Skip to content

Commit

Permalink
Bump version to 1.2.0
Browse files Browse the repository at this point in the history
  • Loading branch information
Christian Schmidt committed Jun 26, 2022
1 parent 51b1c15 commit 13fb6ab
Show file tree
Hide file tree
Showing 4 changed files with 33 additions and 12 deletions.
7 changes: 6 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,6 @@
# buildkernel
A tool to build a secure-boot EFI stub kernel, and save it to the EFI system partition.

Work conducted on Jun 2022 to adopt it for my preferences

> 31 Oct 2020: sadly, due to legal obligations arising from a recent change in my 'real world' job, I must announce I am **standing down as maintainer of this project with immediate effect**. For the meantime, I will leave the repo up (for historical interest, and it may be of use to others); however, I plan no further updates, nor will I be accepting / actioning further pull requests or bug reports from this point. Email requests for support will also have to be politely declined, so, **please treat this as an effective EOL notice**.<br><br>For further details, please see my post [here](https://forums.gentoo.org/viewtopic-p-8522963.html#8522963).<br><br>With sincere apologies, sakaki ><
Expand All @@ -28,3 +27,9 @@ Although **buildkernel** is targetted primarily at the use-case where the EFI sy
Full instructions are provided as part of the [**Sakaki's EFI Install Guide**](https://wiki.gentoo.org/wiki/Sakaki's_EFI_Install_Guide) tutorial, on the Gentoo wiki.

In particular, see [this section](https://wiki.gentoo.org/wiki/Sakaki's_EFI_Install_Guide/Configuring_and_Building_the_Kernel#What_the_buildkernel_Script_Does_.28Background_Reading.29) for a detailed description of what **buildkernel** does, and why.

## Changelog on top of Sakaki's
Changes on top of Sakaki's original:
- (1.1.0) Strip modules for installation. For now, no new configuration flag to turn this off.
- (1.1.0) Migrate from dead upstream genkernel-next to genkernel. This requires (hopefully temporary) removal of plymouth support, and removes the need for the static-gpg package. Everything besides this script is now available in the base gentoo tree.
- (1.2.0) Support both raw devices and partitions. I like to boot from Raid-1, which the original script did not see as there is no PARTUUID in this case. Keep original variable names for compatibility. Either the UUID or the PARTUUID will work now.
34 changes: 25 additions & 9 deletions buildkernel
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ shopt -s nullglob
# ********************** variables *********************
PROGNAME="$(basename "${0}")"
CONFFILE="/etc/${PROGNAME}.conf"
VERSION="1.0.37"
VERSION="1.2.0"
ETCPROFILE="/etc/profile"
DEFAULTEFIBOOTFILE="bootx64.efi"
EFIBOOTFILE="${DEFAULTEFIBOOTFILE}"
Expand Down Expand Up @@ -132,6 +132,8 @@ PORTAGEINFO=""
MAKE=""
# following array variables set by load_all_devices function
declare -A ALLUUIDS
declare -A FSUUIDS
declare -A PARTUUIDS
declare -a GPGUUIDS
declare -a LUKSUUIDS
declare -a EFIUUIDS
Expand Down Expand Up @@ -376,7 +378,8 @@ restore_efivarfs_mount_state() {
fi
}
check_is_luks_volume() {
cryptsetup isLuks "${1}" || die "Path '${1}' is not a LUKS volume"
local candidate=$(findfs "${1}")
cryptsetup isLuks "${candidate}" || die "Path '${1}' is not a LUKS volume"
}
partuuid_is_on_usb_device() {
local CANONPART="${ALLUUIDS[${1}]}"
Expand Down Expand Up @@ -484,10 +487,17 @@ setup_final_variables() {
warning "without the plymouth use flag set - ignoring."
PLYMOUTHTHEME=""
fi
EFIPATHMAP="${ALLUUIDS[${EFIPARTUUID}]}"

EFIPATHMAP="PARTUUID=${EFIPARTUUID}"

if ((CRYPTPATHMAPFORCED==0)); then
CRYPTPATHMAP="${ALLUUIDS[${CRYPTPARTUUID}]}"
if [ -z ${PARTUUIDS[${CRYPTPARTUUID}]+xxx} ]; then
CRYPTPATHMAP="UUID=${CRYPTPARTUUID}"
else
CRYPTPATHMAP="PARTUUID=${CRYPTPARTUUID}"
fi
fi # otherwise, leave it as set

# check if the user has specified an OpenRC init; if not, assume systemd
if [[ "${INITSYSTEM}" == "openrc" ]]; then
# need a different path for the init executable
Expand All @@ -499,7 +509,11 @@ setup_final_variables() {
# assume keyfile is also on the EFI system partition, unless KEYFILEPARTUUID
# has been set explicitly in buildkernel.conf
KEYFILEPARTUUID="${KEYFILEPARTUUID:-${EFIPARTUUID}}"
KEYFILEPATHMAP="${ALLUUIDS[${KEYFILEPARTUUID}]}"
if [ -z ${PARTUUIDS[${KEYFILEPARTUUID}]+xxx} ]; then
KEYFILEPATHMAP="UUID=${KEYFILEPARTUUID}"
else
KEYFILEPATHMAP="PARTUUID=${KEYFILEPARTUUID}"
fi
# get the real root filesystem type if not specified
# falling back to ext4 if the findmnt-based lookup fails
if [[ ! -v CMDLINE_ROOTFSTYPE ]]; then
Expand Down Expand Up @@ -552,20 +566,23 @@ check_if_booted_under_efi() {
fi
}
load_all_devices() {
# overwrites the variables ALLUUIDS, EFIUUIDS, GPGUUIDS, LUKSUUIDS,
# ISUSBPART
# overwrites the variables ALLUUIDS, FSUUIDS, PARTUUIDS
# EFIUUIDS, GPGUUIDS, LUKSUUIDS, ISUSBPART
# we only look for non-LUKS partitions on attached USB devices
# for GPG keys, and don't mount to check that the file is there
ALLUUIDS=(); EFIUUIDS=(); GPGUUIDS=(); LUKSUUIDS=()
ALLUUIDS=(); FSUUIDS=(); PARTUUIDS=();
EFIUUIDS=(); GPGUUIDS=(); LUKSUUIDS=()
ISUSBPART=()
local NEXTDEV NEXTUUID NEXTPARTUUID NEXTFSTYPE
shopt -s lastpipe
lsblk -nlp -o NAME,FSTYPE,UUID,PARTUUID -E UUID |
while read NEXTDEV NEXTFSTYPE NEXTUUID NEXTPARTUUID; do
if [ -n "${NEXTFSTYPE}" ]; then
ALLUUIDS[${NEXTUUID}]="${NEXTDEV}"
FSUUIDS[${NEXTUUID}]="1"
if [ -n "${NEXTPARTUUID}" ]; then
ALLUUIDS[${NEXTPARTUUID}]="${NEXTDEV}"
PARTUUIDS[${NEXTPARTUUID}]="1"
fi
if [[ $(readlink "/sys/class/block/${NEXTDEV:5}") =~ usb ]]; then
ISUSBPART["${NEXTDEV}"]="1"
Expand Down Expand Up @@ -2222,7 +2239,6 @@ handle_final_options() {
suppress_colour_and_alert_if_output_not_to_a_terminal
check_if_booted_under_efi
load_all_devices

source_etc_conf_file
process_command_line_options "${@}"
setup_build_directory
Expand Down
2 changes: 1 addition & 1 deletion buildkernel.8
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH BUILDKERNEL 8 "Version 1.1.0: June 2022"
.TH BUILDKERNEL 8 "Version 1.2.0: June 2022"
.SH NAME
buildkernel \- build secure boot kernel, save to EFI system partition
.SH SYNOPSIS
Expand Down
2 changes: 1 addition & 1 deletion buildkernel.conf.5
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
.TH BUILDKERNEL 5 "Version 1.1.0: June 2022"
.TH BUILDKERNEL 5 "Version 1.2.0: June 2022"
.SH NAME
buildkernel.conf \- a configuration file for \fBbuildkernel\fR(8)
.SH SYNOPSIS
Expand Down

0 comments on commit 13fb6ab

Please sign in to comment.