From f0d96f777de5f4b3c6004db9ad70a1ca84c83ba9 Mon Sep 17 00:00:00 2001
From: Kristian Amlie <kristian.amlie@northern.tech>
Date: Fri, 25 Feb 2022 15:42:41 +0100
Subject: [PATCH] Switch to detect `grub*.efi` instead of `shim*.efi`.

The presence of the shim depends on whether Secure Boot is enabled or
not, plus the configuration of the distro. GRUB itself however, will
always be present if the distro uses GRUB with UEFI at all. So check
for that instead.

Of course, without the shim, Secure Boot will not work out of the box,
but this is a misconfigured platform, not a problem with Mender.

Cancel-Changelog: 2b805e29dcfbca1bcf9ea6339ef7755025737e56

Changelog: If `grub*.efi` preexists on the EFI partition, keep it
instead of installing our own. In all other cases, we fall back to the
old functionality of installing mender-grub and nuking the existing
bootloader.

Signed-off-by: Kristian Amlie <kristian.amlie@northern.tech>
---
 mender-convert-modify |  4 ++--
 modules/grub.sh       |  2 +-
 modules/probe.sh      | 10 +++++-----
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/mender-convert-modify b/mender-convert-modify
index 9403e8e..f083d3c 100755
--- a/mender-convert-modify
+++ b/mender-convert-modify
@@ -140,10 +140,10 @@ if [ "${MENDER_GRUB_EFI_INTEGRATION}" == "y" ]; then
     # Check for known U-Boot problems in all files on the boot partition.
     check_for_broken_uboot_uefi_support work/boot
 
-    if has_secureboot_shim "work/boot"; then
+    if has_grub_efi "work/boot"; then
         # No need to install Grub, use the one already present, and only install
         # our grub.cfg
-        grub_install_with_shim_present
+        grub_install_with_grub_efi_present
     else
         grub_install_mender_grub
     fi
diff --git a/modules/grub.sh b/modules/grub.sh
index 73bbb60..f662445 100644
--- a/modules/grub.sh
+++ b/modules/grub.sh
@@ -78,7 +78,7 @@ function grub_install_grub_editenv_binary() {
 #
 # Keep the existing boot shim, and bootloader, and only install the mender-grub
 # config
-function grub_install_with_shim_present() {
+function grub_install_with_grub_efi_present() {
 
     grub_create_grub_config
 
diff --git a/modules/probe.sh b/modules/probe.sh
index 1885fc5..b951f73 100644
--- a/modules/probe.sh
+++ b/modules/probe.sh
@@ -345,11 +345,11 @@ is_efi_compatible_kernel() {
     return 0
 }
 
-# has_secureboot_shim
+# has_grub_efi
 #
-# $1 - the boot partition to search for a secureboot shim
+# $1 - the boot partition to search for a grub*.efi
 #
-# Checks the EFI/* filesystem for the presence of a signed boot shim
-has_secureboot_shim() {
-    find "${1}" -type f -name 'shim*.efi' -print0 | grep -qz shim
+# Checks the EFI/* filesystem for the presence of a GRUB bootloader
+has_grub_efi() {
+    find "${1}" -type f -name 'grub*.efi' -print0 | grep -qz grub
 }