-
-
Notifications
You must be signed in to change notification settings - Fork 10
/
efi.tmpl
105 lines (99 loc) · 6.44 KB
/
efi.tmpl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<%page args="configdir, KERNELDIR, efiarch, isolabel, kver, shortkvers"/>
<%
EFIARCH_LOWER=efiarch.lower()
EFIBOOTDIR="EFI/BOOT"
APPLE_EFI_ICON=inroot+"/usr/share/pixmaps/bootloader/fedora.icns"
APPLE_EFI_DISKNAME=inroot+"/usr/share/pixmaps/bootloader/fedora-media.vol"
%>
mkdir ${EFIBOOTDIR}
mkdir ${EFIBOOTDIR}/fonts/
## Install grub only (no shim), as we don't have SecureBoot-signed xen/kernel
## Create custom grub image, to include multiboot2 module
<%
grub_modules = " all_video boot btrfs \
cat configfile \
echo efifwsetup efinet ext2 \
fat font gfxmenu gfxterm gzio \
halt hfsplus http increment iso9660 jpeg \
loadenv loopback linux lvm lsefi lsefimmap \
mdraid09 mdraid1x minicmd net \
normal part_apple part_msdos part_gpt \
password_pbkdf2 png reboot \
search search_fs_uuid search_fs_file \
search_label serial sleep syslinuxcfg test tftp \
video xfs \
backtrace chain usb usbserial_common usbserial_pl2303 usbserial_ftdi usbserial_usbdebug"
grub_modules += " multiboot2"
%>
runcmd chroot ${inroot} mkdir -p /boot/efi/EFI/qubes
runcmd chroot ${inroot} grub2-mkimage -O x86_64-efi \
-o /boot/efi/EFI/qubes/BOOT${efiarch}.EFI \
-p /EFI/BOOT ${grub_modules}
install boot/efi/EFI/qubes/BOOT${efiarch}.EFI ${EFIBOOTDIR}/BOOT${efiarch}.EFI
## actually make the EFI images
${make_efiboot("images/efiboot.img", include_kernel=False)}
## place fonts on ISO9660, but not in efiboot.img to save space
install boot/efi/EFI/*/fonts/unicode.pf2 ${EFIBOOTDIR}/fonts/
## This is kinda gross, but then... so's EFI.
<%def name="make_efiboot(img, include_kernel=False, disk=False, imgtype='default')">
<%
kdir = EFIBOOTDIR if include_kernel else KERNELDIR
eficonf = "%s/grub.cfg" % (EFIBOOTDIR, )
args = "--label=ANACONDA --debug"
scsi_modules = " 3w-9xxx 3w-sas 3w-xxxx BusLogic a100u2w aacraid advansys aic79xx aic7xxx am53c974 arcmsr atp870u bfa bnx2fc csiostor dc395x dmx3191d esas2r esp_scsi fcoe fnic gdth hpsa hptiop hv_storvsc initio ipr ips isci iscsi_boot_sysfs libfc libfcoe libiscsi libosd libsas lpfc megaraid megaraid_mbox megaraid_mm megaraid_sas mpt2sas mpt3sas mvsas mvumi osd pm80xx pmcraid qla1280 qla2xxx qla4xxx raid_class scsi_debug scsi_dh_emc scsi_dh_rdac scsi_transport_fc scsi_transport_iscsi scsi_transport_sas scsi_transport_spi scsi_transport_srp stex sym53c8xx ufshcd virtio_scsi vmw_pvscsi wd719x"
extra_modules = " affs befs coda cuse dlm gfs2 mptfc ncpfs nilfs2 ocfs2 ocfs2_dlm ocfs2_dlmfs ocfs2_nodemanager ocfs2_stack_o2cb ocfs2_stack_user ocfs2_stackglue sctp sysv ubifs ufs"
extra_modules += " 9p cachefiles ceph cramfs fscache minix blocklayoutdriver grace nfs nfsv4 objlayoutdriver romfs btrfs xfs cifs drbd sunrpc sctp mwifiex f2fs reiserfs jfs"
extra_modules += " dns_resolver udp_tunnel ip6_udp_tunnel rfkill cfg80211 virtio virtio_mmio virtio_pci virtio_ring libertas libertas_sdio 9pnet libceph rc-core memstick mspro_block mptbase mptsas mptscsih mptspi rtsx_pci rtsx_usb cb710 mic_bus scif_bus mic_card tifm_core mmc_block mmc_core cb710-mmc mtk-sd rtsx_pci_sdmmc rtsx_usb_sdmmc sdhci-acpi sdhci sdhci-pci sdhci-pltfm sdricoh_cs tifm_sd toshsd ushc via-sdmmc vub300 wbsd mtd_blkdevs mtdblock mtd mdio vxlan libertas libertas_sdio nd_blk nd_btt nd_pmem i82092 pd6729 yenta_socket pps_core ptp"
# The word boundaries are needed to avoid matching squashfs
extra_modules += " \\<hfs\\> hfsplus"
extra_modules += " ib_addr ib_cm ib_core ib_mad ib_sa ib_ucm ib_umad ib_uverbs iw_cm rdma_cm rdma_ucm iw_cxgb3 iw_cxgb4 mlx4_ib ib_mthca iw_nes ib_qib ib_ipoib ib_iser ib_isert ib_srp ib_srpt"
extra_modules += " cxgb3 cxgb4 mlx4_core mlx4_en"
extra_dracut_modules = " multipath modsign crypt shutdown plymouth fcoe fcoe-uefi nfs iscsi ifcfg"
extra_dracut_modules += " btrfs lvm qemu qemu-net systemd-bootchart systemd-networkd virtfs mlx4 rdma cifs livenet network kernel-network-modules"
if disk: args += " --disk"
if imgtype == "apple": args += ' --apple --icon=%s --diskname=%s --product="%s %s"' % (APPLE_EFI_ICON, APPLE_EFI_DISKNAME, product.name, product.version)
%>
%if include_kernel:
copy ${KERNELDIR}/vmlinuz ${EFIBOOTDIR}
runcmd chroot ${inroot} mkdir -p /boot/efi/EFI/qubes
runcmd chroot ${inroot} touch /proc/modules
runcmd chroot ${inroot} dracut --conf /dev/null --confdir /var/empty \
--nomdadmconf --nolvmconf --nofscks --no-early-microcode \
--no-hostonly --xz --install '/.buildstamp' \
--add 'anaconda pollcdrom dmsquash-live' \
--omit="${extra_dracut_modules}" --omit-drivers="${scsi_modules}" --omit-drivers="${extra_modules}" \
/boot/efi/EFI/qubes/initrd-small.img ${kver}
runcmd chroot ${inroot} rm -f /proc/modules
install boot/efi/EFI/qubes/initrd-small.img ${EFIBOOTDIR}/initrd.img
%endif
install ${configdir}/grub2-efi.cfg ${eficonf}
%for shortkver in shortkvers[1:]:
install ${configdir}/grub2-efi-entry.cfg ${eficonf}-entry
replace @KVER@ ${shortkver} ${eficonf}-entry
replace @KERNELPATH@ /${kdir}/vmlinuz-${shortkver} ${eficonf}-entry
replace @INITRDPATH@ /${kdir}/initrd-${shortkver}.img ${eficonf}-entry
runcmd sh -c 'cat ${outroot}/${eficonf}-entry >> ${outroot}/${eficonf}'
remove ${eficonf}-entry
%endfor
replace @PRODUCT@ '${product.name}' ${eficonf}
replace @VERSION@ ${product.version} ${eficonf}
replace @KERNELNAME@ vmlinuz ${eficonf}
replace @XENPATH@ /${kdir}/xen.gz ${eficonf}
replace @KERNELPATH@ /${kdir}/vmlinuz ${eficonf}
replace @INITRDPATH@ /${kdir}/initrd.img ${eficonf}
replace @ISOLABEL@ '${isolabel}' ${eficonf}
%if disk:
replace @ROOT@ inst.stage2=hd:LABEL=ANACONDA ${eficonf}
%else:
replace @ROOT@ 'inst.stage2=hd:LABEL=${isolabel|udev}' ${eficonf}
%endif
runcmd mkefiboot ${args} ${outroot}/${EFIBOOTDIR} ${outroot}/${img}
# place those files to prevent Windows recreating them while writing ISO image
# on Windows (this would break image verification)
runcmd mount ${outroot}/${img} ${outroot}/${EFIBOOTDIR} -o loop
mkdir "${EFIBOOTDIR}/System Volume Information"
install "${configdir}/System Volume Information/*" "${EFIBOOTDIR}/System Volume Information/"
runcmd umount ${outroot}/${img}
# verify if the image is under 32MB (max size of boot image on iso9660)
runcmd sh -x -c '[ $(stat -c %s ${outroot}/${img}) -le 33554432 ]'
</%def>