root/build-tools/update-efiboot-image
Scott Little 61eb09cded Rename mwa-* subdirectories to match the git repo name
mwa-delphia -> stx-clients
mwa-pitta   -> stx-config
mwa-cleo    -> stx-fault
mwa-gplv2   -> stx-gplv2
mwa-gplv3   -> stx-gplv3
mwa-solon   -> stx-ha
mwa-sparta  -> stx-integ
mwa-beas    -> stx-metal
mwa-thales  -> stx-nfv
mwa-chilon  -> stx-update
mwa-perian  -> stx-upstream

1) Change build-iso and update-efiboot-image to use BSP_FILES_PATH
macro to find board support files.

2) Point BSP_FILES_PATH at stx-metal rather than mwa-beas, per the
directory renaming above.

Depends-On: https://review.openstack.org/579954
Depends-On: https://review.openstack.org/579957
Change-Id: Id8a855ab3c9674d59bb5225ce7a4d338a1e4e22a
Signed-off-by: Scott Little <scott.little@windriver.com>
2018-07-04 13:17:17 -04:00

185 lines
5.4 KiB
Bash
Executable File

#!/bin/bash
#
# Copyright (c) 2016-2017 Wind River Systems, Inc.
#
# SPDX-License-Identifier: Apache-2.0
#
# Update the efiboot.img (See https://wiki.archlinux.org/index.php/Remastering_the_Install_ISO)
# We need to mount the image file, make any changes to the filesystem, and unmount.
#
# e.g. udisksctl loop-setup -f efiboot.img --no-user-interaction
# Mapped file efiboot.img as /dev/loop0.
# udisksctl mount -b /dev/loop0
# Mounted /dev/loop0 at /run/media/kbujold/ANACONDA.
#
MY_YUM_CONF=""
function setup_env_vars {
mkdir -p $MY_WORKSPACE/export/
MY_YUM_CONF=$(create-yum-conf)
if [ $? -ne 0 ]; then
echo "ERROR: create-yum-conf failed"
exit 1
fi
DISTRO_REPO_DIR=$(for d in $(grep baseurl $MY_YUM_CONF | grep file: | awk -F : '{print $2}' | sed 's:///:/:g'); do if [ -d $d/images ]; then echo $d ;fi; done)
if [ ! -d "$DISTRO_REPO_DIR" ] ; then
printf " Error -- could not access $DISTRO_REPO_DIR\n"
exit 1
fi
# where to put stuff (curent dir unless MY_WORKSPACE defined)
OUTPUT_DIR="$PWD/export"
if [ ! -z "$MY_WORKSPACE" ] && [ -d "$MY_WORKSPACE" ] ; then
OUTPUT_DIR="$MY_WORKSPACE/export"
fi
# Directory in which to populate files to be distributed
OUTPUT_DIST_DIR=$OUTPUT_DIR/dist
if [ ! -z "$MY_REPO" ] && [ -d "$MY_REPO" ] ; then
INTERNAL_REPO_ROOT=$MY_REPO
fi
if [ -z "$INTERNAL_REPO_ROOT" ] ; then
if [ ! -z "$MY_REPO_ROOT_DIR" ] && [ -d "$MY_REPO_ROOT_DIR/cgcs-root" ] ; then
INTERNAL_REPO_ROOT=$MY_REPO_ROOT_DIR/cgcs-root
fi
fi
if [ -z "$INTERNAL_REPO_ROOT" ] ; then
if [ -d "$MY_WORKSPACE/std/repo" ] ; then
INTERNAL_REPO_ROOT=$MY_WORKSPACE/std/repo
fi
fi
if [ -z "$INTERNAL_REPO_ROOT" ] ; then
printf " Error -- could not locate cgcs-root repo.\n"
exit 1
fi
}
printf " Calling $0\n"
setup_env_vars
printf " Calling $(basename $0)\n"
MOUNT_LOG_FILE=$OUTPUT_DIR/mounts_used.log
# Clear old image file
printf " Delete old efiboot.img file\n"
rm -f $OUTPUT_DIR/efiboot.img
yum clean all -c $MY_YUM_CONF
# Copy Vanilla Centos image file
cp -L -u $DISTRO_REPO_DIR/images/efiboot.img $OUTPUT_DIR/
printf " Replacing the efiboot.img grub.cfg file with the Titanium Cloud one\n"
# We can either use udev or sudo to mount loopback device, etc.
# This is controlled via env variable
if [ 0${BUILD_ISO_USE_UDEV} -eq 1 ]; then
RET=$(udisksctl loop-setup -f $OUTPUT_DIR/efiboot.img --no-user-interaction)
if [ $? -ne 0 ]; then
printf " Error: failed udev loop-setup command.\n"
exit 1
fi
LOOP=$(echo $RET | awk '{print $5;}' | sed -e 's/\.//g')
else
# no udev - use losetup command
# retcode is the lo device used
RET=$(sudo losetup --show -f $OUTPUT_DIR/efiboot.img)
if [ -z "$RET" ] ; then
printf " Error: failed sudo losetup command.\n"
exit 1
fi
# Save the loop device used into a file
echo $(date) $RET >> $MOUNT_LOG_FILE
LOOP=$(echo $RET)
if [ -z $LOOP ] ; then
printf " Error: failed losetup command.\n"
exit 1
fi
fi
# Mount the filesystem
if [ 0${BUILD_ISO_USE_UDEV} -eq 1 ]; then
udisksctl mount -b $LOOP
EFI_MOUNT=$(udisksctl info -b $LOOP | grep MountPoints | awk '{print $2;}')
else
EFI_MOUNT=$(sudo mktemp -d -p /mnt -t EFI-noudev.XXXXXX)
sudo mount $LOOP $EFI_MOUNT
fi
if [ -z $EFI_MOUNT ] ; then
printf " Error: failed mount command.\n"
exit 1
fi
# Several commands may need to be executed with sudo if we're not using
# udev. Use a variable to hold the optional "sudo" part
if [ 0${BUILD_ISO_USE_UDEV} -eq 1 ]; then
SUDOPREFIX=""
else
SUDOPREFIX="sudo"
fi
# Update the vanilla UEFI Centos grub.cfg with the Titanium Cloud version
${SUDOPREFIX} cp "$BSP_FILES_PATH/grub.cfg" "$EFI_MOUNT/EFI/BOOT/grub.cfg"
# Update the grub and shim executables with the Titanium Cloud signed versions
#
# To do this, we extract the RPMS, grab the two executables we need, and replace
# the ones in the current filesystem
TMPDIR=`mktemp -d`
SHIMPKG=`find $MY_WORKSPACE/std/rpmbuild/RPMS/shim-x64-[0-9]*.x86_64.rpm`
if [ -z "$SHIMPKG" ]; then
SHIMPKG=`find $MY_WORKSPACE/std/rpmbuild/RPMS/shim-[0-9]*.x86_64.rpm`
fi
if [ -z "$SHIMPKG" ]; then
printf " Error -- could not locate shim binary package"
exit 1
fi
GRUBPKG=`find $MY_WORKSPACE/std/rpmbuild/RPMS/grub2-efi-x64-[0-9]*.x86_64.rpm`
if [ -z "$GRUBPKG" ]; then
GRUBPKG=`find $MY_WORKSPACE/std/rpmbuild/RPMS/grub2-efi-[0-9]*.x86_64.rpm`
fi
if [ -z "$GRUBPKG" ]; then
printf " Error -- could not locate grub binary package"
exit 1
fi
pushd $TMPDIR >/dev/null
rpm2cpio $SHIMPKG | cpio -id --quiet
${SUDOPREFIX} find . -name "shim.efi" | xargs -I '{}' ${SUDOPREFIX} cp '{}' $EFI_MOUNT/EFI/BOOT/BOOTX64.EFI
rm -rf *
rpm2cpio $GRUBPKG | cpio -id --quiet
${SUDOPREFIX} find . -name "grubx64.efi" | xargs -I '{}' ${SUDOPREFIX} cp '{}' $EFI_MOUNT/EFI/BOOT/grubx64.efi
popd >/dev/null
rm -rf $TMPDIR
# Create a directory for Secure Boot certificate
${SUDOPREFIX} mkdir -p $EFI_MOUNT/CERTS
${SUDOPREFIX} cp $INTERNAL_REPO_ROOT/build-tools/certificates/* $EFI_MOUNT/CERTS
# Cleanup mounts
if [ 0${BUILD_ISO_USE_UDEV} -eq 1 ]; then
udisksctl unmount -b $LOOP
RET=$(udisksctl loop-delete -b $LOOP)
else
sudo umount $LOOP
RET=$(sudo losetup -d $LOOP)
fi
echo $(date) Deleted $LOOP. $RET >> $MOUNT_LOG_FILE
${SUDOPREFIX} rmdir $EFI_MOUNT
exit 0