You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
211 lines
6.6 KiB
211 lines
6.6 KiB
#!/bin/bash -eux
|
|
|
|
case $ARCH in
|
|
amd64|arm64|riscv64)
|
|
;;
|
|
*)
|
|
echo "We don't create EFI images for $ARCH."
|
|
exit 0
|
|
;;
|
|
esac
|
|
|
|
IMAGE_STR="# CLOUD_IMG: This file was created/modified by the Cloud Image build process"
|
|
FS_LABEL="cloudimg-rootfs"
|
|
|
|
case "$ARCH" in
|
|
amd64|arm64|armhf)
|
|
# 3.5 GiB
|
|
# Since Kinetic amd64 need more then the default 2.2G
|
|
# Since Jammy armhf need more then the default 2.2G
|
|
# Since Mantic arm64 need more then the default 2.2G
|
|
IMAGE_SIZE=3758096384 # bump to 3.5G (3584*1024**2);
|
|
;;
|
|
riscv64)
|
|
# 4.5 GiB
|
|
# initrd creation fails with "No space left" with 3.5G
|
|
IMAGE_SIZE=4831838208 # bump to 4.5G (4608*1024**2);
|
|
;;
|
|
esac
|
|
|
|
. config/binary
|
|
|
|
. config/functions
|
|
|
|
create_partitions() {
|
|
disk_image="$1"
|
|
sgdisk "${disk_image}" --zap-all
|
|
case $ARCH in
|
|
arm64|armhf)
|
|
sgdisk "${disk_image}" \
|
|
--new=15:0:204800 \
|
|
--typecode=15:ef00 \
|
|
--new=16::1G \
|
|
--typecode=16:ea00 \
|
|
--new=1:
|
|
;;
|
|
riscv64)
|
|
sgdisk "${disk_image}" \
|
|
--set-alignment=2 \
|
|
--new=15::+106M \
|
|
--typecode=15:ef00 \
|
|
--new=16::1G \
|
|
--typecode=16:ea00 \
|
|
--new=1:: \
|
|
--attributes=1:set:2
|
|
;;
|
|
amd64)
|
|
sgdisk "${disk_image}" \
|
|
--new=14::+4M \
|
|
--new=15::+106M \
|
|
--new=16::1G \
|
|
--typecode=16:ea00 \
|
|
--new=1::
|
|
sgdisk "${disk_image}" \
|
|
-t 14:ef02 \
|
|
-t 15:ef00
|
|
;;
|
|
esac
|
|
sgdisk "${disk_image}" \
|
|
--print
|
|
}
|
|
|
|
create_and_mount_boot_partitions() {
|
|
uefi_dev="${loop_device}p15"
|
|
boot_dev="${loop_device}p16"
|
|
mountpoint="$1"
|
|
|
|
mkfs.vfat -F 32 -n UEFI "${uefi_dev}"
|
|
mkfs.ext4 -L BOOT "${boot_dev}"
|
|
|
|
# copying what was on the rootfs to the new boot partition
|
|
mount "${boot_dev}" "${mountpoint}"/mnt
|
|
mv "${mountpoint}"/boot/* "${mountpoint}"/mnt
|
|
umount "${boot_dev}"
|
|
|
|
mount "${boot_dev}" "${mountpoint}"/boot
|
|
|
|
mkdir -p "${mountpoint}"/boot/efi
|
|
mount "${uefi_dev}" "$mountpoint"/boot/efi
|
|
|
|
cat << EOF >> "mountpoint/etc/fstab"
|
|
LABEL=BOOT /boot ext4 defaults 0 2
|
|
LABEL=UEFI /boot/efi vfat umask=0077 0 1
|
|
EOF
|
|
}
|
|
|
|
install_grub() {
|
|
mkdir mountpoint
|
|
mount_partition "${rootfs_dev_mapper}" mountpoint
|
|
|
|
create_and_mount_boot_partitions mountpoint
|
|
|
|
echo "(hd0) ${loop_device}" > mountpoint/tmp/device.map
|
|
mkdir -p mountpoint/etc/default/grub.d
|
|
efi_boot_dir="/boot/efi/EFI/BOOT"
|
|
chroot mountpoint mkdir -p "${efi_boot_dir}"
|
|
|
|
chroot mountpoint apt-get -y update
|
|
|
|
package_install_recommends_option=""
|
|
# minimized cloud image policy, introduced in version 23.10.16, is to not install recommends for any package
|
|
# installs during build. This is to keep the image as small as possible. This also extends to
|
|
# the grub related packages.
|
|
if [ "${SUBPROJECT:-}" = minimized ]; then
|
|
package_install_recommends_option="--no-install-recommends"
|
|
fi
|
|
|
|
# UEFI GRUB modules are meant to be used equally by Secure Boot and
|
|
# non-Secure Boot systems. If you need an extra module not already
|
|
# provided or run into "Secure Boot policy forbids loading X" problems,
|
|
# please file a bug against grub2 to include the affected module.
|
|
case $ARCH in
|
|
arm64)
|
|
chroot mountpoint apt-get -qqy install ${package_install_recommends_option} shim-signed grub-efi-arm64-signed
|
|
efi_target=arm64-efi
|
|
;;
|
|
armhf)
|
|
chroot mountpoint apt-get -qqy install ${package_install_recommends_option} grub-efi-arm grub-efi-arm-bin
|
|
efi_target=arm-efi
|
|
;;
|
|
amd64)
|
|
chroot mountpoint apt-get install -qqy ${package_install_recommends_option} grub-pc shim-signed
|
|
efi_target=x86_64-efi
|
|
# set the required debconf settings to allow for non interactive grub updates in cloud images LP: #2054103
|
|
echo "grub-pc grub-efi/cloud_style_installation boolean true" | chroot mountpoint debconf-set-selections
|
|
echo "grub-pc grub-pc/cloud_style_installation boolean true" | chroot mountpoint debconf-set-selections
|
|
;;
|
|
riscv64)
|
|
chroot mountpoint apt-get install -qqy ${package_install_recommends_option} u-boot-menu grub-efi-riscv64
|
|
efi_target=riscv64-efi
|
|
|
|
chroot mountpoint u-boot-update
|
|
;;
|
|
esac
|
|
|
|
chroot mountpoint apt-get autoremove --purge --assume-yes
|
|
|
|
chroot mountpoint grub-install "${loop_device}" \
|
|
--boot-directory=/boot \
|
|
--efi-directory=/boot/efi \
|
|
--target=${efi_target} \
|
|
--uefi-secure-boot \
|
|
--no-nvram
|
|
|
|
if [ "$ARCH" = "amd64" ]; then
|
|
# Install the BIOS/GPT bits. Since GPT boots from the ESP partition,
|
|
# it means that we just run this simple command and we're done
|
|
chroot mountpoint grub-install --target=i386-pc "${loop_device}"
|
|
fi
|
|
|
|
# Use initrdless boot for minimal images
|
|
if [ "${SUBPROJECT:-}" = "minimized" ]; then
|
|
force_boot_without_initramfs mountpoint
|
|
fi
|
|
|
|
# This call to rewrite the debian package manifest is added here to capture
|
|
# grub-efi packages that otherwise would not make it into the base
|
|
# manifest. filesystem.packages is moved into place via symlinking to
|
|
# livecd.ubuntu-cpc.manifest by live-build/auto/build after lb_binary runs
|
|
# and at that time snaps are added to the manifest (create-manifest is
|
|
# not called here as it calls snap-seed-parse, resulting in duplicate
|
|
# snap listings)
|
|
chroot mountpoint dpkg-query -W > binary/boot/filesystem.packages
|
|
|
|
divert_grub mountpoint
|
|
track_initramfs_boot_fallback mountpoint
|
|
chroot mountpoint update-grub
|
|
replace_grub_root_with_label mountpoint
|
|
undivert_grub mountpoint
|
|
|
|
chroot mountpoint apt-get -y clean
|
|
|
|
rm mountpoint/tmp/device.map
|
|
umount -R mountpoint/boot
|
|
mount
|
|
|
|
# create sorted filelist as the very last step before unmounting
|
|
(cd mountpoint && find -xdev) | sort > binary/boot/filesystem.filelist
|
|
|
|
umount_partition mountpoint
|
|
rmdir mountpoint
|
|
}
|
|
|
|
disk_image=binary/boot/disk-uefi.ext4
|
|
|
|
create_empty_disk_image "${disk_image}"
|
|
create_partitions "${disk_image}"
|
|
mount_image "${disk_image}" 1
|
|
|
|
# Copy the chroot in to the disk
|
|
make_ext4_partition "${rootfs_dev_mapper}"
|
|
mkdir mountpoint
|
|
mount "${rootfs_dev_mapper}" mountpoint
|
|
cp -a chroot/* mountpoint/
|
|
umount mountpoint
|
|
rmdir mountpoint
|
|
|
|
install_grub
|
|
|
|
clean_loops
|
|
trap - EXIT
|