mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-09-22 06:01:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

grub_install: add support for verity and non-verity grub.cfg

Browse Source
This commit is contained in:
George Tankersley 2015-06-18 13:02:08 -07:00
parent 28da405b75
commit aa879ddcce
2 changed files with 28 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
build_library/grub.cfg
View File

@ -62,19 +62,19 @@ menuentry "CoreOS default" --id=coreos {
gptprio.next -d usr -u usr_uuid
if [ "$usr_uuid" = "7130c94a-213a-4e5a-8e26-6cce9662f132" ]; then
linux$suf /coreos/vmlinuz-a $linux_console $linux_root \
mount.usr=PARTUUID=$usr_uuid $linux_append
@@MOUNTUSR@@=PARTUUID=$usr_uuid $linux_append
else
linux$suf /coreos/vmlinuz-b $linux_console $linux_root \
mount.usr=PARTUUID=$usr_uuid $linux_append
@@MOUNTUSR@@=PARTUUID=$usr_uuid $linux_append
fi
}
menuentry "CoreOS USR-A" --id=coreos-a {
linux$suf /coreos/vmlinuz-a $linux_console $linux_root \
mount.usr=PARTLABEL=USR-A $linux_append
@@MOUNTUSR@@=PARTLABEL=USR-A $linux_append
}
menuentry "CoreOS USR-B" --id=coreos-b {
linux$suf /coreos/vmlinuz-b $linux_console $linux_root \
mount.usr=PARTLABEL=USR-B $linux_append
@@MOUNTUSR@@=PARTLABEL=USR-B $linux_append
}

23
build_library/grub_install.sh
View File

@ -20,6 +20,8 @@ DEFINE_string esp_dir "" \
"Path to EFI System partition mount point."
DEFINE_string disk_image "" \
"The disk image containing the EFI System partition."
DEFINE_boolean verity ${FLAGS_FALSE} \
"Indicates that boot commands should enable dm-verity."
# Parse flags
FLAGS "$@" || exit 1
@ -71,6 +73,9 @@ cleanup() {
if [[ -b "${LOOP_DEV}" ]]; then
sudo losetup --detach "${LOOP_DEV}"
fi
if [[ -n "${GRUB_TEMP_DIR}" && -e "${GRUB_TEMP_DIR}" ]]; then
rm -r "${GRUB_TEMP_DIR}"
fi
}
trap cleanup EXIT
@ -116,10 +121,26 @@ set prefix=(memdisk)
set
EOF
# Generate a memdisk containing the appropriately generated grub.cfg. Doing
# this because we need conflicting default behaviors between verity and
# non-verity images.
GRUB_TEMP_DIR=$(mktemp -d)
if [[ ! -f "${ESP_DIR}/coreos/grub/grub.cfg.tar" ]]; then
info "Generating grub.cfg memdisk"
if [[ ${FLAGS_verity} -eq ${FLAGS_TRUE} ]]; then
# use dm-verity for /usr
cat "${BUILD_LIBRARY_DIR}/grub.cfg" | \
sed 's/@@MOUNTUSR@@/mount.usr=\/dev\/mapper\/usr verity.usr/' > \
"${GRUB_TEMP_DIR}/grub.cfg"
else
# uses standard systemd /usr mount
cat "${BUILD_LIBRARY_DIR}/grub.cfg" | \
sed 's/@@MOUNTUSR@@/mount.usr/' > "${GRUB_TEMP_DIR}/grub.cfg"
fi
sudo tar cf "${ESP_DIR}/coreos/grub/grub.cfg.tar" \
-C "${BUILD_LIBRARY_DIR}" "grub.cfg"
-C "${GRUB_TEMP_DIR}" "grub.cfg"
fi
info "Generating ${GRUB_DIR}/${CORE_NAME}"