compressed image, cleanup for upstreaming, automatic iso boot

2020-11-09 16:19:36 -08:00 · 2020-11-09 16:19:36 -08:00 · 9b62315c36
parent 75b594f47d
commit 9b62315c36
8 changed files with 106 additions and 99 deletions
--- a/2
+++ b/2
@ -63,7 +63,7 @@ build-fw:
 	mkdir -p $(RELEASE_DIR)
 	for device in $(DEVICES); do \
 		cp \
-			build/heads/build/$${device}/PureBoot*.rom \
+			build/heads/build/$${device}/pureboot*.rom \
 			$(RELEASE_DIR)/$${device}.rom ; \
 	done

--- a/config/buildroot/board/x86_64/linux.config
+++ b/config/buildroot/board/x86_64/linux.config
@ -1,5 +1,6 @@
+CONFIG_LOCALVERSION="AirgapOS"
 # CONFIG_LOCALVERSION_AUTO is not set
-CONFIG_BUILD_SALT="4.19.0-5-amd64"
+CONFIG_BUILD_SALT="5.7.19-amd64"
 CONFIG_SYSVIPC=y
 CONFIG_POSIX_MQUEUE=y
 CONFIG_USELIB=y
@ -31,6 +32,11 @@ CONFIG_USER_NS=y
 CONFIG_CHECKPOINT_RESTORE=y
 CONFIG_SCHED_AUTOGROUP=y
 CONFIG_BLK_DEV_INITRD=y
+# CONFIG_RD_BZIP2 is not set
+# CONFIG_RD_LZMA is not set
+# CONFIG_RD_XZ is not set
+# CONFIG_RD_LZO is not set
+# CONFIG_RD_LZ4 is not set
 CONFIG_EXPERT=y
 CONFIG_KALLSYMS_ALL=y
 CONFIG_BPF_SYSCALL=y
@ -38,7 +44,6 @@ CONFIG_USERFAULTFD=y
 # CONFIG_COMPAT_BRK is not set
 CONFIG_SLAB_FREELIST_RANDOM=y
 CONFIG_SLAB_FREELIST_HARDENED=y
-CONFIG_PROFILING=y
 CONFIG_SMP=y
 CONFIG_X86_X2APIC=y
 # CONFIG_X86_EXTENDED_PLATFORM is not set
@ -117,7 +122,6 @@ CONFIG_EFI_BOOTLOADER_CONTROL=m
 CONFIG_EFI_CAPSULE_LOADER=m
 CONFIG_APPLE_PROPERTIES=y
 # CONFIG_VIRTUALIZATION is not set
-CONFIG_OPROFILE=m
 CONFIG_KPROBES=y
 CONFIG_JUMP_LABEL=y
 CONFIG_COMPAT_32BIT_TIME=y
@ -1540,6 +1544,7 @@ CONFIG_CRC64=m
 CONFIG_CRC7=m
 CONFIG_LIBCRC32C=y
 CONFIG_CRC8=m
+CONFIG_XZ_DEC=y
 # CONFIG_XZ_DEC_POWERPC is not set
 # CONFIG_XZ_DEC_IA64 is not set
 # CONFIG_XZ_DEC_ARM is not set
--- a/config/buildroot/configs/airgap_x86_64_defconfig
+++ b/config/buildroot/configs/airgap_x86_64_defconfig
@ -3353,8 +3353,8 @@ BR2_PACKAGE_XVISOR_ARCH_SUPPORTS=y
 # BR2_TARGET_ROOTFS_BTRFS is not set
 # BR2_TARGET_ROOTFS_CLOOP is not set
 BR2_TARGET_ROOTFS_CPIO=y
-BR2_TARGET_ROOTFS_CPIO_NONE=y
-# BR2_TARGET_ROOTFS_CPIO_GZIP is not set
+# BR2_TARGET_ROOTFS_CPIO_NONE is not set
+BR2_TARGET_ROOTFS_CPIO_GZIP=y
 # BR2_TARGET_ROOTFS_CPIO_BZIP2 is not set
 # BR2_TARGET_ROOTFS_CPIO_LZ4 is not set
 # BR2_TARGET_ROOTFS_CPIO_LZMA is not set
--- a/config/config.env
+++ b/config/config.env
@ -1,2 +1,2 @@
 BUILDROOT_REF=2766f346195dec29b53bc09f6038193998ea3693
-HEADS_REF=e30e3bf3e540b541aa68155233ad1106c8b8631e
+HEADS_REF=6e62c83e164231c629d77a45d37569b3bff43d3f
--- a/config/heads/boards/librem13v4/librem13v4.config
+++ b/config/heads/boards/librem13v4/librem13v4.config
@ -1,39 +0,0 @@
-# Configuration for a librem13v4
-CONFIG_LINUX_CONFIG=config/linux-librem13v2.config
-CONFIG_COREBOOT_CONFIG=config/coreboot-librem13v4.config
-
-export CONFIG_COREBOOT=y
-CONFIG_CRYPTSETUP=y
-CONFIG_FLASHROM=y
-CONFIG_FLASHTOOLS=y
-CONFIG_GPG2=y
-CONFIG_KEXEC=y
-CONFIG_UTIL_LINUX=y
-CONFIG_LVM2=y
-CONFIG_MBEDTLS=y
-CONFIG_PCIUTILS=y
-CONFIG_POPT=y
-CONFIG_QRENCODE=y
-CONFIG_TPMTOTP=y
-
-#CONFIG_SLANG=y
-#CONFIG_NEWT=y
-CONFIG_CAIRO=y
-CONFIG_FBWHIPTAIL=y
-CONFIG_LIBREMKEY=y
-
-CONFIG_LINUX_USB=y
-
-export CONFIG_TPM=y
-export CONFIG_BOOTSCRIPT=/bin/gui-init
-export CONFIG_BOOT_REQ_HASH=n
-export CONFIG_BOOT_REQ_ROLLBACK=n
-export CONFIG_BOOT_KERNEL_ADD="intel_iommu=on"
-export CONFIG_BOOT_KERNEL_REMOVE=""
-export CONFIG_BOOT_USB=y
-export CONFIG_BOOT_DEV="/dev/sda1"
-export CONFIG_BOOT_GUI_MENU_NAME="Librem 13 v4 | AirgapOS Firmware Menu"
-export CONFIG_WARNING_BG_COLOR="--background-gradient 0 0 0 150 125 0"
-export CONFIG_ERROR_BG_COLOR="--background-gradient 0 0 0 150 0 0"
-export CONFIG_FLASHROM_OPTIONS="-p internal"
-export CONFIG_AUTO_BOOT_TIMEOUT=5
--- a/config/heads/boards/librem15v4/librem15v4.config
+++ b/config/heads/boards/librem15v4/librem15v4.config
@ -1,40 +0,0 @@
-# Configuration for a librem15v4
-
-# The L15v4 Linux config is the same as the L13v2 linux config
-CONFIG_LINUX_CONFIG=config/linux-librem13v2.config
-CONFIG_COREBOOT_CONFIG=config/coreboot-librem15v4.config
-
-export CONFIG_COREBOOT=y
-CONFIG_CRYPTSETUP=y
-CONFIG_FLASHROM=y
-CONFIG_FLASHTOOLS=y
-CONFIG_GPG2=y
-CONFIG_KEXEC=y
-CONFIG_UTIL_LINUX=y
-CONFIG_LVM2=y
-CONFIG_MBEDTLS=y
-CONFIG_PCIUTILS=y
-CONFIG_POPT=y
-CONFIG_QRENCODE=y
-CONFIG_TPMTOTP=y
-
-#CONFIG_SLANG=y
-#CONFIG_NEWT=y
-CONFIG_CAIRO=y
-CONFIG_FBWHIPTAIL=y
-CONFIG_LIBREMKEY=y
-
-CONFIG_LINUX_USB=y
-
-export CONFIG_TPM=y
-export CONFIG_BOOTSCRIPT=/bin/gui-init
-export CONFIG_BOOT_REQ_HASH=n
-export CONFIG_BOOT_REQ_ROLLBACK=n
-export CONFIG_BOOT_KERNEL_ADD="intel_iommu=on"
-export CONFIG_BOOT_KERNEL_REMOVE=""
-export CONFIG_BOOT_DEV="/dev/sda1"
-export CONFIG_BOOT_GUI_MENU_NAME="Librem 15 v4 | AirgapOS Firmware Menu"
-export CONFIG_WARNING_BG_COLOR="--background-gradient 0 0 0 150 125 0"
-export CONFIG_ERROR_BG_COLOR="--background-gradient 0 0 0 150 0 0"
-export CONFIG_FLASHROM_OPTIONS="-p internal"
-export CONFIG_AUTO_BOOT_TIMEOUT=5
--- a/config/heads/patches/usb-boot.patch
+++ b/config/heads/patches/usb-boot.patch
@ -1,21 +1,79 @@
 diff --git a/initrd/bin/gui-init b/initrd/bin/gui-init
-index 38953ca..1740da6 100755
+index 1369ed1..f576a8e 100755
 --- a/initrd/bin/gui-init
 +++ b/initrd/bin/gui-init
-@@ -13,6 +13,11 @@ mount_boot()
-   
+@@ -13,21 +13,26 @@ first_pass=true
+ 
+ mount_boot()
+ {
+-  
+
   # Mount local disk if it is not already mounted
   while ! grep -q /boot /proc/mounts ; do
-+
-+    if [ "$CONFIG_BOOT_USB" = "y" ]; then
-+        enable_usb
-+    fi
 +
     # try to mount if CONFIG_BOOT_DEV exists
     if [ -e "$CONFIG_BOOT_DEV" ]; then
-       mount -o ro $CONFIG_BOOT_DEV /boot 
+-      mount -o ro $CONFIG_BOOT_DEV /boot 
+      mount -o ro $CONFIG_BOOT_DEV /boot
+       [[ $? -eq 0 ]] && continue
+     fi
+ 
+-    # CONFIG_BOOT_DEV doesn't exist or couldn't be mounted, so give user options
+    # try to mount usb to /media and /boot if it exists
+    mount-usb \
+    && mount -o bind,ro /media /boot \
+    && continue
+
+    # no boot device available, so give user options
+     whiptail $BG_COLOR_ERROR --clear --title "ERROR: No Bootable OS Found!" \
+-        --menu "    No bootable OS was found on the default boot device $CONFIG_BOOT_DEV.
+        --menu "    No bootable OS was found at $CONFIG_BOOT_DEV or on USB.
+     How would you like to proceed?" 30 90 4 \
+         'b' ' Select a new boot device' \
+-        'u' ' Boot from USB' \
+         'm' ' Continue to the main menu' \
+         'x' ' Exit to recovery shell' \
+         2>/tmp/whiptail || recovery "GUI menu failed"
+@@ -41,9 +46,6 @@ mount_boot()
+           . /tmp/config
+         fi
+         ;;
+-      u )
+-        exec /bin/usb-init
+-        ;;
+       m )
+         break
+         ;;
+@@ -55,6 +57,11 @@ mount_boot()
+ }
+ verify_global_hashes()
+ {
+
+  # If default boot device is not mounted, then there are no hashes to verify
+  # User is likely usb booting.
+  df $CONFIG_BOOT_DEV >/dev/null 2>&1 || return 0
+
+   # Check the hashes of all the files, ignoring signatures for now
+   check_config /boot force
+   TMP_HASH_FILE="/tmp/kexec/kexec_hashes.txt"
+@@ -458,6 +465,7 @@ while true; do
+   if [ "$totp_confirm" = "y" -o -n "$totp_confirm" ]; then
+     # Try to boot the default
+     mount_boot
+
+     verify_global_hashes
+     if [ $? -ne 0 ]; then
+       continue
+@@ -467,6 +475,7 @@ while true; do
+       kexec-select-boot -b /boot -c "grub.cfg" -g \
+       || recovery "Failed default boot"
+     else
+      usb-init
+       if (whiptail --title 'No Default Boot Option Configured' \
+           --yesno "There is no default boot option configured yet.\nWould you like to load a menu of boot options?\nOtherwise you will return to the main menu." 16 90) then
+         kexec-select-boot -m -b /boot -c "grub.cfg" -g
 diff --git a/initrd/bin/mount-usb b/initrd/bin/mount-usb
-index 501171a..2196bbd 100755
+index a79dd66..8a8734c 100755
 --- a/initrd/bin/mount-usb
 +++ b/initrd/bin/mount-usb
@@ -4,19 +4,6 @@
@ -39,7 +97,7 @@ index 501171a..2196bbd 100755
   mkdir /media
 fi
 diff --git a/initrd/bin/usb-scan b/initrd/bin/usb-scan
-index d9f26b0..330d672 100755
+index d9f26b0..b64f150 100755
 --- a/initrd/bin/usb-scan
 +++ b/initrd/bin/usb-scan
@@ -5,12 +5,6 @@ set -e -o pipefail
@ -55,8 +113,30 @@ index d9f26b0..330d672 100755
 # Mount the USB boot device
 mount_usb || die "Unable to mount /media"
 
+@@ -29,12 +23,16 @@ get_menu_option() {
+ 			MENU_OPTIONS="$MENU_OPTIONS $n ${option}"
+ 		done < /tmp/iso_menu.txt
+ 
+-		whiptail --clear --title "Select your ISO boot option" \
+-			--menu "Choose the ISO boot option [1-$n, s for standard boot, a to abort]:" 20 120 8 \
+-			-- $MENU_OPTIONS \
+-			2>/tmp/whiptail || die "Aborting boot attempt"
+		if [ "$n" -eq "1" ]; then
+			option_index=1
+		else
+			whiptail --clear --title "Select your ISO boot option" \
+				--menu "Choose the ISO boot option [1-$n, s for standard boot, a to abort]:" 20 120 8 \
+				-- $MENU_OPTIONS \
+				2>/tmp/whiptail || die "Aborting boot attempt"
+ 
+-		option_index=$(cat /tmp/whiptail)
+			option_index=$(cat /tmp/whiptail)
+		fi
+ 	else
+ 		echo "+++ Select your ISO boot option:"
+ 		n=0
 diff --git a/initrd/etc/functions b/initrd/etc/functions
-index dc0fbed..00afcdb 100755
+index dc0fbed..a083e17 100755
 --- a/initrd/etc/functions
 +++ b/initrd/etc/functions
@@ -122,6 +122,18 @@ enable_usb()
@ -69,7 +149,7 @@ index dc0fbed..00afcdb 100755
 +	  echo "Scanning for USB storage devices..."
 +	  insmod /lib/modules/usb-storage.ko >/dev/null 2>&1 \
 +	  || die "usb_storage: module load failed"
-+	  while [[ $count == $(ls /dev/sd* 2>/dev/null | wc -l) ]]; do 
+	  while [[ $count == $(ls /dev/sd* 2>/dev/null | wc -l) ]]; do
 +	    [[ $timeout -ge 4 ]] && break
 +	    sleep 1
 +	    timeout=$(($timeout+1))
--- a/scripts/fetch
+++ b/scripts/fetch
@ -58,7 +58,8 @@ mkdir -p "$build_dir"
 			patch -p1 --no-backup-if-mismatch < "${patch}";
 		done;
 	fi
-	rsync -Pav "${heads_external}/boards/" "${heads_dir}/boards/"
+	[ -d "${heads_external}/boards" ] && \
+		rsync -Pav "${heads_external}/boards/" "${heads_dir}/boards/"
 	[[ "$devices" =~ "librem" ]] \
 		&& (cd "$heads_dir/blobs/librem_kbl" && ./get_blobs.sh)
 )