESP_DIR}/${GRUB_DIR}" + sudo cp "${GRUB_SRC}/boot.img" "${ESP_DIR}/${GRUB_DIR}" sudo grub-bios-setup --device-map=/dev/null \ --directory="${ESP_DIR}/${GRUB_DIR}" "${LOOP_DEV}" # boot.img gets manipulated by grub-bios-setup so it alone isn't