Exception: scripts sourcing/calls within etc/ash_functions continues to use old TRACE functions until we switch to bash completely getting rid of ash.
This would mean getting rid of legacy boards (flash + legacy boards which do not have enough space for bash in flash boards) once and for all.
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
Since 'standard boot' was removed, empty "$option" only occurs due to
error now. Die with a specific error.
Now, we only proceed past ISO boot if no ISOs were present, meaning the
disk might be a plain bootable medium. Present a specific error for
restricted boot in that case.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
The whiptail prompt text was copied from the 'read' prompt but did not
actually have the Abort option. Add it.
The "s for standard boot" option was missing from whiptail. For plain
'read' it does not appear to revert to a normal boot, it actually went
on to try plain bootable USB on the same medium. It's not realistic
for a disk to be both directly bootable and contain ISOs, and this
option does not appear to have been missed since it was missing from
the whiptail/fbwhiptail version, which almost all boards use. Remove
it.
Handle canceling fbwhiptail with esc-esc the same as Abort.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
Restricted Boot mode only allows booting from signed files, whether that
is signed kernels in /boot or signed ISOs on mounted USB disks. This
disables booting from abitrary USB disks as well as the forced "unsafe"
boot mode. This also disables the recovery console so you can't bypass
this mode simply by running kexec manually.
Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
- Add TRACE function tracing output under etc/functions, depending on CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT enabled in board configs
- Replace current DEBUG to TRACE calls in code, reserving DEBUG calls for more verbose debugging later on (output of variables etc)
- add 'export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y' in qemu-coreboot(fb)whiptail-tpm1(-hotp) boards to see it in action
