2016-07-25 14:08:53 +00:00
|
|
|
#!/bin/ash
|
2017-09-20 14:29:14 +00:00
|
|
|
mknod /dev/ttyprintk c 5 3
|
|
|
|
echo "hello world" > /dev/ttyprintk
|
|
|
|
|
|
|
|
# Setup our path
|
2018-02-02 20:50:17 +00:00
|
|
|
export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
|
2017-09-20 14:29:14 +00:00
|
|
|
|
2017-04-12 10:57:58 +00:00
|
|
|
# This is the very first script invoked by the Linux kernel and is
|
|
|
|
# running out of the ram disk. There are no fileysstems mounted.
|
|
|
|
# It is important to have a way to invoke a recovery shell in case
|
|
|
|
# the boot scripts are messed up, but also important to modify the
|
|
|
|
# PCRs if this happens to prevent the TPM disk keys from being revealed.
|
|
|
|
|
2016-08-01 02:39:07 +00:00
|
|
|
# First thing it is vital to mount the /dev and other system directories
|
2017-04-02 03:02:00 +00:00
|
|
|
mkdir /proc /sys /dev /tmp /boot /media 2>&- 1>&-
|
2017-09-20 14:29:14 +00:00
|
|
|
mount /dev 2>/dev/ttyprintk
|
|
|
|
mount /proc 2>/dev/ttyprintk
|
|
|
|
mount /sys 2>/dev/ttyprintk
|
2022-08-25 18:43:31 +00:00
|
|
|
mount /sys/kernel/security 2>/dev/ttyprintk
|
|
|
|
|
2019-06-19 21:27:44 +00:00
|
|
|
if [ "$CONFIG_LINUXBOOT" = "y" ]; then
|
|
|
|
mount /sys/firmware/efi/efivars
|
|
|
|
fi
|
2017-09-20 14:29:14 +00:00
|
|
|
|
|
|
|
# Setup the pty psudeo filesystem
|
|
|
|
mkdir /dev/pts
|
|
|
|
mount /dev/pts 2>/dev/ttyprintk
|
|
|
|
|
|
|
|
if [ ! -r /dev/ptmx ]; then
|
|
|
|
ln -s /dev/pts/ptmx /dev/ptmx
|
|
|
|
fi
|
|
|
|
|
2022-08-25 18:43:31 +00:00
|
|
|
|
|
|
|
[ -a /dev/stdin ] || ln -s /proc/self/fd/0 /dev/stdin
|
|
|
|
[ -a /dev/stdout ] || ln -s /proc/self/fd/1 /dev/stdout
|
|
|
|
[ -a /dev/stderr ] || ln -s /proc/self/fd/2 /dev/stderr
|
|
|
|
# Needed by bash
|
|
|
|
[ -a /dev/fd ] || ln -s /proc/self/fd /dev/fd
|
|
|
|
|
2017-04-12 10:57:58 +00:00
|
|
|
# Recovery shells will erase anything from here
|
|
|
|
mkdir -p /tmp/secret
|
|
|
|
|
2016-08-01 02:39:07 +00:00
|
|
|
# Now it is safe to print a banner
|
2017-03-31 15:18:46 +00:00
|
|
|
if [ -r /etc/motd ]; then
|
2017-09-20 14:29:14 +00:00
|
|
|
cat /etc/motd > /dev/tty0
|
2017-03-31 15:18:46 +00:00
|
|
|
fi
|
2016-07-25 14:08:53 +00:00
|
|
|
|
2016-08-01 02:39:07 +00:00
|
|
|
# Load the date from the hardware clock, setting it in local time
|
|
|
|
hwclock -l -s
|
|
|
|
|
2017-03-31 15:18:46 +00:00
|
|
|
# Read the system configuration parameters
|
2017-04-12 10:57:58 +00:00
|
|
|
. /etc/functions
|
|
|
|
. /etc/config
|
|
|
|
|
2023-02-20 16:01:17 +00:00
|
|
|
TRACE "Under init"
|
2023-02-18 17:58:43 +00:00
|
|
|
|
2022-08-19 21:21:39 +00:00
|
|
|
# set CONFIG_TPM dynamically before init
|
2022-08-25 18:43:31 +00:00
|
|
|
if [ ! -e /dev/tpm0 ]; then
|
2022-08-19 21:21:39 +00:00
|
|
|
CONFIG_TPM='n'
|
2022-08-25 18:43:31 +00:00
|
|
|
CONFIG_TPM2_TOOLS='n'
|
|
|
|
warn 'No TPM found...'
|
2022-08-19 21:21:39 +00:00
|
|
|
fi
|
|
|
|
|
2021-10-29 17:29:31 +00:00
|
|
|
#Specify whiptail background colors cues under FBWhiptail only
|
2021-12-17 19:45:53 +00:00
|
|
|
if [ -x /bin/fbwhiptail ]; then
|
2021-10-29 17:29:31 +00:00
|
|
|
export BG_COLOR_WARNING="${CONFIG_WARNING_BG_COLOR:-"--background-gradient 0 0 0 150 125 0"}"
|
|
|
|
export BG_COLOR_ERROR="${CONFIG_ERROR_BG_COLOR:-"--background-gradient 0 0 0 150 0 0"}"
|
2021-12-17 19:45:53 +00:00
|
|
|
else
|
2021-10-29 17:29:31 +00:00
|
|
|
export BG_COLOR_WARNING="${CONFIG_WARNING_BG_COLOR:-""}"
|
|
|
|
export BG_COLOR_ERROR="${CONFIG_ERROR_BG_COLOR:-""}"
|
|
|
|
fi
|
|
|
|
|
2022-08-25 18:43:31 +00:00
|
|
|
if [ "$CONFIG_TPM2_TOOLS" = "y" ]; then
|
|
|
|
# Initialize tpm2 encrypted sessions here
|
|
|
|
tpmr startsession
|
|
|
|
fi
|
|
|
|
|
2018-03-12 01:27:19 +00:00
|
|
|
if [ "$CONFIG_COREBOOT" = "y" ]; then
|
|
|
|
/bin/cbfs-init
|
|
|
|
fi
|
2018-04-30 02:58:44 +00:00
|
|
|
if [ "$CONFIG_LINUXBOOT" = "y" ]; then
|
|
|
|
/bin/uefi-init
|
|
|
|
fi
|
2018-12-01 13:37:34 +00:00
|
|
|
|
|
|
|
# Set GPG_TTY before calling gpg in key-init
|
2020-01-26 04:45:03 +00:00
|
|
|
export GPG_TTY=/dev/console
|
2018-12-01 13:37:34 +00:00
|
|
|
|
2018-04-30 02:58:44 +00:00
|
|
|
/bin/key-init
|
2018-03-12 01:27:19 +00:00
|
|
|
|
2018-03-10 23:40:07 +00:00
|
|
|
# Setup recovery serial shell
|
|
|
|
if [ ! -z "$CONFIG_BOOT_RECOVERY_SERIAL" ]; then
|
|
|
|
stty -F "$CONFIG_BOOT_RECOVERY_SERIAL" 115200
|
|
|
|
pause_recovery 'Console recovery shell' \
|
|
|
|
< "$CONFIG_BOOT_RECOVERY_SERIAL" \
|
|
|
|
> "$CONFIG_BOOT_RECOVERY_SERIAL" 2>&1 &
|
2016-08-01 02:39:07 +00:00
|
|
|
fi
|
2017-03-27 22:03:09 +00:00
|
|
|
|
2020-02-19 17:40:34 +00:00
|
|
|
# load USB modules for boards using a USB keyboard
|
|
|
|
if [ "$CONFIG_USB_KEYBOARD" = "y" ]; then
|
|
|
|
enable_usb
|
|
|
|
fi
|
|
|
|
|
2017-07-18 17:44:02 +00:00
|
|
|
# If the user has been holding down r, enter a recovery shell
|
|
|
|
# otherwise immediately start the configured boot script.
|
|
|
|
# We don't print a prompt, since this is a near instant timeout.
|
2017-04-12 10:57:58 +00:00
|
|
|
read \
|
2017-07-18 17:44:02 +00:00
|
|
|
-t 0.1 \
|
2017-04-12 10:57:58 +00:00
|
|
|
-n 1 \
|
|
|
|
boot_option
|
|
|
|
echo
|
|
|
|
|
|
|
|
if [ "$boot_option" = "r" ]; then
|
|
|
|
# Start an interactive shell
|
|
|
|
recovery 'User requested recovery shell'
|
|
|
|
# just in case...
|
2022-08-25 18:43:31 +00:00
|
|
|
if [ "$CONFIG_TPM" = "y" -o "$CONFIG_TPM2_TOOLS" = "y" ]; then
|
|
|
|
tpmr extend -ix 4 -ic recovery
|
2018-03-10 23:40:07 +00:00
|
|
|
fi
|
2017-04-12 10:57:58 +00:00
|
|
|
exec /bin/ash
|
2018-03-10 23:40:07 +00:00
|
|
|
exit
|
2017-04-12 10:57:58 +00:00
|
|
|
fi
|
2017-03-31 15:18:46 +00:00
|
|
|
|
2022-08-19 21:21:39 +00:00
|
|
|
# Override CONFIG_TPM from /etc/config with runtime value determined above.
|
|
|
|
#
|
|
|
|
# Values in user config have higher priority during combining thus effectively
|
|
|
|
# changing the value for the rest of the scripts which source /tmp/config.
|
|
|
|
echo "export CONFIG_TPM=\"$CONFIG_TPM\"" >> /etc/config.user
|
|
|
|
|
2018-12-07 00:34:47 +00:00
|
|
|
combine_configs
|
|
|
|
. /tmp/config
|
|
|
|
|
2020-06-25 07:58:01 +00:00
|
|
|
# export firmware version
|
2020-07-01 16:44:40 +00:00
|
|
|
export FW_VER=$(dmesg | grep 'DMI' | grep -o 'BIOS.*' | cut -f2- -d ' ')
|
|
|
|
# chop off date, since will always be epoch w/timeless builds
|
|
|
|
FW_VER=${FW_VER::-10}
|
2020-06-25 07:58:01 +00:00
|
|
|
|
2018-12-07 00:34:47 +00:00
|
|
|
# Add our boot devices into the /etc/fstab, if they are defined
|
|
|
|
# in the configuration file.
|
|
|
|
if [ ! -z "$CONFIG_BOOT_DEV" ]; then
|
|
|
|
echo >> /etc/fstab "$CONFIG_BOOT_DEV /boot auto defaults,ro 0 0"
|
|
|
|
fi
|
|
|
|
|
2018-03-10 23:40:07 +00:00
|
|
|
if [ ! -x "$CONFIG_BOOTSCRIPT" -a ! -x "$CONFIG_BOOTSCRIPT_NETWORK" ]; then
|
|
|
|
recovery 'Boot script missing? Entering recovery shell'
|
|
|
|
else
|
|
|
|
if [ -x "$CONFIG_BOOTSCRIPT_NETWORK" ]; then
|
|
|
|
echo '***** Network Boot:' $CONFIG_BOOTSCRIPT_NETWORK
|
|
|
|
$CONFIG_BOOTSCRIPT_NETWORK
|
|
|
|
echo '***** Network Boot Completed:' $CONFIG_BOOTSCRIPT_NETWORK
|
|
|
|
# not blocking
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ -x "$CONFIG_BOOTSCRIPT" ]; then
|
|
|
|
echo '***** Normal boot:' $CONFIG_BOOTSCRIPT
|
2022-07-22 17:27:28 +00:00
|
|
|
|
|
|
|
if [ -x /bin/setsid ] && [ -x /bin/agetty ]; then
|
|
|
|
for console in $CONFIG_BOOT_EXTRA_TTYS; do
|
|
|
|
setsid agetty -aroot -l"$CONFIG_BOOTSCRIPT" "$console" linux &
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
|
2018-03-10 23:40:07 +00:00
|
|
|
exec "$CONFIG_BOOTSCRIPT"
|
|
|
|
|
|
|
|
# We should never reach here, but just in case...
|
|
|
|
recovery 'Boot script failure? Entering recovery shell'
|
|
|
|
else
|
|
|
|
# wait for boot via network to occur
|
|
|
|
pause_recovery 'Override network boot. Entering recovery shell'
|
|
|
|
fi
|
|
|
|
fi
|
2017-03-31 15:18:46 +00:00
|
|
|
|
2017-04-12 10:57:58 +00:00
|
|
|
# belts and suspenders, just in case...
|
2022-08-25 18:43:31 +00:00
|
|
|
if [ "$CONFIG_TPM" = "y" -o "$CONFIG_TPM2_TOOLS" = y ]; then
|
|
|
|
tpmr extend -ix 4 -ic recovery
|
2018-03-10 23:40:07 +00:00
|
|
|
fi
|
2017-04-12 10:57:58 +00:00
|
|
|
exec /bin/ash
|