Merge pull request #589 from MrChromebox/small_fixes

Small fixes
2025-02-20 09:16:21 +00:00 · 2019-06-25 08:52:06 -07:00 · 2019-06-25 08:52:06 -07:00 · 20d79f5ab5
commit 20d79f5ab5
parent a29c10ad51 6cfbc86618
6 changed files with 40 additions and 16 deletions
--- a/initrd/bin/flash-gui.sh
+++ b/initrd/bin/flash-gui.sh
@ -88,7 +88,7 @@ while true; do
          --yesno "This requires you insert a USB drive containing:\n* Your BIOS image (*.rom)\n\nAfter you select this file, this program will reflash your BIOS\n\nDo you want to proceed?" 16 90) then
        mount_usb
        if grep -q /media /proc/mounts ; then
-          find /media -name '*.rom' > /tmp/filelist.txt
+          find /media ! -path '*/\.*' -type f -name '*.rom' | sort > /tmp/filelist.txt
          file_selector "/tmp/filelist.txt" "Choose the ROM to flash"
          if [ "$FILE" == "" ]; then
            return
--- a/initrd/bin/gui-init
+++ b/initrd/bin/gui-init
@ -8,10 +8,23 @@ CONFIG_BOOT_GUI_MENU_NAME='Heads Boot Menu'

 mount_boot()
 {
+  # ensure default boot device is set
+  if [ ! -e "$CONFIG_BOOT_DEV" ]; then
+    if (whiptail $CONFIG_ERROR_BG_COLOR --clear --title "ERROR: $CONFIG_BOOT_DEV missing!" \
+    --yesno "The /boot device $CONFIG_BOOT_DEV could not be found!\n\nYou will need to configure the correct device for /boot.\n\nWould you like to configure the /boot device now?" 30 90) then
+    config-gui.sh
+    fi
  # Mount local disk if it is not already mounted
-  if ! grep -q /boot /proc/mounts ; then
-    mount -o ro /boot \
-      || recovery "Unable to mount /boot"
+  elif ! grep -q /boot /proc/mounts ; then
+    mount -o ro /boot 
+    if [ $? -ne 0 ]; then
+      if (whiptail $CONFIG_ERROR_BG_COLOR --clear --title 'ERROR: Cannot mount /boot' \
+      --yesno "The /boot partition at $CONFIG_BOOT_DEV could not be mounted!\n\nWould you like to configure the /boot device now?" 30 90) then
+        config-gui.sh
+      else
+        recovery "Unable to mount /boot"
+      fi
+    fi
  fi
 }
 verify_global_hashes()
@ -104,6 +117,12 @@ update_totp()
  /bin/reboot
 }

+# enable USB to load modules for external kb
+enable_usb
+
+# ensure /boot is sane and mount it
+mount_boot
+
 last_half=X
 while true; do
  MAIN_MENU_OPTIONS=""
--- a/initrd/bin/kexec-select-boot
+++ b/initrd/bin/kexec-select-boot
@ -14,7 +14,8 @@ valid_rollback="n"
 force_menu="n"
 gui_menu="n"
 force_boot="n"
-while getopts "b:d:p:a:r:c:uimgf" arg; do
+skip_confirm="n"
+while getopts "b:d:p:a:r:c:uimgfs" arg; do
 	case $arg in
 		b) bootdir="$OPTARG" ;;
 		d) paramsdev="$OPTARG" ;;
@ -27,6 +28,7 @@ while getopts "b:d:p:a:r:c:uimgf" arg; do
 		i) valid_hash="y"; valid_rollback="y" ;;
 		g) gui_menu="y" ;;
 		f) force_boot="y"; valid_hash="y"; valid_rollback="y" ;;
+		s) skip_confirm="y" ;;
 	esac
 done

@ -175,7 +177,7 @@ scan_options() {
 		die "Failed to parse any boot options"
 	fi
 	if [ "$unique" = 'y' ]; then
-		sort $option_file | uniq > $TMP_MENU_FILE
+		sort -r $option_file | uniq > $TMP_MENU_FILE
 	else
 		cp $option_file $TMP_MENU_FILE
 	fi
@ -255,7 +257,7 @@ user_select() {
 	do
 		get_menu_option
    # In force boot mode, no need offer the option to set a default, just boot
-		if [ "$force_boot" = "y" ]; then
+		if [[ "$force_boot" = "y" || "$skip_confirm" = "y" ]]; then
 			do_boot
 		else
 			confirm_menu_option
--- a/initrd/bin/unseal-hotp
+++ b/initrd/bin/unseal-hotp
@ -7,15 +7,20 @@ HOTP_SEALED="/tmp/secret/hotp.sealed"
 HOTP_SECRET="/tmp/secret/hotp.key"
 HOTP_COUNTER="/boot/kexec_hotp_counter"

-mount_boot()
+mount_boot_or_die()
 {
  # Mount local disk if it is not already mounted
  if ! grep -q /boot /proc/mounts ; then
    mount -o ro /boot \
-      || recovery "Unable to mount /boot"
+      || die "Unable to mount /boot"
  fi
 }

+# Store counter in file instead of TPM for now, as it conflicts with Heads
+# config TPM counter as TPM 1.2 can only increment one counter between reboots
+# get current value of HOTP counter in TPM, create if absent
+mount_boot_or_die
+
 tpm nv_readvalue \
 	-in 4d47 \
 	-sz 312 \
@ -30,10 +35,6 @@ tpm unsealfile  \

 shred -n 10 -z -u "$HOTP_SEALED" 2> /dev/null

-# Store counter in file instead of TPM for now, as it conflicts with Heads
-# config TPM counter as TPM 1.2 can only increment one counter between reboots
-# get current value of HOTP counter in TPM, create if absent
-mount_boot

 #check_tpm_counter $HOTP_COUNTER hotp \
 #|| die "Unable to find/create TPM counter"
--- a/initrd/bin/usb-scan
+++ b/initrd/bin/usb-scan
@ -81,9 +81,9 @@ fi
 echo "!!! Could not find any ISO, trying bootable USB"
 # Attempt to pull verified config from device
 if [ -x /bin/whiptail ]; then
-	kexec-select-boot -b /media -c "*.cfg" -u -g
+	kexec-select-boot -b /media -c "*.cfg" -u -g -s
 else
-	kexec-select-boot -b /media -c "*.cfg" -u
+	kexec-select-boot -b /media -c "*.cfg" -u -s
 fi

 die "Something failed in selecting boot"
--- a/initrd/init
+++ b/initrd/init
@ -16,7 +16,9 @@ mkdir /proc /sys /dev /tmp /boot /media 2>&- 1>&-
 mount /dev 2>/dev/ttyprintk
 mount /proc 2>/dev/ttyprintk
 mount /sys 2>/dev/ttyprintk
-mount /sys/firmware/efi/efivars
+if [ "$CONFIG_LINUXBOOT" = "y" ]; then
+	mount /sys/firmware/efi/efivars
+fi

 # Setup the pty psudeo filesystem
 mkdir /dev/pts