|
|
|
#!/bin/bash -eux
|
|
|
|
|
|
|
|
case $ARCH in
|
|
|
|
amd64|arm64)
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
echo "We don't create EFI images for $ARCH."
|
|
|
|
exit 0
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
. config/functions
|
|
|
|
|
|
|
|
apt-get -qqy install dosfstools gdisk
|
|
|
|
|
|
|
|
create_partitions() {
|
|
|
|
disk_image="$1"
|
|
|
|
sgdisk "${disk_image}" --zap-all
|
|
|
|
case $ARCH in
|
|
|
|
arm64)
|
|
|
|
sgdisk "${disk_image}" \
|
|
|
|
--new=15:0:204800 \
|
|
|
|
--typecode=15:ef00 \
|
|
|
|
--new=1:
|
|
|
|
;;
|
|
|
|
amd64)
|
|
|
|
sgdisk "${disk_image}" \
|
|
|
|
--new=14::+4M \
|
|
|
|
--new=15::+106M \
|
|
|
|
--new=1::
|
|
|
|
sgdisk "${disk_image}" \
|
|
|
|
-t 14:ef02 \
|
|
|
|
-t 15:ef00
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
sgdisk "${disk_image}" \
|
|
|
|
--print
|
|
|
|
}
|
|
|
|
|
|
|
|
create_and_mount_uefi_partition() {
|
|
|
|
uefi_dev="/dev/mapper${loop_device///dev/}p15"
|
|
|
|
mountpoint="$1"
|
|
|
|
mkfs.vfat -F 32 -n UEFI "${uefi_dev}"
|
|
|
|
|
|
|
|
mkdir -p "${mountpoint}"/boot/efi
|
|
|
|
mount "${uefi_dev}" "$mountpoint"/boot/efi
|
|
|
|
|
|
|
|
cat << EOF >> "mountpoint/etc/fstab"
|
|
|
|
LABEL=UEFI /boot/efi vfat defaults 0 0
|
|
|
|
EOF
|
|
|
|
}
|
|
|
|
|
|
|
|
install_grub() {
|
|
|
|
mkdir mountpoint
|
|
|
|
mount_partition "${rootfs_dev_mapper}" mountpoint
|
|
|
|
|
|
|
|
create_and_mount_uefi_partition mountpoint
|
|
|
|
|
|
|
|
echo "(hd0) ${loop_device}" > mountpoint/tmp/device.map
|
|
|
|
mkdir -p mountpoint/etc/default/grub.d
|
|
|
|
efi_boot_dir="/boot/efi/EFI/BOOT"
|
|
|
|
chroot mountpoint mkdir -p "${efi_boot_dir}"
|
|
|
|
|
|
|
|
chroot mountpoint apt-get -y update
|
|
|
|
|
|
|
|
# The modules below only make sense on non-Secure Boot UEFI systems.
|
|
|
|
# Otherwise, with Secure Boot enabled GRUB will refuse to load them.
|
|
|
|
# Any modules already in debian/build-efi-images do not need to be listed.
|
|
|
|
# Furthermore, other modules such as terminal, video_* and efi_* are all
|
|
|
|
# already available.
|
|
|
|
case $ARCH in
|
|
|
|
arm64)
|
|
|
|
chroot mountpoint apt-get -qqy install --no-install-recommends grub-efi-arm64 grub-efi-arm64-bin
|
|
|
|
grub_modules="serial"
|
|
|
|
efi_target=arm64-efi
|
|
|
|
;;
|
|
|
|
amd64)
|
|
|
|
chroot mountpoint apt-get install -qqy grub-efi-amd64-signed grub-efi-amd64 shim-signed
|
|
|
|
grub_modules="multiboot serial usb usb_keyboard"
|
|
|
|
efi_target=x86_64-efi
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
cat << EOF >> mountpoint/etc/default/grub.d/50-cloudimg-settings.cfg
|
|
|
|
${CLOUD_IMG_STR}
|
|
|
|
# For Cloud Image compatability
|
|
|
|
GRUB_PRELOAD_MODULES="${GRUB_PRELOAD_MODULES:-$grub_modules}"
|
|
|
|
EOF
|
|
|
|
|
|
|
|
chroot mountpoint grub-install "${loop_device}" \
|
|
|
|
--boot-directory=/boot \
|
|
|
|
--efi-directory=/boot/efi \
|
|
|
|
--target=${efi_target} \
|
|
|
|
--removable \
|
|
|
|
--uefi-secure-boot \
|
|
|
|
--no-nvram \
|
|
|
|
--modules="${grub_modules}"
|
|
|
|
|
|
|
|
if [ -f mountpoint/boot/efi/EFI/BOOT/grub.cfg ]; then
|
|
|
|
sed -i "s| root| root hd0,gpt1|" mountpoint/boot/efi/EFI/BOOT/grub.cfg
|
|
|
|
sed -i "1i${CLOUD_IMG_STR}" mountpoint/boot/efi/EFI/BOOT/grub.cfg
|
|
|
|
# For some reason the grub disk is looking for /boot/grub/grub.cfg on
|
|
|
|
# part 15....
|
|
|
|
chroot mountpoint mkdir -p /boot/efi/boot/grub
|
|
|
|
chroot mountpoint cp /boot/efi/EFI/BOOT/grub.cfg /boot/efi/boot/grub
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ "$ARCH" = "amd64" ]; then
|
|
|
|
# Install the BIOS/GPT bits. Since GPT boots from the ESP partition,
|
|
|
|
# it means that we just run this simple command and we're done
|
|
|
|
chroot mountpoint grub-install --target=i386-pc "${loop_device}"
|
|
|
|
fi
|
|
|
|
|
|
|
|
chroot mountpoint dpkg-divert --local --rename /etc/grub.d/30_os-prober
|
|
|
|
chroot mountpoint update-grub
|
|
|
|
replace_grub_root_with_label mountpoint
|
|
|
|
chroot mountpoint dpkg-divert --remove --local --rename /etc/grub.d/30_os-prober
|
|
|
|
|
|
|
|
chroot mountpoint apt-get -y clean
|
|
|
|
|
|
|
|
rm mountpoint/tmp/device.map
|
|
|
|
sync
|
|
|
|
umount mountpoint/boot/efi
|
|
|
|
sleep 5
|
|
|
|
udevadm settle
|
|
|
|
mount
|
|
|
|
umount_partition mountpoint
|
|
|
|
rmdir mountpoint
|
|
|
|
}
|
|
|
|
|
|
|
|
disk_image=binary/boot/disk-uefi.ext4
|
|
|
|
|
|
|
|
create_empty_disk_image "${disk_image}"
|
|
|
|
create_partitions "${disk_image}"
|
|
|
|
mount_image "${disk_image}" 1
|
|
|
|
|
|
|
|
# Copy the chroot in to the disk
|
|
|
|
make_ext4_partition "${rootfs_dev_mapper}"
|
|
|
|
mkdir mountpoint
|
|
|
|
mount "${rootfs_dev_mapper}" mountpoint
|
|
|
|
cp -a chroot/* mountpoint/
|
|
|
|
umount mountpoint
|
|
|
|
rmdir mountpoint
|
|
|
|
|
|
|
|
install_grub
|
|
|
|
|
|
|
|
clean_loops
|
|
|
|
trap - EXIT
|