ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2024-12-18 20:47:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
ebdcc8523c
heads/initrd/init
Jonathon Hall 8233c6f442
init: Silence exFAT errors when mounting iso9660; reorder exfat last 
Since exFAT support was enabled, mounting an iso9660 filesystem prints
spurious exFAT errors to the console.  That is because busybox mount
tries all filesystems in the order listed, and exfat precedes iso9660
(those are the last two in our config).  Most filesystems are silent
when used on the wrong type of filesystem, but exFAT logs errors, which
appear on the console.

Move exFAT after iso9660, so iso9660 filesystems won't show these
errors.  The errors will still appear if the filesystem is actually
exFAT but cannot be mounted.

There's no significant risk of misdetecting a remnant iso9660
superblock here either.  Although an iso9660 superblock could fall in
the unused space between the exFAT boot region and the FAT itself,
mkfs.exfat does zero this space so it is unlikely such a remnant
superblock would exist.

Signed-off-by: Jonathon Hall <jonathon.hall@puri.sm>
2024-02-02 13:24:34 -05:00

241 lines
8.1 KiB
Bash
Executable File
Raw Blame History

#! /bin/ash
# Note this is used on legacy-flash boards that lack bash, it runs with busybox
# ash. Calls to bash scripts must be guarded by checking config.
mknod /dev/ttyprintk c 5 3
echo "hello world" > /dev/ttyprintk
# Setup our path
export PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/bin
# This is the very first script invoked by the Linux kernel and is
# running out of the ram disk. There are no fileysstems mounted.
# It is important to have a way to invoke a recovery shell in case
# the boot scripts are messed up, but also important to modify the
# PCRs if this happens to prevent the TPM disk keys from being revealed.
# First thing it is vital to mount the /dev and other system directories
mkdir /proc /sys /dev /tmp /boot /media 2>&- 1>&-
mount /dev 2>/dev/ttyprintk
mount /proc 2>/dev/ttyprintk
mount /sys 2>/dev/ttyprintk
if [ "$CONFIG_LINUXBOOT" = "y" ]; then
mount /sys/firmware/efi/efivars
fi
# Setup the pty psudeo filesystem
mkdir /dev/pts
mount /dev/pts 2>/dev/ttyprintk
if [ ! -r /dev/ptmx ]; then
ln -s /dev/pts/ptmx /dev/ptmx
fi
# Needed by bash
[ -e /dev/stdin ] || ln -s /proc/self/fd/0 /dev/stdin
[ -e /dev/stdout ] || ln -s /proc/self/fd/1 /dev/stdout
[ -e /dev/stderr ] || ln -s /proc/self/fd/2 /dev/stderr
[ -e /dev/fd ] || ln -s /proc/self/fd /dev/fd
# Recovery shells will erase anything from here
mkdir -p /tmp/secret
# Now it is safe to print a banner
if [ -r /etc/motd ]; then
cat /etc/motd > /dev/tty0
fi
# Load the date from the hardware clock, setting it in local time
hwclock -l -s
# When mounting a filesystem, try exFAT last, since it logs errors if the
# filesystem is not exFAT, and the errors go to the console. Those errors are
# spurious when the medium is iso9660. By default in our config, the only
# filesystem after exFAT is iso9660, move exFAT last.
(grep -v '^\texfat$' /proc/filesystems && echo -e '\texfat') >/etc/filesystems
# Read the system configuration parameters
. /etc/ash_functions
. /etc/config
# Board config had CONFIG_DEBUG_OUTPUT=y defined.
# Note that boards's coreboot config kernel command line "debug" option only will have all kernel messages output on console prior of this point
if [ "$CONFIG_DEBUG_OUTPUT" = "y" ]; then
#Maximize printk messages to output all to console (8=debug)
#DEBUG and TRACE calls will output to /dev/kmsg, outputting both on dmesg and on console
dmesg -n 8 || true
DEBUG "Debug output enabled from board CONFIG_DEBUG_OUTPUT=y option (/etc/config)"
else
# Board config did't have CONFIG_DEBUG_OUTPUT=y defined
# config.user extracted and combined from CBFS had CONFIG_DEBUG_OUTPUT=y
# Output only print messages with a priority of 4 (warnings) or lower (errors and critical) kernel messages to console
# This way, "debug" kernel command line option will have all kernel messages output on console prior of this point
# This is useful to debug boot issues but permits qemu board to boot without flooding console with kernel messages by disabling CONFIG_DEBUG_OUTPUT=y in qemu board config
dmesg -n 4 || true
DEBUG "Debug output enabled from /etc/config.user's CONFIG_DEBUG_OUTPUT=y after combine_configs (Config menu enabled Debug)"
fi
TRACE "Under init"
# set CONFIG_TPM dynamically before init
if [ ! -e /dev/tpm0 ]; then
CONFIG_TPM='n'
CONFIG_TPM2_TOOLS='n'
fi
#Specify whiptail background colors cues under FBWhiptail only
if [ -x /bin/fbwhiptail ]; then
export BG_COLOR_WARNING="${CONFIG_WARNING_BG_COLOR:-"--background-gradient 0 0 0 150 125 0"}"
export BG_COLOR_ERROR="${CONFIG_ERROR_BG_COLOR:-"--background-gradient 0 0 0 150 0 0"}"
else
export BG_COLOR_WARNING="${CONFIG_WARNING_BG_COLOR:-""}"
export BG_COLOR_ERROR="${CONFIG_ERROR_BG_COLOR:-""}"
fi
if [ "$CONFIG_TPM" = "y" ]; then
# Initialize tpm2 encrypted sessions here
tpmr startsession
fi
if [ "$CONFIG_COREBOOT" = "y" ]; then
[ -x /bin/bash ] && /bin/cbfs-init
fi
if [ "$CONFIG_LINUXBOOT" = "y" ]; then
/bin/uefi-init
fi
# Set GPG_TTY before calling gpg in key-init
export GPG_TTY=/dev/console
# Initialize gpnupg with distro/user keys and setup the keyrings
[ -x /bin/bash ] && /bin/key-init
# Override CONFIG_USE_BLOB_JAIL if needed and persist via user config
if lspci -n | grep -E -q "8086:(2723|4df0)"; then
if ! cat /etc/config.user 2>/dev/null | grep -q "USE_BLOB_JAIL"; then
echo "CONFIG_USE_BLOB_JAIL=y" >> /etc/config.user
fi
fi
# Override CONFIG_TPM and CONFIG_TPM2_TOOLS from /etc/config with runtime value
# determined above.
#
# Values in user config have higher priority during combining thus effectively
# changing the value for the rest of the scripts which source /tmp/config.
echo "export CONFIG_TPM=\"$CONFIG_TPM\"" >> /etc/config.user
echo "export CONFIG_TPM2_TOOLS=\"$CONFIG_TPM2_TOOLS\"" >> /etc/config.user
# CONFIG_BASIC was previously CONFIG_PUREBOOT_BASIC in the PureBoot distribution.
# Substitute it in config.user if present for backward compatibility.
sed -i -e 's/^export CONFIG_PUREBOOT_BASIC=/export CONFIG_BASIC=/g' /etc/config.user
combine_configs
. /tmp/config
# Enable maximum debug info from here if config.user extracted and combined from CBFS had CONFIG_DEBUG_OUTPUT=y
if [ "$CONFIG_DEBUG_OUTPUT" = "y" ]; then
#Output all kernel messages to console (8=debug)
#DEBUG and TRACE calls will be in dmesg and on console
if ! grep -q 'CONFIG_DEBUG_OUTPUT="y"' /etc/config;then
# Board config did't have CONFIG_DEBUG_OUTPUT=y defined
# config.user extracted and combined from CBFS had CONFIG_DEBUG_OUTPUT=y
dmesg -n 8
DEBUG "Debug output enabled from /etc/config.user's CONFIG_DEBUG_OUTPUT=y after combine_configs (Config menu enabled Debug)"
TRACE "Under init:after combine_configs"
fi
fi
# Setup recovery serial shell
if [ ! -z "$CONFIG_BOOT_RECOVERY_SERIAL" ]; then
stty -F "$CONFIG_BOOT_RECOVERY_SERIAL" 115200
pause_recovery 'Console recovery shell' \
< "$CONFIG_BOOT_RECOVERY_SERIAL" \
> "$CONFIG_BOOT_RECOVERY_SERIAL" 2>&1 &
fi
# load USB modules for boards using a USB keyboard
if [ "$CONFIG_USB_KEYBOARD_REQUIRED" = y ] || [ "$CONFIG_USER_USB_KEYBOARD" = "y" ]; then
enable_usb
fi
# If the user has been holding down r, enter a recovery shell
# otherwise immediately start the configured boot script.
# We don't print a prompt, since this is a near instant timeout.
read \
-t 0.1 \
-n 1 \
boot_option
echo
if [ "$boot_option" = "r" ]; then
# Start an interactive shell
recovery 'User requested recovery shell'
# just in case...
exit
elif [ "$boot_option" = "o" ]; then
# Launch OEM Factory Reset/Re-Ownership
oem-factory-reset
# just in case...
exit
fi
if [ "$CONFIG_BASIC" = "y" ]; then
echo -e "***** BASIC mode: tamper detection disabled\n" > /dev/tty0
fi
# export firmware version
export FW_VER=$(dmesg | grep 'DMI' | grep -o 'BIOS.*' | cut -f2- -d ' ')
# chop off date, since will always be epoch w/timeless builds
FW_VER=${FW_VER::-10}
# Add our boot devices into the /etc/fstab, if they are defined
# in the configuration file.
if [ ! -z "$CONFIG_BOOT_DEV" ]; then
echo >> /etc/fstab "$CONFIG_BOOT_DEV /boot auto defaults,ro 0 0"
fi
# Set the console font if needed
[ -x /bin/bash ] && setconsolefont.sh
if [ "$CONFIG_BASIC" = "y" ]; then
CONFIG_BOOTSCRIPT=/bin/gui-init-basic
export CONFIG_HOTPKEY=n
fi
# Perform board-specific init if present
if [ -x /bin/board-init.sh ]; then
/bin/board-init.sh
fi
if [ ! -x "$CONFIG_BOOTSCRIPT" -a ! -x "$CONFIG_BOOTSCRIPT_NETWORK" ]; then
recovery 'Boot script missing? Entering recovery shell'
else
if [ -x "$CONFIG_BOOTSCRIPT_NETWORK" ]; then
echo '***** Network Boot:' $CONFIG_BOOTSCRIPT_NETWORK
$CONFIG_BOOTSCRIPT_NETWORK
echo '***** Network Boot Completed:' $CONFIG_BOOTSCRIPT_NETWORK
# not blocking
fi
if [ -x "$CONFIG_BOOTSCRIPT" ]; then
echo '***** Normal boot:' $CONFIG_BOOTSCRIPT
if [ -x /bin/setsid ] && [ -x /bin/agetty ]; then
for console in $CONFIG_BOOT_EXTRA_TTYS; do
setsid agetty -aroot -l"$CONFIG_BOOTSCRIPT" "$console" linux &
done
fi
#Setup a control tty so that all terminals outputs correct tty when tty is called
exec cttyhack "$CONFIG_BOOTSCRIPT"
else
# wait for boot via network to occur
pause_recovery 'Override network boot. Entering recovery shell'
fi
fi
# We should never reach here, but just in case...
recovery 'Boot script failure? Entering recovery shell'
Reference in New Issue View Git Blame Copy Permalink