summaryrefslogtreecommitdiffstats
path: root/debian/build-efi-images
diff options
context:
space:
mode:
Diffstat (limited to '')
-rwxr-xr-xdebian/build-efi-images278
1 files changed, 278 insertions, 0 deletions
diff --git a/debian/build-efi-images b/debian/build-efi-images
new file mode 100755
index 0000000..888f1ad
--- /dev/null
+++ b/debian/build-efi-images
@@ -0,0 +1,278 @@
+#! /bin/sh
+set -e
+
+# Copyright (C) 2010, 2011, 2012 Canonical Ltd.
+# Author: Colin Watson <cjwatson@ubuntu.com>
+#
+# This program is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by the Free
+# Software Foundation; either version 2, or (at your option) any later
+# version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+# for more details.
+#
+# You should have received a copy of the GNU General Public License along
+# with this program; if not, write to the Free Software Foundation, Inc.,
+# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
+
+# Make EFI boot images for signing.
+
+if [ $# -lt 7 ]; then
+ echo "usage: $0 GRUB-MKIMAGE GRUB-CORE OUTPUT-DIRECTORY DEB-ARCH PLATFORM EFI-NAME SBAT-CSV [EFI-VENDOR]"
+fi
+
+grub_mkimage="$1"
+grub_core="$2"
+outdir="$3"
+deb_arch="$4"
+platform="$5"
+efi_name="$6"
+sbat_csv="$7"
+efi_vendor="${8:-$(dpkg-vendor --query vendor | tr '[:upper:]' '[:lower:]')}"
+
+# mkfs.msdos may not be on the default PATH.
+export PATH="$PATH:/sbin:/usr/sbin"
+
+workdir=
+
+cleanup () {
+ [ -z "$workdir" ] || rm -rf "$workdir"
+}
+trap cleanup EXIT HUP INT QUIT TERM
+
+# Return the number of 1KiB blocks needed to store a file in the
+# memdisk, with an extra block for the directory entry
+rounded_size () {
+ BLOCK_SIZE=1024
+ size=$(stat -c %s $1)
+ rounded=$(( ( ($size + $BLOCK_SIZE - 1) / $BLOCK_SIZE) + 1))
+ echo "Adding $rounded blocks to memdisk for $1" >&2
+ echo $rounded
+}
+
+rm -rf "$outdir"
+mkdir -p "$outdir"
+
+workdir="$(mktemp -d build-efi-images.XXXXXX)"
+
+# GRUB's rescue parser doesn't understand 'if'.
+echo 'normal (memdisk)/grub.cfg' >"$workdir/grub-bootstrap.cfg"
+
+# Skeleton configuration file which finds the real boot disk.
+cat >"$workdir/grub.cfg" <<EOF
+if [ -z "\$prefix" -o ! -e "\$prefix" ]; then
+ if ! search --file --set=root /.disk/info; then
+ search --file --set=root /.disk/mini-info
+ fi
+ set prefix=(\$root)/boot/grub
+fi
+if [ -e \$prefix/$platform/grub.cfg ]; then
+ source \$prefix/$platform/grub.cfg
+elif [ -e \$prefix/grub.cfg ]; then
+ source \$prefix/grub.cfg
+else
+ source \$cmdpath/grub.cfg
+fi
+EOF
+
+cat >"$workdir/grub-netboot.cfg" <<EOF
+if [ -e \$prefix/$platform/grub.cfg ]; then
+ source \$prefix/$platform/grub.cfg
+else
+ source \$prefix/grub.cfg
+fi
+EOF
+
+# Calculate the size of the embedded filesystem needed
+FATFS_SIZE=64 # 64KiB for the embedded grub.cfg and the metadata
+
+# Only copy in unicode.pf2 for now, we don't want the binary images
+# too large
+FONTS=$grub_core/../unicode.pf2
+for FONT in $FONTS; do
+ FATFS_SIZE=$(($FATFS_SIZE + $(rounded_size $FONT)))
+done
+
+mkfs.msdos -C "$workdir/memdisk.fat" $FATFS_SIZE
+mcopy -i "$workdir/memdisk.fat" "$workdir/grub.cfg" ::grub.cfg
+mmd -i "$workdir/memdisk.fat" ::fonts
+for FONT in $FONTS; do
+ mcopy -i "$workdir/memdisk.fat" "$FONT" ::fonts/$(basename $FONT)
+done
+# Let's show what's here so we have it in build logs
+mdir -/ -i "$workdir/memdisk.fat"
+
+mkfs.msdos -C "$workdir/memdisk-netboot.fat" $FATFS_SIZE
+mcopy -i "$workdir/memdisk-netboot.fat" "$workdir/grub-netboot.cfg" ::grub.cfg
+mmd -i "$workdir/memdisk-netboot.fat" ::fonts
+for FONT in $FONTS; do
+ mcopy -i "$workdir/memdisk-netboot.fat" "$FONT" ::fonts/$(basename $FONT)
+done
+# Let's show what's here so we have it in build logs
+mdir -/ -i "$workdir/memdisk.fat"
+
+CD_MODULES="
+ all_video
+ boot
+ btrfs
+ cat
+ chain
+ configfile
+ echo
+ efifwsetup
+ efinet
+ ext2
+ fat
+ font
+ f2fs
+ gettext
+ gfxmenu
+ gfxterm
+ gfxterm_background
+ gzio
+ halt
+ help
+ hfsplus
+ iso9660
+ jfs
+ jpeg
+ keystatus
+ loadenv
+ loopback
+ linux
+ ls
+ lsefi
+ lsefimmap
+ lsefisystab
+ lssal
+ memdisk
+ minicmd
+ normal
+ ntfs
+ part_apple
+ part_msdos
+ part_gpt
+ password_pbkdf2
+ png
+ probe
+ reboot
+ regexp
+ search
+ search_fs_uuid
+ search_fs_file
+ search_label
+ serial
+ sleep
+ smbios
+ squash4
+ test
+ true
+ video
+ xfs
+ zfs
+ zfscrypt
+ zfsinfo
+ "
+
+# Platform-specific modules
+case $platform in
+ x86_64-efi|i386-efi)
+ CD_MODULES="$CD_MODULES
+ cpuid
+ linuxefi
+ play
+ tpm
+ "
+ ;;
+esac
+
+GRUB_MODULES="$CD_MODULES
+ cryptodisk
+ gcry_arcfour
+ gcry_blowfish
+ gcry_camellia
+ gcry_cast5
+ gcry_crc
+ gcry_des
+ gcry_dsa
+ gcry_idea
+ gcry_md4
+ gcry_md5
+ gcry_rfc2268
+ gcry_rijndael
+ gcry_rmd160
+ gcry_rsa
+ gcry_seed
+ gcry_serpent
+ gcry_sha1
+ gcry_sha256
+ gcry_sha512
+ gcry_tiger
+ gcry_twofish
+ gcry_whirlpool
+ luks
+ luks2
+ lvm
+ mdraid09
+ mdraid1x
+ raid5rec
+ raid6rec
+ "
+NET_MODULES="$CD_MODULES
+ tftp
+ "
+
+# CD boot image
+echo "Including modules $CD_MODULES in $outdir/gcd$efi_name.efi"
+"$grub_mkimage" \
+ -O "$platform" \
+ -o "$outdir/gcd$efi_name.efi" \
+ -c "$workdir/grub-bootstrap.cfg" \
+ -d "$grub_core" \
+ -m "$workdir/memdisk.fat" \
+ -p /boot/grub \
+ --sbat "$sbat_csv" \
+ $CD_MODULES
+
+# Normal disk boot image
+echo "Including modules $GRUB_MODULES in $outdir/grub$efi_name.efi"
+"$grub_mkimage" \
+ -O "$platform" \
+ -o "$outdir/grub$efi_name.efi" \
+ -c "$workdir/grub-bootstrap.cfg" \
+ -d "$grub_core" \
+ -m "$workdir/memdisk.fat" \
+ -p "/EFI/$efi_vendor" \
+ --sbat "$sbat_csv" \
+ $GRUB_MODULES
+
+# Normal network boot image
+echo "Including modules $NET_MODULES in $outdir/grubnet$efi_name.efi"
+"$grub_mkimage" \
+ -O "$platform" \
+ -o "$outdir/grubnet$efi_name.efi" \
+ -c "$workdir/grub-bootstrap.cfg" \
+ -d "$grub_core" \
+ -m "$workdir/memdisk-netboot.fat" \
+ -p /grub \
+ --sbat "$sbat_csv" \
+ $NET_MODULES
+
+# Special network boot image for d-i to use. Just the same as the
+# normal network boot image, but with a different value baked in for
+# the prefix setting
+echo "Including modules $NET_MODULES in $outdir/grubnet$efi_name-installer.efi"
+"$grub_mkimage" \
+ -O "$platform" \
+ -o "$outdir/grubnet$efi_name-installer.efi" \
+ -c "$workdir/grub-bootstrap.cfg" \
+ -d "$grub_core" \
+ -m "$workdir/memdisk-netboot.fat" \
+ -p "/${efi_vendor}-installer/$deb_arch/grub" \
+ --sbat "$sbat_csv" \
+ $NET_MODULES
+
+exit 0