-
Notifications
You must be signed in to change notification settings - Fork 562
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bootloader/lk: add support for UC20 lk bootloader with V2 lkenv structs #9695
bootloader/lk: add support for UC20 lk bootloader with V2 lkenv structs #9695
Commits on Nov 25, 2020
-
bootloader/lk: add support for UC20 lk bootloader with V2 lkenv structs
This commit adds support for the UC20 LittleKernel bootloader to snapd. The big changes for using V2 are that we now use a secure bootloader set kernel command line parameter to identify what disk to look for bootloader environment structures, and that we use different lkenv structs for different role bootloaders. Eventually we should make V1 also use a secure bootloader set kernel command line parameter to identify what disk to look for bootloader environment structures on too, as using the partition label like this is vulnerable to attack by attaching a USB disk with the same partition label to the system. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 1ad7561 - Browse repository at this point
Copy the full SHA 1ad7561View commit details -
bootloader/lk{,env}: use xerrors to make Load() err observable as Err…
…NotExist Previously we would never continue in SetBootVars if the file doesn't exist because we used fmt.Errorf which does not preserve the error type such that os.IsNotExist would return true. Now, we can continue to provide a customized error message from Load(), as well as make SetBootVars continue and just write out a new file even if we can't read the lkenv file in Load(). Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 6c1a52d - Browse repository at this point
Copy the full SHA 6c1a52dView commit details
Commits on Nov 27, 2020
-
Configuration menu - View commit details
-
Copy full SHA for 1c83b92 - Browse repository at this point
Copy the full SHA 1c83b92View commit details
Commits on Nov 30, 2020
-
Merge branch 'master' into feature/uc20-lk-bootloader-5
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for a2438c6 - Browse repository at this point
Copy the full SHA a2438c6View commit details -
many: rename disks.FindMatching... to FindMatching...WithFsLabel and …
…err types This is to accommodate a future FindMatching...WithPartLabel. Additionally, an internal refactor to support storing additional properties for partitions when we search a disk is implemented to allow for the additional future method. The error type now is also more versatile to allow specifying what part failed, searching for a partition by filesystem label or by partition label. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 9531654 - Browse repository at this point
Copy the full SHA 9531654View commit details -
osutil/disks: add FindMatchingPartitionUUIDFromPartLabel to Disk iface
This will enable searching for a partition with a given label on the provided disk. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for f36c6d0 - Browse repository at this point
Copy the full SHA f36c6d0View commit details -
bootloader/lk: search for partition labels on the bootloader disk, no…
…t fs labels The partitions with the bootloader structures we care about do not have filesystems on them, and as such they will not have filesystem labels. Instead, they will have partition labels, and as such we should search using the partition label instead. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 98e667c - Browse repository at this point
Copy the full SHA 98e667cView commit details -
bootloader/lk: rename inRuntimeMode to prepareImageTime
This simplifies numerous functions to be more clear with the simpler prepare-image time implementation happening first, then the complex runtime cases happening afterwards are not indented as much. Thanks to @bboozzoo for the suggestion. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 47c2847 - Browse repository at this point
Copy the full SHA 47c2847View commit details -
Thanks to @bboozzoo for the suggestion. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 74dc349 - Browse repository at this point
Copy the full SHA 74dc349View commit details -
bootloader/lk.go: fix handling of os.ErrNotExist everywhere, add comm…
…ents We should be using xerrors.Is() everywhere here, since the error returned is wrapped. However, for specifically RemoveKernelAssets, it's not a bug that we would skip over os.ErrNotExist, but it would result in a more confusing error message - we should try to give better error messages, and returning early with os.ErrNotExist is more useful to the user than the existing error around not being able to find the specified kernel blob. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for ea1879e - Browse repository at this point
Copy the full SHA ea1879eView commit details -
bootloader/lk.go: move prepare-image check earlier in ExtractRecovery…
…KernelAssets Thanks to @bboozzoo for the recommendation. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 9987809 - Browse repository at this point
Copy the full SHA 9987809View commit details
Commits on Dec 1, 2020
-
osutil/disks/disks_linux.go: adjust comment about optional partition …
…labels Thanks to @bboozzoo for clarifying this for me. Partition labels are optional on GPT partitions. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for b8f86da - Browse repository at this point
Copy the full SHA b8f86daView commit details -
osutil/disks/disks.go: fix typo
Thanks to @bboozzoo for catching this. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 4fd0d05 - Browse repository at this point
Copy the full SHA 4fd0d05View commit details -
osutil/disks/disks_linux.go: add some TODOs about things to cleanup/s…
…implify Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for a304490 - Browse repository at this point
Copy the full SHA a304490View commit details -
osutil/disks/disks_linux.go: add comments about the encoding of the u…
…dev props Thanks to @bboozzoo for the suggestion. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 7797633 - Browse repository at this point
Copy the full SHA 7797633View commit details -
osutil/disks/mockdisk.go: fix typo
Thanks to @bboozzoo again for spotting all my typos :-) Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 261a5ab - Browse repository at this point
Copy the full SHA 261a5abView commit details -
osutil/disks: add FindMatchingPartitionUUIDFromPartLabel to Disk iface
This will enable searching for a partition with a given label on the provided disk. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 26d7069 - Browse repository at this point
Copy the full SHA 26d7069View commit details -
many: fix rename of disks pkg function name from rebase
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 947d834 - Browse repository at this point
Copy the full SHA 947d834View commit details -
bootloader/lk: don't use l.rootdir for the returned partition file
Using l.rootdir here was wrong in that it would produce for RoleRunMode bootloaders paths like /run/mnt/ubuntu-boot/dev/disk/by-partuuid/1234, instead of the correct path of /dev/disk/by-partuuid/... at runtime. We didn't catch this in tests because we pass in the same rootdir as what we test for, we didn't test passing in boot.InitramfsUbuntuBootDir for example, so change the tests to account for this. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 89fa366 - Browse repository at this point
Copy the full SHA 89fa366View commit details
Commits on Dec 2, 2020
-
bootloader/lkenv: add compatibility error impl for Go 1.9
Go 1.9 os.PathError does not implement Unwrap(), so using xerrors.Is(err,os.ErrNotExist) does not work, as Is() calls Unwrap() in a loop, waiting for either the error returned to be equal to the target error or to be nil, and in the case of Go 1.9, where os.PathError does not implement Unwrap(), then nil is returned and Is() returns false. We can work around this by implementing Unwrap() on our own error type and specifically returning os.ErrNotExist on Go 1.9 when we know the error is actually os.ErrNotExist. This will make the unit tests with Go 1.9 pass. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 3c42cc0 - Browse repository at this point
Copy the full SHA 3c42cc0View commit details -
Merge branch 'master' into feature/uc20-lk-bootloader-5
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 80c92bd - Browse repository at this point
Copy the full SHA 80c92bdView commit details
Commits on Dec 3, 2020
-
bootloader/lk: use specific backup file for lkenv
For UC20 runtime, the backup file will be a different partition, and since we are using partition uuid symlinks instead of partition labels, we can't just append "bak" to the primary env file, and instead need to manually provide the backup file. Also add a test which validates that the backup env file for run mode on uc20 is handled appropriately and updated. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 0b6df85 - Browse repository at this point
Copy the full SHA 0b6df85View commit details -
bootloader/lk: add test scaffolding and TODO about recovery system ad…
…d/remove Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 7da10c7 - Browse repository at this point
Copy the full SHA 7da10c7View commit details -
bootloader/lk.go: adjust comments
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 23fd1f4 - Browse repository at this point
Copy the full SHA 23fd1f4View commit details -
bootloader/lkenv/lkenv.go: change XXX to TODO
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for f9daf3a - Browse repository at this point
Copy the full SHA f9daf3aView commit details -
bootloader/lkenv/lkenv.go: inspect the err in compatErrNotExist for U…
…nwrap() Instead of checking the version of Go we were compiled with which is weird, we can instead just check for the exact thing we know doesn't work, which is that os.PathError doesn't implement Unwrap(), so if it doesn't implement Unwrap(), we know we are in a legacy version of Go and thus should do the manual unwrapping to return ErrNotExist directly. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for a1f8dc9 - Browse repository at this point
Copy the full SHA a1f8dc9View commit details -
bootloader/lk: refactor helper methods
This refactors some helper methods to be more clear, namely that envFile becomes envBackstore, and it takes an argument for whether or not it is returning the primary or the backup, and eliminating the specific method for getting the backup file, as well as combining some codepaths in the other helpers to be more easily readable if slightly redundant in terms of actual code execution. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 598243c - Browse repository at this point
Copy the full SHA 598243cView commit details -
bootloader/lk: move some function definitions around for conventions'…
… sake Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 12a43a6 - Browse repository at this point
Copy the full SHA 12a43a6View commit details -
bootloader/lk: adjust comment to explain we should try to use kernel …
…cmdline It might not be there on older gadget bootloaders which don't set that kernel command line value and as such we will have to fallback to our current behavior. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for bfafd8a - Browse repository at this point
Copy the full SHA bfafd8aView commit details -
bootloader/lkenv/lkenv.go: fix for gofmt 1.9
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 18ddfb8 - Browse repository at this point
Copy the full SHA 18ddfb8View commit details
Commits on Dec 4, 2020
-
bootloader/lk: update handling of os.ErrNotExist for various cases
The only case where we can really proceed without having an initial env file is at prepare image time when the bootloader env file doesn't exist, as we could be writing an empty/new one. All other cases we need the file to exist as a pre-requisite, if only for accurate error reporting. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for f38b2f5 - Browse repository at this point
Copy the full SHA f38b2f5View commit details -
bootloader/lk.go: rename variable, simplify return statement
Thanks to @pedronis for the suggestion. Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for f136f75 - Browse repository at this point
Copy the full SHA f136f75View commit details -
bootloader/lk.go: implement TODO about checking the backup file in Pr…
…esent() Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for b74ceef - Browse repository at this point
Copy the full SHA b74ceefView commit details -
bootloader/lk.go: re-word awkwardly phrased TODO about using kernel c…
…mdline Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for d085669 - Browse repository at this point
Copy the full SHA d085669View commit details -
Merge branch 'master' into feature/uc20-lk-bootloader-5
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for 86a7aeb - Browse repository at this point
Copy the full SHA 86a7aebView commit details -
bootloader/lk_test.go: add unit test for Present() RoleSole checking …
…backup Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Configuration menu - View commit details
-
Copy full SHA for b609f38 - Browse repository at this point
Copy the full SHA b609f38View commit details