2023-03-13 16:26:41 +00:00
|
|
|
#! /bin/ash
|
|
|
|
# Note this is used on legacy-flash boards that lack bash, it runs with busybox
|
|
|
|
# ash. Calls to bash scripts must be guarded by checking config.
|
|
|
|
|
2017-09-20 14:29:14 +00:00
|
|
|
mknod /dev/ttyprintk c 5 3
|
|
|
|
echo "hello world" > /dev/ttyprintk
|
|
|
|
|
|
|
|
# Setup our path
|
2018-02-02 20:50:17 +00:00
|
|
|
export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
|
2017-09-20 14:29:14 +00:00
|
|
|
|
2017-04-12 10:57:58 +00:00
|
|
|
# This is the very first script invoked by the Linux kernel and is
|
|
|
|
# running out of the ram disk. There are no fileysstems mounted.
|
|
|
|
# It is important to have a way to invoke a recovery shell in case
|
|
|
|
# the boot scripts are messed up, but also important to modify the
|
|
|
|
# PCRs if this happens to prevent the TPM disk keys from being revealed.
|
|
|
|
|
2016-08-01 02:39:07 +00:00
|
|
|
# First thing it is vital to mount the /dev and other system directories
|
2017-04-02 03:02:00 +00:00
|
|
|
mkdir /proc /sys /dev /tmp /boot /media 2>&- 1>&-
|
2017-09-20 14:29:14 +00:00
|
|
|
mount /dev 2>/dev/ttyprintk
|
|
|
|
mount /proc 2>/dev/ttyprintk
|
|
|
|
mount /sys 2>/dev/ttyprintk
|
2022-08-25 18:43:31 +00:00
|
|
|
|
2019-06-19 21:27:44 +00:00
|
|
|
if [ "$CONFIG_LINUXBOOT" = "y" ]; then
|
|
|
|
mount /sys/firmware/efi/efivars
|
|
|
|
fi
|
2017-09-20 14:29:14 +00:00
|
|
|
|
|
|
|
# Setup the pty psudeo filesystem
|
|
|
|
mkdir /dev/pts
|
|
|
|
mount /dev/pts 2>/dev/ttyprintk
|
|
|
|
|
|
|
|
if [ ! -r /dev/ptmx ]; then
|
|
|
|
ln -s /dev/pts/ptmx /dev/ptmx
|
|
|
|
fi
|
|
|
|
|
2022-08-25 18:43:31 +00:00
|
|
|
# Needed by bash
|
2023-03-13 16:52:06 +00:00
|
|
|
[ -e /dev/stdin ] || ln -s /proc/self/fd/0 /dev/stdin
|
|
|
|
[ -e /dev/stdout ] || ln -s /proc/self/fd/1 /dev/stdout
|
|
|
|
[ -e /dev/stderr ] || ln -s /proc/self/fd/2 /dev/stderr
|
|
|
|
[ -e /dev/fd ] || ln -s /proc/self/fd /dev/fd
|
2022-08-25 18:43:31 +00:00
|
|
|
|
2017-04-12 10:57:58 +00:00
|
|
|
# Recovery shells will erase anything from here
|
|
|
|
mkdir -p /tmp/secret
|
|
|
|
|
2016-08-01 02:39:07 +00:00
|
|
|
# Now it is safe to print a banner
|
2017-03-31 15:18:46 +00:00
|
|
|
if [ -r /etc/motd ]; then
|
2017-09-20 14:29:14 +00:00
|
|
|
cat /etc/motd > /dev/tty0
|
2017-03-31 15:18:46 +00:00
|
|
|
fi
|
2016-07-25 14:08:53 +00:00
|
|
|
|
2016-08-01 02:39:07 +00:00
|
|
|
# Load the date from the hardware clock, setting it in local time
|
|
|
|
hwclock -l -s
|
|
|
|
|
2017-03-31 15:18:46 +00:00
|
|
|
# Read the system configuration parameters
|
2023-03-13 16:26:41 +00:00
|
|
|
. /etc/ash_functions
|
2017-04-12 10:57:58 +00:00
|
|
|
. /etc/config
|
|
|
|
|
2023-02-20 16:01:17 +00:00
|
|
|
TRACE "Under init"
|
2023-02-18 17:58:43 +00:00
|
|
|
|
2022-08-19 21:21:39 +00:00
|
|
|
# set CONFIG_TPM dynamically before init
|
2022-08-25 18:43:31 +00:00
|
|
|
if [ ! -e /dev/tpm0 ]; then
|
2022-08-19 21:21:39 +00:00
|
|
|
CONFIG_TPM='n'
|
2022-08-25 18:43:31 +00:00
|
|
|
CONFIG_TPM2_TOOLS='n'
|
2022-08-19 21:21:39 +00:00
|
|
|
fi
|
|
|
|
|
2021-10-29 17:29:31 +00:00
|
|
|
#Specify whiptail background colors cues under FBWhiptail only
|
2021-12-17 19:45:53 +00:00
|
|
|
if [ -x /bin/fbwhiptail ]; then
|
2021-10-29 17:29:31 +00:00
|
|
|
export BG_COLOR_WARNING="${CONFIG_WARNING_BG_COLOR:-"--background-gradient 0 0 0 150 125 0"}"
|
|
|
|
export BG_COLOR_ERROR="${CONFIG_ERROR_BG_COLOR:-"--background-gradient 0 0 0 150 0 0"}"
|
2021-12-17 19:45:53 +00:00
|
|
|
else
|
2021-10-29 17:29:31 +00:00
|
|
|
export BG_COLOR_WARNING="${CONFIG_WARNING_BG_COLOR:-""}"
|
|
|
|
export BG_COLOR_ERROR="${CONFIG_ERROR_BG_COLOR:-""}"
|
|
|
|
fi
|
|
|
|
|
2023-03-13 17:10:24 +00:00
|
|
|
if [ "$CONFIG_TPM" = "y" ]; then
|
2022-08-25 18:43:31 +00:00
|
|
|
# Initialize tpm2 encrypted sessions here
|
|
|
|
tpmr startsession
|
|
|
|
fi
|
|
|
|
|
2018-03-12 01:27:19 +00:00
|
|
|
if [ "$CONFIG_COREBOOT" = "y" ]; then
|
2023-03-13 16:52:06 +00:00
|
|
|
[ -x /bin/bash ] && /bin/cbfs-init
|
2018-03-12 01:27:19 +00:00
|
|
|
fi
|
2018-04-30 02:58:44 +00:00
|
|
|
if [ "$CONFIG_LINUXBOOT" = "y" ]; then
|
|
|
|
/bin/uefi-init
|
|
|
|
fi
|
2018-12-01 13:37:34 +00:00
|
|
|
|
|
|
|
# Set GPG_TTY before calling gpg in key-init
|
2020-01-26 04:45:03 +00:00
|
|
|
export GPG_TTY=/dev/console
|
2018-12-01 13:37:34 +00:00
|
|
|
|
2023-03-13 16:52:06 +00:00
|
|
|
[ -x /bin/bash ] && /bin/key-init
|
2018-03-12 01:27:19 +00:00
|
|
|
|
2018-03-10 23:40:07 +00:00
|
|
|
# Setup recovery serial shell
|
|
|
|
if [ ! -z "$CONFIG_BOOT_RECOVERY_SERIAL" ]; then
|
|
|
|
stty -F "$CONFIG_BOOT_RECOVERY_SERIAL" 115200
|
|
|
|
pause_recovery 'Console recovery shell' \
|
|
|
|
< "$CONFIG_BOOT_RECOVERY_SERIAL" \
|
|
|
|
> "$CONFIG_BOOT_RECOVERY_SERIAL" 2>&1 &
|
2016-08-01 02:39:07 +00:00
|
|
|
fi
|
2017-03-27 22:03:09 +00:00
|
|
|
|
2020-02-19 17:40:34 +00:00
|
|
|
# load USB modules for boards using a USB keyboard
|
|
|
|
if [ "$CONFIG_USB_KEYBOARD" = "y" ]; then
|
|
|
|
enable_usb
|
|
|
|
fi
|
|
|
|
|
2017-07-18 17:44:02 +00:00
|
|
|
# If the user has been holding down r, enter a recovery shell
|
|
|
|
# otherwise immediately start the configured boot script.
|
|
|
|
# We don't print a prompt, since this is a near instant timeout.
|
2017-04-12 10:57:58 +00:00
|
|
|
read \
|
2017-07-18 17:44:02 +00:00
|
|
|
-t 0.1 \
|
2017-04-12 10:57:58 +00:00
|
|
|
-n 1 \
|
|
|
|
boot_option
|
|
|
|
echo
|
|
|
|
|
|
|
|
if [ "$boot_option" = "r" ]; then
|
|
|
|
# Start an interactive shell
|
|
|
|
recovery 'User requested recovery shell'
|
|
|
|
# just in case...
|
tpm2-tools: Change sense of CONFIG_TPM to mean any TPM, not just TPM1.
Most logic throughout Heads doesn't need to know TPM1 versus TPM2 (and
shouldn't, the differences should be localized). Some checks were
incorrect and are fixed by this change. Most checks are now unchanged
relative to master.
There are not that many places outside of tpmr that need to
differentiate TPM1 and TPM2. Some of those are duplicate code that
should be consolidated (seal-hotpkey, unseal-totp, unseal-hotp), and
some more are probably good candidates for abstracting in tpmr so the
business logic doesn't have to know TPM1 vs. TPM2.
Previously, CONFIG_TPM could be variously 'y', 'n', or empty. Now it
is always 'y' or 'n', and 'y' means "any TPM". Board configs are
unchanged, setting CONFIG_TPM2_TOOLS=y implies CONFIG_TPM=y so this
doesn't have to be duplicated and can't be mistakenly mismatched.
There were a few checks for CONFIG_TPM = n that only coincidentally
worked for TPM2 because CONFIG_TPM was empty (not 'n'). This test is
now OK, but the checks were also cleaned up to '!= "y"' for robustness.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2023-02-22 21:30:07 +00:00
|
|
|
if [ "$CONFIG_TPM" = "y" ]; then
|
2022-08-25 18:43:31 +00:00
|
|
|
tpmr extend -ix 4 -ic recovery
|
2018-03-10 23:40:07 +00:00
|
|
|
fi
|
2023-03-07 15:05:27 +00:00
|
|
|
exec /bin/sh
|
2018-03-10 23:40:07 +00:00
|
|
|
exit
|
2017-04-12 10:57:58 +00:00
|
|
|
fi
|
2017-03-31 15:18:46 +00:00
|
|
|
|
2022-01-07 19:30:57 +00:00
|
|
|
# Override CONFIG_USE_BLOB_JAIL if needed and persist via user config
|
|
|
|
if lspci -n | grep -q "8086:2723"; then
|
|
|
|
if ! cat /etc/config.user 2>/dev/null | grep -q "USE_BLOB_JAIL"; then
|
|
|
|
echo "CONFIG_USE_BLOB_JAIL=y" >> /etc/config.user
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
tpm2-tools: Change sense of CONFIG_TPM to mean any TPM, not just TPM1.
Most logic throughout Heads doesn't need to know TPM1 versus TPM2 (and
shouldn't, the differences should be localized). Some checks were
incorrect and are fixed by this change. Most checks are now unchanged
relative to master.
There are not that many places outside of tpmr that need to
differentiate TPM1 and TPM2. Some of those are duplicate code that
should be consolidated (seal-hotpkey, unseal-totp, unseal-hotp), and
some more are probably good candidates for abstracting in tpmr so the
business logic doesn't have to know TPM1 vs. TPM2.
Previously, CONFIG_TPM could be variously 'y', 'n', or empty. Now it
is always 'y' or 'n', and 'y' means "any TPM". Board configs are
unchanged, setting CONFIG_TPM2_TOOLS=y implies CONFIG_TPM=y so this
doesn't have to be duplicated and can't be mistakenly mismatched.
There were a few checks for CONFIG_TPM = n that only coincidentally
worked for TPM2 because CONFIG_TPM was empty (not 'n'). This test is
now OK, but the checks were also cleaned up to '!= "y"' for robustness.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2023-02-22 21:30:07 +00:00
|
|
|
# Override CONFIG_TPM and CONFIG_TPM2_TOOLS from /etc/config with runtime value
|
|
|
|
# determined above.
|
2022-08-19 21:21:39 +00:00
|
|
|
#
|
|
|
|
# Values in user config have higher priority during combining thus effectively
|
|
|
|
# changing the value for the rest of the scripts which source /tmp/config.
|
|
|
|
echo "export CONFIG_TPM=\"$CONFIG_TPM\"" >> /etc/config.user
|
tpm2-tools: Change sense of CONFIG_TPM to mean any TPM, not just TPM1.
Most logic throughout Heads doesn't need to know TPM1 versus TPM2 (and
shouldn't, the differences should be localized). Some checks were
incorrect and are fixed by this change. Most checks are now unchanged
relative to master.
There are not that many places outside of tpmr that need to
differentiate TPM1 and TPM2. Some of those are duplicate code that
should be consolidated (seal-hotpkey, unseal-totp, unseal-hotp), and
some more are probably good candidates for abstracting in tpmr so the
business logic doesn't have to know TPM1 vs. TPM2.
Previously, CONFIG_TPM could be variously 'y', 'n', or empty. Now it
is always 'y' or 'n', and 'y' means "any TPM". Board configs are
unchanged, setting CONFIG_TPM2_TOOLS=y implies CONFIG_TPM=y so this
doesn't have to be duplicated and can't be mistakenly mismatched.
There were a few checks for CONFIG_TPM = n that only coincidentally
worked for TPM2 because CONFIG_TPM was empty (not 'n'). This test is
now OK, but the checks were also cleaned up to '!= "y"' for robustness.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2023-02-22 21:30:07 +00:00
|
|
|
echo "export CONFIG_TPM2_TOOLS=\"$CONFIG_TPM2_TOOLS\"" >> /etc/config.user
|
2022-08-19 21:21:39 +00:00
|
|
|
|
2023-06-21 18:36:28 +00:00
|
|
|
# CONFIG_BASIC was previously CONFIG_PUREBOOT_BASIC in the PureBoot distribution.
|
|
|
|
# Substitute it in config.user if present for backward compatibility.
|
|
|
|
sed -i -e 's/^export CONFIG_PUREBOOT_BASIC=/export CONFIG_BASIC=/g' /etc/config.user
|
|
|
|
|
2018-12-07 00:34:47 +00:00
|
|
|
combine_configs
|
|
|
|
. /tmp/config
|
|
|
|
|
2023-06-21 18:36:28 +00:00
|
|
|
if [ "$CONFIG_BASIC" = "y" ]; then
|
2022-03-15 17:05:04 +00:00
|
|
|
echo -e "***** BASIC mode: tamper detection disabled\n" > /dev/tty0
|
|
|
|
fi
|
|
|
|
|
2020-06-25 07:58:01 +00:00
|
|
|
# export firmware version
|
2020-07-01 16:44:40 +00:00
|
|
|
export FW_VER=$(dmesg | grep 'DMI' | grep -o 'BIOS.*' | cut -f2- -d ' ')
|
|
|
|
# chop off date, since will always be epoch w/timeless builds
|
|
|
|
FW_VER=${FW_VER::-10}
|
2020-06-25 07:58:01 +00:00
|
|
|
|
2018-12-07 00:34:47 +00:00
|
|
|
# Add our boot devices into the /etc/fstab, if they are defined
|
|
|
|
# in the configuration file.
|
|
|
|
if [ ! -z "$CONFIG_BOOT_DEV" ]; then
|
|
|
|
echo >> /etc/fstab "$CONFIG_BOOT_DEV /boot auto defaults,ro 0 0"
|
|
|
|
fi
|
|
|
|
|
2023-06-21 18:36:28 +00:00
|
|
|
if [ "$CONFIG_BASIC" = "y" ]; then
|
2022-03-15 17:05:04 +00:00
|
|
|
CONFIG_BOOTSCRIPT=/bin/gui-init-basic
|
|
|
|
export CONFIG_HOTPKEY=n
|
|
|
|
fi
|
|
|
|
|
2022-11-28 20:15:38 +00:00
|
|
|
# Perform board-specific init if present
|
|
|
|
if [ -x /bin/board-init.sh ]; then
|
|
|
|
/bin/board-init.sh
|
|
|
|
fi
|
|
|
|
|
2018-03-10 23:40:07 +00:00
|
|
|
if [ ! -x "$CONFIG_BOOTSCRIPT" -a ! -x "$CONFIG_BOOTSCRIPT_NETWORK" ]; then
|
|
|
|
recovery 'Boot script missing? Entering recovery shell'
|
|
|
|
else
|
|
|
|
if [ -x "$CONFIG_BOOTSCRIPT_NETWORK" ]; then
|
|
|
|
echo '***** Network Boot:' $CONFIG_BOOTSCRIPT_NETWORK
|
|
|
|
$CONFIG_BOOTSCRIPT_NETWORK
|
|
|
|
echo '***** Network Boot Completed:' $CONFIG_BOOTSCRIPT_NETWORK
|
|
|
|
# not blocking
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -x "$CONFIG_BOOTSCRIPT" ]; then
|
|
|
|
echo '***** Normal boot:' $CONFIG_BOOTSCRIPT
|
2022-07-22 17:27:28 +00:00
|
|
|
|
|
|
|
if [ -x /bin/setsid ] && [ -x /bin/agetty ]; then
|
|
|
|
for console in $CONFIG_BOOT_EXTRA_TTYS; do
|
|
|
|
setsid agetty -aroot -l"$CONFIG_BOOTSCRIPT" "$console" linux &
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
|
2018-03-10 23:40:07 +00:00
|
|
|
exec "$CONFIG_BOOTSCRIPT"
|
|
|
|
|
|
|
|
# We should never reach here, but just in case...
|
|
|
|
recovery 'Boot script failure? Entering recovery shell'
|
|
|
|
else
|
|
|
|
# wait for boot via network to occur
|
|
|
|
pause_recovery 'Override network boot. Entering recovery shell'
|
|
|
|
fi
|
|
|
|
fi
|
2017-03-31 15:18:46 +00:00
|
|
|
|
2017-04-12 10:57:58 +00:00
|
|
|
# belts and suspenders, just in case...
|
tpm2-tools: Change sense of CONFIG_TPM to mean any TPM, not just TPM1.
Most logic throughout Heads doesn't need to know TPM1 versus TPM2 (and
shouldn't, the differences should be localized). Some checks were
incorrect and are fixed by this change. Most checks are now unchanged
relative to master.
There are not that many places outside of tpmr that need to
differentiate TPM1 and TPM2. Some of those are duplicate code that
should be consolidated (seal-hotpkey, unseal-totp, unseal-hotp), and
some more are probably good candidates for abstracting in tpmr so the
business logic doesn't have to know TPM1 vs. TPM2.
Previously, CONFIG_TPM could be variously 'y', 'n', or empty. Now it
is always 'y' or 'n', and 'y' means "any TPM". Board configs are
unchanged, setting CONFIG_TPM2_TOOLS=y implies CONFIG_TPM=y so this
doesn't have to be duplicated and can't be mistakenly mismatched.
There were a few checks for CONFIG_TPM = n that only coincidentally
worked for TPM2 because CONFIG_TPM was empty (not 'n'). This test is
now OK, but the checks were also cleaned up to '!= "y"' for robustness.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2023-02-22 21:30:07 +00:00
|
|
|
if [ "$CONFIG_TPM" = "y" ]; then
|
2022-08-25 18:43:31 +00:00
|
|
|
tpmr extend -ix 4 -ic recovery
|
2018-03-10 23:40:07 +00:00
|
|
|
fi
|
2023-03-07 15:05:27 +00:00
|
|
|
exec /bin/sh
|