From 6e5d906ebbee661ce74f6214fd1706032e62ff25 Mon Sep 17 00:00:00 2001 From: Kristian Amlie Date: Wed, 8 Jun 2022 15:25:55 +0200 Subject: [PATCH 1/4] fix: Upgrade to latest version of grub-mender-grubenv. This fixes a boot problem which was introduced in the standalone grub boot scripts, during the grub.d integration work. Changelog: None Ticket: None Signed-off-by: Kristian Amlie --- configs/mender_grub_config | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/configs/mender_grub_config b/configs/mender_grub_config index c14c513..275eee8 100644 --- a/configs/mender_grub_config +++ b/configs/mender_grub_config @@ -26,7 +26,7 @@ GRUB_VERSION=2.04 MENDER_GRUB_KERNEL_BOOT_ARGS="" # grub-mender-grubenv is the Mender integration for the GRUB bootloader -MENDER_GRUBENV_VERSION="b06a8e2cf13776b5cfc896fa8068006dd9992ebb" +MENDER_GRUBENV_VERSION="2ac898f5924d5870f8394ad8ecd3ef1ab1422e3b" MENDER_GRUBENV_URL="${MENDER_GITHUB_ORG}/grub-mender-grubenv/archive/${MENDER_GRUBENV_VERSION}.tar.gz" # Name of the storage device containing root filesystem partitions in GRUB From 2f8c0331e5f5f18e57d5bba5015e8229ac1bcbd0 Mon Sep 17 00:00:00 2001 From: Kristian Amlie Date: Fri, 10 Jun 2022 11:36:10 +0200 Subject: [PATCH 2/4] test: Make launching script independent of current folder. Signed-off-by: Kristian Amlie --- scripts/test/mender-convert-qemu | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/test/mender-convert-qemu b/scripts/test/mender-convert-qemu index e9956fb..809ab25 100755 --- a/scripts/test/mender-convert-qemu +++ b/scripts/test/mender-convert-qemu @@ -21,7 +21,7 @@ qemu-system-x86_64 \ -net user,hostfwd=tcp::8822-:22 \ -net nic,macaddr=52:54:00$(od -txC -An -N3 /dev/urandom|tr \ :) \ -drive file=${ovmf_file},if=pflash,format=raw,unit=0,readonly=on \ - -drive file=./uefi-nvram/OVMF_VARS.fd,if=pflash,format=raw,unit=1,readonly=on \ + -drive file="$(dirname "$0")/../../tests/uefi-nvram/OVMF_VARS.fd",if=pflash,format=raw,unit=1,readonly=on \ -drive format=raw,file=${DISK_IMG} & qemu_pid=$! From 69da7596094456a6f2b88aef65de56aedac24e8c Mon Sep 17 00:00:00 2001 From: Kristian Amlie Date: Fri, 10 Jun 2022 11:40:46 +0200 Subject: [PATCH 3/4] test(grub): Fix incorrectly generated test images. Because the shim has hardcoded paths for each distribution, it is better to use the `grub-install --removable` argument to install into `/EFI/BOOT` than to do it ourselves. This makes sure that all files are present and loaded from correct locations. The symptom before this change was that the shim could not find the grubx64.efi file, which is because we were not installing it correctly. So in fact the image would not boot, even though it would boot after a Mender conversion. Signed-off-by: Kristian Amlie --- scripts/test/generate-image.sh | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) diff --git a/scripts/test/generate-image.sh b/scripts/test/generate-image.sh index 13d4e56..92cf96c 100755 --- a/scripts/test/generate-image.sh +++ b/scripts/test/generate-image.sh @@ -82,8 +82,6 @@ post_process_image() { regenerate_grub_live "$image" mount ${LO_DEVICE}p1 tmp-p1 mount ${LO_DEVICE}p2 tmp-p2 - - post_tweaks tmp-p1 tmp-p2 } pre_tweaks() { @@ -107,21 +105,6 @@ EOF sed -E -i -e 's/^#? *PermitRootLogin .*/PermitRootLogin yes/' $root/etc/ssh/sshd_config } -post_tweaks() { - local -r boot="$1" - local -r root="$2" - - # Delete systemd-boot, which isn't normally present in images that were - # installed with OS installers, at least not at the time of writing. - rm -rf "$boot/EFI/systemd" - - # Also replace bootx64.efi, which is the default bootloader. Mkosi installs - # systemd-bootx86.efi, but we want the shim. - rm -f "$boot/EFI/BOOT/*" - mkdir -p "$boot/EFI/BOOT" - cp "$root/usr/lib/shim/shimx64.efi.signed" "$boot/EFI/BOOT/BOOTX64.EFI" -} - # Unfortunately installing grub scripts is something which is not really # possible when offline. This is something which is easier with systemd-boot, so # longterm GRUB will probably follow, or systemd-boot will take over. Anyway, @@ -136,7 +119,7 @@ Description=Regenerate grub scripts, disable itself and then shut down. [Service] Type=oneshot -ExecStart=sh -c "grub-install && update-grub && systemctl disable mender-regenerate-grub-and-shutdown.service && poweroff" +ExecStart=sh -c "grub-install && grub-install --removable && update-grub && systemctl disable mender-regenerate-grub-and-shutdown.service && poweroff" EOF ln -sf "$root/etc/systemd/system/mender-regenerate-grub-and-shutdown.service" "$root/etc/systemd/system/multi-user.target.wants/" From 1de050c78f1d0f0054f29bc8322d95d9a40934a3 Mon Sep 17 00:00:00 2001 From: Kristian Amlie Date: Fri, 10 Jun 2022 12:45:45 +0200 Subject: [PATCH 4/4] fix(grub): Fix failure to boot when using standalone mode. When introducing grub.d integration, we switched to using the already- installed grub binary if it existed. But this is not a good idea, because it may come with hardcoded paths which may fail to load the script that we put in `/EFI/BOOT`. So revert to the old behavior, install our own pre-compiled grub binary if grub.d integration is off. No changelog, since we never released this regression. Changelog: None Ticket: None Signed-off-by: Kristian Amlie --- mender-convert-modify | 14 +++++++------- modules/probe.sh | 9 --------- 2 files changed, 7 insertions(+), 16 deletions(-) diff --git a/mender-convert-modify b/mender-convert-modify index 59712d8..7168716 100755 --- a/mender-convert-modify +++ b/mender-convert-modify @@ -140,21 +140,21 @@ if [ "${MENDER_GRUB_EFI_INTEGRATION}" == "y" ]; then # Check for known U-Boot problems in all files on the boot partition. check_for_broken_uboot_uefi_support work/boot - if has_grub_efi "work/boot"; then + if [ "$MENDER_GRUB_D_INTEGRATION" = y ] || ( [ "$MENDER_GRUB_D_INTEGRATION" = auto ] && supports_grub_d "work/rootfs" ); then # No need to install Grub, use the one already present, and only install # our tools. - log_info "GRUB EFI bootloader already present, not installing one." + log_info "Not installing GRUB EFI bootloader, relying on platform provided one." + + log_info "Installing Mender GRUB tools..." grub_install_grub_editenv_binary - else - log_info "Installing GRUB EFI bootloader..." - grub_install_mender_grub - fi - if [ "$MENDER_GRUB_D_INTEGRATION" = y ] || ( [ "$MENDER_GRUB_D_INTEGRATION" = auto ] && supports_grub_d "work/rootfs" ); then log_info "Generating grub config using update-grub..." grub_create_grub_config grub_install_grub_d_config else + log_info "Installing GRUB EFI bootloader..." + grub_install_mender_grub + log_info "Generating the mender-grub config..." grub_create_grub_config grub_install_standalone_grub_config diff --git a/modules/probe.sh b/modules/probe.sh index 0491fad..9223382 100644 --- a/modules/probe.sh +++ b/modules/probe.sh @@ -345,15 +345,6 @@ is_efi_compatible_kernel() { return 0 } -# has_grub_efi -# -# $1 - the boot partition to search for a grub*.efi -# -# Checks the EFI/* filesystem for the presence of a GRUB bootloader -has_grub_efi() { - find "${1}" -type f -name 'grub*.efi' -print0 | grep -qz grub -} - supports_grub_d() { test -d "$1"/etc/grub.d || return 1