r00t2
/
bdisk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

sigh. efi doesn't boot on the mini. also, switch to pygpgme instead of gnupg module. it's so broken. i'm sick of it.

This commit is contained in:
brent s. 2016-12-15 01:53:15 -05:00
parent fca944f30a
commit 78fecbded4
5 changed files with 19 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
bdisk/bdisk.py
View File

@ -31,7 +31,8 @@ if __name__ == '__main__':
build.displayStats(fulliso)
if conf['build']['ipxe']:
bSSL.sslPKI(conf)
iso = ipxe.buildIPXE(conf)
ipxe.buildIPXE(conf)
iso = ipxe.genISO(conf)
if iso:
for x in iso.keys():
if x != 'name':

12
bdisk/build.py
View File

@ -353,6 +353,7 @@ def genISO(conf):
# UNTESTED. TODO.
# I think i want to also get rid of: -boot-load-size 4,
# -boot-info-table, ... possiblyyy -isohybrid-gpt-basedat...
# https://wiki.archlinux.org/index.php/Unified_Extensible_Firmware_Interface#Remove_UEFI_boot_support_from_Optical_Media
cmd = ['/usr/bin/xorriso',
'-as', 'mkisofs',
'-iso-level', '3',
@ -391,7 +392,7 @@ def genISO(conf):
iso['Main']['fmt'] = 'Hybrid ISO'
return(iso)

def signIMG(file, conf):
def signIMG(path, conf):
if conf['build']['gpg']:
# If we enabled GPG signing, we need to figure out if we
# are using a personal key or the automatically generated one.
@ -410,16 +411,17 @@ def signIMG(file, conf):
keyid = gpg.list_keys(True)[0]['keyid']
print('{0}: [BUILD] Signing {1} with {2}...'.format(
datetime.datetime.now(),
file,
path,
keyid))
# TODO: remove this warning when upstream python-gnupg fixes
print('\t\t\t If you see a "ValueError: Unknown status message: \'KEY_CONSIDERED\'" error, ' +
'it can be safely ignored.')
print('\t\t\t If this is taking a VERY LONG time, try installing haveged and starting it. ' +
'This can be done safely in parallel with the build process.')
with open(file, 'rb') as fh:
gpg.sign_file(fh, keyid = keyid, detach = True,
clearsign = False, output = '{0}.sig'.format(file))
data_in = open(path, 'rb')
gpg.sign_file(data_in, keyid = keyid, detach = True,
clearsign = False, output = '{0}.sig'.format(path))
data_in.close()

def displayStats(iso):
for i in iso['name']:

84
bdisk/ipxe.py
View File

@ -18,48 +18,23 @@ def buildIPXE(conf):
tempdir = conf['build']['tempdir']
templates_dir = build['basedir'] + '/extra/templates'
ipxe_tpl = templates_dir + '/iPXE'
patches_dir = tempdir + '/patches'
srcdir = build['srcdir']
embedscript = build['dlpath'] + '/EMBED'
ipxe_src = srcdir + '/ipxe'
ipxe_git_uri = 'git://git.ipxe.org/ipxe.git'
#patches_git_uri = 'https://github.com/eworm-de/ipxe.git' # DO WE EVEN NEED THIS ANYMORE THO
print('{0}: [IPXE] Prep/fetch sources...'.format(
datetime.datetime.now()))
# Get the source and apply some cherrypicks
# Get the source
if os.path.isdir(ipxe_src):
shutil.rmtree(ipxe_src)
ipxe_repo = git.Repo.clone_from(ipxe_git_uri, ipxe_src)
# Generate patches
#os.makedirs(patches_dir, exist_ok = True) # needed?
os.makedirs(img_path, exist_ok = True)
tpl_loader = jinja2.FileSystemLoader(ipxe_tpl)
env = jinja2.Environment(loader = tpl_loader)
#patches = ipxe_repo.create_remote('eworm', patches_git_uri) # needed?
#patches.fetch() # needed?
# TODO: per http://ipxe.org/download#uefi, it builds efi *binaries* now.
# we can probably skip the commit patching from eworm and the iso/eiso
# (and even usb) generation, and instead use the same method we use in genISO
#eiso_commit = '189652b03032305a2db860e76fb58e81e3420c4d' # needed?
#nopie_commit = '58557055e51b2587ad3843af58075de916e5399b' # needed?
# patch files needed?
# for p in ('01.git-version.patch', '02.banner.patch'):
# try:
# tpl = env.get_template('patches/{0}.j2'.format(p))
# tpl_out = tpl.render(bdisk = bdisk)
# with open('{0}/{1}'.format(patches_dir, p), 'w+') as f:
# f.write(tpl_out)
# patchfile = patch.fromfile(patches_dir + '/' + p)
# patchfile.apply(strip = 2, root = ipxe_src + '/src')
# except:
# pass
tpl = env.get_template('EMBED.j2')
tpl_out = tpl.render(ipxe = ipxe)
with open(embedscript, 'w+') as f:
f.write(tpl_out)
# Patch using the files before applying the cherrypicks needed?
# ipxe_repo.git.cherry_pick('-n', eiso_commit)
# ipxe_repo.git.cherry_pick('-n', nopie_commit)
# Feature enabling
# In config/general.h
with open('{0}/src/config/general.h'.format(ipxe_src), 'r') as f:
@ -90,15 +65,12 @@ def buildIPXE(conf):
# Now we make!
cwd = os.getcwd()
os.chdir(ipxe_src + '/src')
# TODO: split this into logic to only create the selected images.
# Command to build the .efi file
modenv = os.environ.copy()
modenv['EMBED'] = embedscript
#modenv['TRUST'] = ipxe_ssl_ca # TODO: test these
#modenv['CERT'] = '{0},{1}'.format(ipxe_ssl_ca, ipxe_ssl_crt) # TODO: test these
#modenv['PRIVKEY'] = ipxe_ssl_ckey # TODO: test these
build_cmd = {}
# This build include the USB image.
build_cmd['base'] = ['/usr/bin/make',
'all',
'EMBED={0}'.format(embedscript)]
@ -110,11 +82,6 @@ def buildIPXE(conf):
'bin-i386-efi/ipxe.efi',
'bin-x86_64-efi/ipxe.efi',
'EMBED={0}'.format(embedscript)]
# Command to build the actual mini image needed?
# build_cmd['iso'] = ['/usr/bin/make',
# 'bin/ipxe.liso',
# 'bin/ipxe.eiso',
# 'EMBED={0}'.format(embedscript)]
# Now we call the commands.
DEVNULL = open(os.devnull, 'w')
if os.path.isfile(build['dlpath'] + '/ipxe.log'):
@ -127,52 +94,16 @@ def buildIPXE(conf):
subprocess.call(build_cmd['base'], stdout = f, stderr = subprocess.STDOUT, env=modenv)
subprocess.call(build_cmd['undi'], stdout = f, stderr = subprocess.STDOUT, env=modenv)
subprocess.call(build_cmd['efi'], stdout = f, stderr = subprocess.STDOUT, env=modenv)
#if mini:
# subprocess.call(build_cmd['iso'], stdout = f, stderr = subprocess.STDOUT, env=modenv)
print('{0}: [IPXE] Built iPXE image(s) successfully.'.format(datetime.datetime.now()))
os.chdir(cwd)
# move the files to the results dir
# TODO: grab ipxe.pxe here too.
# if mini: # needed?
# os.rename('{0}/src/bin/ipxe.eiso'.format(ipxe_src), emini_file)
# os.rename('{0}/src/bin/ipxe.iso'.format(ipxe_src), mini_file)
# Get size etc. of build results
iso = {}
stream = {}
iso['name'] = []
for t in ('usb'): # TODO: do this programmatically based on config
if t == 'usb':
imgname = 'USB'
iso['name'].append(t)
iso[t] = {}
shasum = False
shasum = hashlib.sha256()
if t == 'mini':
isopath = mini_file
stream = False
if os.path.isfile(isopath):
with open(isopath, 'rb') as f:
while True:
stream = f.read(65536) # 64kb chunks
if not stream:
break
shasum.update(stream)
iso[t]['sha'] = shasum.hexdigest()
iso[t]['file'] = isopath
iso[t]['size'] = humanize.naturalsize(os.path.getsize(isopath))
iso[t]['type'] = 'iPXE {0}'.format(imgname)
if t == 'usb':
iso[t]['fmt'] = 'Image'
elif t == 'mini':
iso[t]['fmt'] = 'ISO'
return(iso)

def genISO(conf):
build = conf['build']
bdisk = conf['bdisk']
ipxe = conf['ipxe']
arch = build['arch']
ver = build['ver']
ver = bdisk['ver']
isodir = build['isodir']
isofile = '{0}-{1}-{2}.mini.iso'.format(bdisk['uxname'], bdisk['ver'], build['buildnum'])
isopath = '{0}/{1}'.format(isodir, isofile)
tempdir = build['tempdir']
@ -186,7 +117,7 @@ def genISO(conf):
tpl_loader = jinja2.FileSystemLoader(templates_dir)
env = jinja2.Environment(loader = tpl_loader)
bootdir = tempdir + '/ipxe_mini'
efiboot_img = bootdir + '/efiboot.efi'
efiboot_img = bootdir + '/EFI/BOOT/mini.efi'
innerefi64 = '{0}/src/bin-x86_64-efi/ipxe.efi'.format(ipxe_src)
efi = False
# this shouldn't be necessary... if it is, we can revisit this in the future. see "Inner dir" below.
@ -198,7 +129,8 @@ def genISO(conf):
print('{0}: [IPXE] UEFI support for Mini ISO...'.format(datetime.datetime.now()))
if os.path.isdir(bootdir):
shutil.rmtree(bootdir)
# Inner dir (efiboot.img file)
os.makedirs('{0}/EFI/BOOT'.format(bootdir), exist_ok = True) # EFI
# Inner dir (efiboot.efi file)
sizetotal = 65536 # 64K wiggle room. increase this if we add IA64.
sizetotal += os.path.getsize(innerefi64)
print("{0}: [IPXE] Creating EFI ESP image {1} ({2})...".format(
@ -220,7 +152,6 @@ def genISO(conf):
subprocess.call(cmd)
# Outer dir
os.makedirs('{0}/boot'.format(bootdir), exist_ok = True) # kernel(s)
os.makedirs('{0}/EFI/BOOT'.format(bootdir), exist_ok = True) # EFI
os.makedirs('{0}/loader/entries'.format(bootdir), exist_ok = True) # EFI
os.makedirs('{0}/isolinux'.format(bootdir), exist_ok = True) # BIOS
# we reuse the preloader.efi from full ISO build
@ -266,7 +197,7 @@ def genISO(conf):
'-boot-info-table',
'-isohybrid-mbr', '{0}/root.{1}/usr/lib/syslinux/bios/isohdpfx.bin'.format(chrootdir, arch[0]),
'-eltorito-alt-boot',
'-e', 'efiboot.img',
'-e', 'efiboot.efi',
'-no-emul-boot',
'-isohybrid-gpt-basdat',
'-output', isopath,
@ -275,6 +206,7 @@ def genISO(conf):
# UNTESTED. TODO.
# I think i want to also get rid of: -boot-load-size 4,
# -boot-info-table, ... possiblyyy -isohybrid-gpt-basedat...
# https://wiki.archlinux.org/index.php/Unified_Extensible_Firmware_Interface#Remove_UEFI_boot_support_from_Optical_Media
cmd = ['/usr/bin/xorriso',
'-as', 'mkisofs',
'-iso-level', '3',

2
extra/templates/iPXE/isolinux.cfg.j2 → extra/templates/iPXE/BIOS/isolinux.cfg.j2
View File

@ -3,5 +3,5 @@ PROMPT 0
TIMEOUT 10

LABEL ipxe
KERNEL ipxe.lkrn
KERNEL boot/ipxe.krn

2
extra/templates/iPXE/EFI/base.conf.j2
View File

@ -1,3 +1,3 @@
title {{ bdisk['pname'] }} iPXE (netboot)
efi /efiboot.img
efi /EFI/BOOT/efiboot.efi