Properly set grub2 root device when using efi
We've noticed that centos8 arm64 images have a root devices of /dev/mapper/loop7p3 which make sense within a dib image build context but not at boot time. Dib intends to use labels to set the root device but when efi is used we end up running grub2-mkconfig against the efi grub config path before we configure grub to use labels. Fix this by running grub2-mkconfig after its configuration is set. This should avoid confusion and complicated paths through the scripts that configure this for us. We then copy the resulting config to the efi specific grub.cfg location for platforms that have it. There is also a small refactoring that is done to try and make the ~3 boot variants more clear: 1) Booting with legacy bios 2) Booting with uefi without a signed shim that directly calls grub 3) Booting with uefi and a signed shim that calls grub Options 1 and 2 share the /boot/grub*/grub.cfg file. Option 3 needs its grub.cfg to live alongside distro specific efi target. Change-Id: Ie9790da9d1bbea58197b37b15a48e77f8a93c1ac
This commit is contained in:
parent
b4f768117f
commit
3294aecca2
@ -154,31 +154,31 @@ function install_grub2 {
|
|||||||
else
|
else
|
||||||
# This set of modules is sufficient for all installs (mbr/gpt/efi)
|
# This set of modules is sufficient for all installs (mbr/gpt/efi)
|
||||||
modules="part_msdos part_gpt lvm"
|
modules="part_msdos part_gpt lvm"
|
||||||
extra_options=""
|
|
||||||
if [[ ${DIB_BLOCK_DEVICE} == "mbr" || ${DIB_BLOCK_DEVICE} == "gpt" ]]; then
|
if [[ ${DIB_BLOCK_DEVICE} == "mbr" || ${DIB_BLOCK_DEVICE} == "gpt" ]]; then
|
||||||
$GRUBNAME --modules="$modules biosdisk" $GRUB_OPTS $BOOT_DEV
|
$GRUBNAME --modules="$modules biosdisk" $GRUB_OPTS $BOOT_DEV
|
||||||
elif [[ ${DIB_BLOCK_DEVICE} == "efi" ]]; then
|
elif [[ ${DIB_BLOCK_DEVICE} == "efi" ]]; then
|
||||||
# This tells the EFI install to put the EFI binaries into
|
|
||||||
# the generic /BOOT directory and avoids trying to update
|
|
||||||
# nvram settings.
|
|
||||||
extra_options="--removable"
|
|
||||||
# We need to manually set the target if it's different to
|
# We need to manually set the target if it's different to
|
||||||
# the host. Setup for EFI
|
# the host. Setup for EFI
|
||||||
case $ARCH in
|
case $ARCH in
|
||||||
"x86_64"|"amd64")
|
"x86_64"|"amd64")
|
||||||
GRUB_OPTS="--target=x86_64-efi"
|
|
||||||
# This call installs grub for BIOS compatability
|
# This call installs grub for BIOS compatability
|
||||||
# which makes portable EFI/BIOS images.
|
# which makes portable EFI/BIOS images.
|
||||||
$GRUBNAME --modules="$modules" --target=i386-pc $BOOT_DEV
|
$GRUBNAME --modules="$modules" --target=i386-pc $BOOT_DEV
|
||||||
|
# Set the x86_64 specific efi target for the generic
|
||||||
|
# installation below.
|
||||||
|
GRUB_OPTS="--target=x86_64-efi"
|
||||||
;;
|
;;
|
||||||
# At this point, we don't need to override the target
|
# At this point, we don't need to override the target
|
||||||
# for any other architectures.
|
# for any other architectures.
|
||||||
esac
|
esac
|
||||||
if [ -d /boot/efi/$EFI_BOOT_DIR ]; then
|
# If we don't have a distro specific dir with presigned efi targets
|
||||||
# Make the grub config in the EFI directory for UEFI boot
|
# we install a generic one.
|
||||||
$GRUB_MKCONFIG -o /boot/efi/$EFI_BOOT_DIR/grub.cfg
|
if [ ! -d /boot/efi/$EFI_BOOT_DIR ]; then
|
||||||
else
|
|
||||||
echo "WARNING: /boot/efi/$EFI_BOOT_DIR does not exist, UEFI secure boot not supported"
|
echo "WARNING: /boot/efi/$EFI_BOOT_DIR does not exist, UEFI secure boot not supported"
|
||||||
|
# This tells the EFI install to put the EFI binaries into
|
||||||
|
# the generic /BOOT directory and avoids trying to update
|
||||||
|
# nvram settings.
|
||||||
|
extra_options="--removable"
|
||||||
$GRUBNAME --modules="$modules" $extra_options $GRUB_OPTS $BOOT_DEV
|
$GRUBNAME --modules="$modules" $extra_options $GRUB_OPTS $BOOT_DEV
|
||||||
fi
|
fi
|
||||||
fi
|
fi
|
||||||
@ -226,6 +226,13 @@ function install_grub2 {
|
|||||||
echo 'GRUB_DISABLE_OS_PROBER=true' >> /etc/default/grub
|
echo 'GRUB_DISABLE_OS_PROBER=true' >> /etc/default/grub
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# GRUB_MKCONFIG call needs to happen after we configure
|
||||||
|
# /etc/default/grub above. Without this we can set inappropriate
|
||||||
|
# root device labels and then images don't boot.
|
||||||
|
#
|
||||||
|
# This produces a legacy config which both bios and uefi can boot
|
||||||
|
# Later we copy the final config to an efi specific location to
|
||||||
|
# support uefi specific functionality like secure boot.
|
||||||
$GRUB_MKCONFIG -o $GRUB_CFG
|
$GRUB_MKCONFIG -o $GRUB_CFG
|
||||||
|
|
||||||
# Remove the fix to disable os_prober
|
# Remove the fix to disable os_prober
|
||||||
@ -252,6 +259,14 @@ function install_grub2 {
|
|||||||
# linuxefi/initrdefi for the image to boot under efi
|
# linuxefi/initrdefi for the image to boot under efi
|
||||||
if [[ ${DIB_BLOCK_DEVICE} == "efi" ]]; then
|
if [[ ${DIB_BLOCK_DEVICE} == "efi" ]]; then
|
||||||
sed -i 's%\(linux\|initrd\)16 /boot%\1efi /boot%g' $GRUB_CFG
|
sed -i 's%\(linux\|initrd\)16 /boot%\1efi /boot%g' $GRUB_CFG
|
||||||
|
|
||||||
|
# Finally copy the grub.cfg to the EFI specific dir to support
|
||||||
|
# functionality like secure boot. We make a copy because
|
||||||
|
# /boot and /boot/efi may be different partitions and uefi looks
|
||||||
|
# for a specific partition UUID preventing symlinks from working.
|
||||||
|
if [ -d /boot/efi/$EFI_BOOT_DIR ] ; then
|
||||||
|
cp $GRUB_CFG /boot/efi/$EFI_BOOT_DIR/grub.cfg
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
}
|
}
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user