Google Git
Sign in
cos / third_party / overlays / chromiumos-overlay / 8a10c9027de3313379eed179d730c347cf264f70 / . / chromeos-base / chromeos-installer / files / installer-support-new-dm-format.patch
blob: 4b7b31db87556c8be81c9b5a22ae6d733e1694e1 [file] [log] [blame]
From f1f6ccb855ba3ae9b6b970304a28b9380d62367b Mon Sep 17 00:00:00 2001
From: Meena Shanmugam <meenashanmugam@google.com>
Date: Mon, 10 Oct 2022 00:10:18 +0000
Subject: [PATCH] LAKITU:chromeos-installer: Update postinstall programs to use
new dm format.
COS uses upstream dm format for the upcoming releases. Automatic updates
update the bootloader configurations. Inorder to auto-update work with
the upstream format, these auto-update postinstall programs need to be
modified to support both new and old format. Once these changes are
approved and merged in chromeOS upstream, this patch can be removed.
Change-Id: Icb9af46e0b2bed4aa7c44f658d1b49252fc993bc
---
installer/chromeos_legacy.cc | 31 ++++++++++++++++++++++++------
installer/chromeos_setimage.cc | 35 +++++++++++++++++++++++++++++-----
2 files changed, 55 insertions(+), 11 deletions(-)
diff --git a/installer/chromeos_legacy.cc b/installer/chromeos_legacy.cc
index 2ebc7e9d51..9bc2cd0813 100644
--- a/installer/chromeos_legacy.cc
+++ b/installer/chromeos_legacy.cc
@@ -43,7 +43,10 @@ std::string EfiGrubCfg::GetKernelCommand(BootSlot slot,
if (line.find(kernel_pattern) == string::npos)
continue;
- if (ExtractKernelArg(line, "dm").empty() == want_empty_dm)
+ bool got_empty_dm =
+ ExtractKernelArg(line, "dm").empty() &&
+ ExtractKernelArg(line, "dm-mod.create").empty();
+ if (got_empty_dm == want_empty_dm)
return line;
}
return "";
@@ -59,7 +62,10 @@ bool EfiGrubCfg::ReplaceKernelCommand(BootSlot slot,
if (line.find(kernel_pattern) == string::npos)
continue;
- if (ExtractKernelArg(line, "dm").empty() == want_empty_dm) {
+ bool got_empty_dm =
+ ExtractKernelArg(line, "dm").empty() &&
+ ExtractKernelArg(line, "dm-mod.create").empty();
+ if (got_empty_dm == want_empty_dm) {
DLOG(INFO) << "Replacing: " << line;
line = cmd;
// Continue to replace all matching lines.
@@ -100,15 +106,25 @@ bool EfiGrubCfg::UpdateBootParameters(BootSlot slot,
continue;
DLOG(INFO) << "Updating command: " << line;
- if (ExtractKernelArg(line, "dm").empty()) {
+ if (ExtractKernelArg(line, "dm").empty() &&
+ ExtractKernelArg(line, "dm-mod.create").empty()) {
// If it's an unverified boot line, just set the root partition to boot.
if (!SetKernelArg("root", "PARTUUID=" + root_uuid, &line)) {
LOG(ERROR) << "Unable to update unverified root flag in " << line;
return false;
}
- } else if (!SetKernelArg("dm", verity_args, &line)) {
- LOG(INFO) << "Unable to update verified dm flag.";
- return false;
+ } else {
+ if (!SetKernelArg("dm", verity_args, &line)) {
+ if (!SetKernelArg("dm-mod.create", verity_args, &line)) {
+ LOG(INFO) << "Unable to update verified dm flag.";
+ return false;
+ }
+ }
+ // Update grub.cfg with the new dm format
+ std::size_t found = line.find("dm=");
+ if (found != std::string::npos) {
+ line.replace(found, 3, "dm-mod.create=");
+ }
}
}
return true;
@@ -149,6 +165,9 @@ bool UpdateLegacyKernel(const InstallConfig& install_config) {
string ExpandVerityArguments(const string& kernel_config,
const string& root_uuid) {
string kernel_config_dm = ExtractKernelArg(kernel_config, "dm");
+ if ( kernel_config_dm.empty()) {
+ kernel_config_dm = ExtractKernelArg(kernel_config, "dm-mod.create");
+ }
// The verity config from the kernel contains short hand symbols for
// partition names that we have to expand to specific UUIDs.
diff --git a/installer/chromeos_setimage.cc b/installer/chromeos_setimage.cc
index ff13439430..3af4d6589c 100644
--- a/installer/chromeos_setimage.cc
+++ b/installer/chromeos_setimage.cc
@@ -78,7 +78,12 @@ bool SetImage(const InstallConfig& install_config) {
base::FilePath kernel_config_root =
base::FilePath(ExtractKernelArg(kernel_config, "root"));
+ int version = 0;
string dm_config = ExtractKernelArg(kernel_config, "dm");
+ if (dm_config.empty()) {
+ dm_config = ExtractKernelArg(kernel_config, "dm-mod.create");
+ version =1;
+ }
std::vector<string> dm_parts = base::SplitString(
dm_config, ",", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL);
@@ -96,11 +101,24 @@ bool SetImage(const InstallConfig& install_config) {
return false;
}
+ string rootfs_sectors;
+ string verity_algorithm;
+ string expected_hash;
+ string salt;
// Extract specific verity arguments
- string rootfs_sectors = ExtractKernelArg(verity_args, "hashstart");
- string verity_algorithm = ExtractKernelArg(verity_args, "alg");
- string expected_hash = ExtractKernelArg(verity_args, "root_hexdigest");
- string salt = ExtractKernelArg(verity_args, "salt");
+ if (version == 1) {
+ std::vector<string> verity_parts = base::SplitString(
+ verity_args, " ", base::KEEP_WHITESPACE, base::SPLIT_WANT_ALL);
+ rootfs_sectors = verity_parts[9];
+ verity_algorithm = verity_parts[10];
+ expected_hash = verity_parts[11];
+ salt = verity_parts[12];
+ } else {
+ rootfs_sectors = ExtractKernelArg(verity_args, "hashstart");
+ verity_algorithm = ExtractKernelArg(verity_args, "alg");
+ expected_hash = ExtractKernelArg(verity_args, "root_hexdigest");
+ salt = ExtractKernelArg(verity_args, "salt");
+ }
bool enable_rootfs_verification = IsReadonly(kernel_config_root);
@@ -110,9 +128,16 @@ bool SetImage(const InstallConfig& install_config) {
LOG(INFO) << "Setting up verity.";
LoggingTimerStart();
verity::DmBht bht;
+ uint64_t sectors;
+ if (version == 1) {
+ sectors = (atoi(rootfs_sectors.c_str()) << 3) / 8;
+ } else {
+ sectors = (atoi(rootfs_sectors.c_str())) / 8;
+ }
+
int result = chromeos_verity(&bht, verity_algorithm,
install_config.root.device(), getpagesize(),
- (uint64_t)(atoi(rootfs_sectors.c_str()) / 8),
+ sectors,
salt, expected_hash, enable_rootfs_verification);
LoggingTimerFinish();
--
2.41.0.390.g38632f3daf-goog