2016-07-26 14:01:58 -05:00
|
|
|
#!/bin/sh
|
2016-03-16 01:38:26 -05:00
|
|
|
# Copyright (C) 2016 Arista Networks, Inc.
|
|
|
|
#
|
|
|
|
# This program is free software: you can redistribute it and/or modify
|
|
|
|
# it under the terms of the GNU General Public License as published by
|
|
|
|
# the Free Software Foundation, either version 3 of the License, or
|
|
|
|
# (at your option) any later version.
|
|
|
|
#
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
# GNU General Public License for more details.
|
|
|
|
#
|
|
|
|
# You should have received a copy of the GNU General Public License
|
|
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
2018-03-07 17:28:14 -06:00
|
|
|
# Aboot stage 0 boot script
|
|
|
|
#
|
|
|
|
# This boot0 script can be used in different scenario
|
|
|
|
# - Installation and boot from Aboot (manual or reboot on a new image)
|
|
|
|
# - EOS to SONiC fast-reboot (installation and kexec in EOS)
|
|
|
|
# - SONiC to SONiC fast-reboot (installation and kexec in SONiC)
|
|
|
|
#
|
|
|
|
# Use it this way:
|
|
|
|
# - swipath=path/to/swi install=true boot0
|
|
|
|
# - swipath=path/to/swi install=true force=true boot0
|
|
|
|
# - swipath=path/to/swi kexec=true boot0
|
|
|
|
#
|
|
|
|
# The logic defaults to the first scenario but providing extra environment variable
|
|
|
|
# will affect the behavior of the script.
|
|
|
|
# The list of variables is maintained here
|
|
|
|
# - KERNEL : relative path to the kernel to execute
|
|
|
|
# - INITRD : relative path to the initrd to load
|
|
|
|
# - CMDLINE : place to find the default kernel cmdline to use for the platform
|
2018-12-04 12:08:55 -06:00
|
|
|
# - VERBOSE : setting it to 1 will enable debug traces
|
2018-03-07 17:28:14 -06:00
|
|
|
#
|
|
|
|
# By default the boot0 script will behave for an Aboot based behavior.
|
|
|
|
# Options can be provided to only run some features of this script.
|
|
|
|
#
|
|
|
|
# Extra kernel parameters can be provided at runtime by the user by adding them
|
2020-06-22 11:30:31 -05:00
|
|
|
# into the kernel-params file.
|
|
|
|
#
|
|
|
|
# Secureboot of SONiC SWI images is also supported.
|
|
|
|
# In such cases, there will only be a partial install on the flash.
|
|
|
|
# SONiC will be mostly booting in RAM as a live operating system.
|
2016-03-16 01:38:26 -05:00
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
# All templated variables should be declared here
|
2018-03-07 17:28:14 -06:00
|
|
|
image_name="image-%%IMAGE_VERSION%%"
|
2018-12-04 12:08:55 -06:00
|
|
|
dockerfs="{{ FILESYSTEM_DOCKERFS }}"
|
2020-06-22 11:30:31 -05:00
|
|
|
boot_image="{{ ABOOT_BOOT_IMAGE }}"
|
|
|
|
installer_image="sonic.swi"
|
|
|
|
docker_dir="{{ DOCKERFS_DIR }}"
|
2018-03-07 17:28:14 -06:00
|
|
|
|
|
|
|
do_not_clean="do-not-clean"
|
|
|
|
kernel_params="kernel-params"
|
2017-02-01 15:02:29 -06:00
|
|
|
|
|
|
|
aboot_machine="arista_unknown"
|
|
|
|
|
2018-12-04 12:08:55 -06:00
|
|
|
info() { printf "%04.2f: $@\n" "$(cut -f1 -d' ' /proc/uptime)"; }
|
|
|
|
err() { info "Error: $@"; }
|
|
|
|
warn() { info "Warning: $@"; }
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
if [ $# -ne 0 ]; then
|
|
|
|
echo "usage: $0 (see code)"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2020-12-24 00:38:59 -06:00
|
|
|
mountpoint_for_file() {
|
|
|
|
local file="$1"
|
|
|
|
df "$file" | tail -1 | tr -s " " | cut -d ' ' -f6
|
|
|
|
}
|
|
|
|
|
2018-03-07 17:28:14 -06:00
|
|
|
# extract mount point from the swi path, e.g., /mnt/flash/sonic.swi --> /mnt/flash
|
|
|
|
if [ -z "$target_path" ]; then
|
|
|
|
if [ -z "$swipath" ]; then
|
2018-12-04 12:08:55 -06:00
|
|
|
err "target_path= is required when swipath= is not provided"
|
2018-03-07 17:28:14 -06:00
|
|
|
exit 1
|
|
|
|
fi
|
2020-12-24 00:38:59 -06:00
|
|
|
target_path=$(mountpoint_for_file "$swipath")
|
2018-03-07 17:28:14 -06:00
|
|
|
fi
|
|
|
|
image_path="$target_path/$image_name"
|
2018-12-04 12:08:55 -06:00
|
|
|
hook_path="$image_path/platform/hooks"
|
|
|
|
data_path="$image_path/platform/data"
|
2020-07-17 17:07:12 -05:00
|
|
|
boot_image_path="$image_path/$boot_image"
|
2020-06-22 11:30:31 -05:00
|
|
|
installer_image_path="$image_path/$installer_image"
|
2017-02-01 15:02:29 -06:00
|
|
|
|
2018-09-20 02:19:40 -05:00
|
|
|
boot_config="$target_path/boot-config"
|
2018-03-07 17:28:14 -06:00
|
|
|
|
2022-06-02 02:35:17 -05:00
|
|
|
cmdline_allowlist="crashkernel hwaddr_ma1 sonic_fips"
|
2016-03-16 01:38:26 -05:00
|
|
|
|
2018-12-04 12:08:55 -06:00
|
|
|
# for backward compatibility with the sonic_upgrade= behavior
|
|
|
|
install="${install:-${sonic_upgrade:-}}"
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
is_secureboot_enabled() {
|
|
|
|
if $in_aboot; then
|
|
|
|
if [ -x /bin/securebootctl ] && securebootctl sb -display | grep -q "Secure Boot enabled"; then
|
|
|
|
return 0
|
2016-03-16 01:38:26 -05:00
|
|
|
fi
|
2020-06-22 11:30:31 -05:00
|
|
|
return 1
|
|
|
|
else
|
|
|
|
if grep -q aboot.secureboot /proc/cmdline; then
|
|
|
|
return 0
|
|
|
|
fi
|
|
|
|
# FIXME: EOS is not handled here
|
|
|
|
return 1
|
|
|
|
fi
|
2016-03-16 01:38:26 -05:00
|
|
|
}
|
|
|
|
|
2017-05-01 17:16:33 -05:00
|
|
|
clean_flash() {
|
2017-04-01 01:51:59 -05:00
|
|
|
## Remove all the other unnecssary files except swi file, boot-config
|
|
|
|
for f in $(ls -A $target_path); do
|
2017-06-02 03:31:53 -05:00
|
|
|
if [ $f != "${swipath##*/}" ] &&
|
|
|
|
[ $f != "boot-config" ] &&
|
2020-07-17 17:07:12 -05:00
|
|
|
[ $f != "preserve-installer" ] &&
|
2018-03-07 17:28:14 -06:00
|
|
|
[ $f != "$kernel_params" ] &&
|
2018-12-04 12:08:55 -06:00
|
|
|
[ $f != "aquota.user" ] &&
|
2018-09-28 23:27:41 -05:00
|
|
|
[ $f != "old_config" ] &&
|
2019-11-06 22:18:31 -06:00
|
|
|
[ $f != "minigraph.xml" ] &&
|
|
|
|
[ $f != "snmp.yml" ] &&
|
2021-07-14 19:56:35 -05:00
|
|
|
[ $f != "acl.json" ] &&
|
|
|
|
[ $f != "port_config.json" ]
|
2017-06-02 03:31:53 -05:00
|
|
|
then
|
2017-04-01 01:51:59 -05:00
|
|
|
rm -rf "$target_path/$f"
|
|
|
|
fi
|
|
|
|
done
|
2017-05-01 17:16:33 -05:00
|
|
|
}
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
in_array() {
|
|
|
|
local value="$1"
|
|
|
|
shift
|
|
|
|
|
|
|
|
for other in $@; do
|
|
|
|
if [ "$value" = "$other" ]; then
|
|
|
|
return 0
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
return 1
|
|
|
|
}
|
|
|
|
|
2018-09-20 02:19:40 -05:00
|
|
|
update_boot_config() {
|
|
|
|
local key="$1"
|
|
|
|
local value="$2"
|
|
|
|
|
|
|
|
if grep "$key" "$boot_config" 2>&1 > /dev/null; then
|
|
|
|
sed -i "s#^$key=.*\$#$key=$value#" "$boot_config"
|
|
|
|
else
|
|
|
|
echo "$key=$value" >> "$boot_config"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
get_boot_config() {
|
|
|
|
local key="$1"
|
|
|
|
|
|
|
|
sed -n "s#^$key=##p" "$boot_config" || :
|
|
|
|
}
|
|
|
|
|
|
|
|
update_next_boot() {
|
|
|
|
local default="$(get_boot_config SWI_DEFAULT)"
|
|
|
|
|
|
|
|
if [ -z "$default" ]; then
|
2018-12-04 12:08:55 -06:00
|
|
|
warn "boot-config has no variable SWI_DEFAULT"
|
2018-09-20 02:19:40 -05:00
|
|
|
else
|
2020-06-22 11:30:31 -05:00
|
|
|
info "Next reboot will use $default"
|
2018-09-20 02:19:40 -05:00
|
|
|
update_boot_config SWI "$default"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
get_sorted_hooks() {
|
|
|
|
echo $(find "$1" -name '[0-9][0-9]-*' -type f)
|
|
|
|
}
|
|
|
|
|
|
|
|
run_hooks() {
|
|
|
|
if [ -d "$hook_path/$1" ]; then
|
|
|
|
for hook in $(get_sorted_hooks "$hook_path/$1"); do
|
|
|
|
if [ ! -z "$hook" ]; then
|
|
|
|
info "Running hook $(basename $hook)"
|
|
|
|
. "$hook"
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
}
|
2019-05-15 14:45:06 -05:00
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
get_uuid_for() {
|
|
|
|
local dev="$1"
|
|
|
|
|
|
|
|
if type lsblk 2>&1 > /dev/null; then
|
|
|
|
lsblk "$dev" -n --output UUID
|
|
|
|
elif type blkid 2>&1 > /dev/null; then
|
|
|
|
blkid | grep "^$dev" | sed -n 's/^.* UUID="//p' | sed 's/".*$//'
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
cmdline_append() {
|
|
|
|
cat >> /tmp/append
|
|
|
|
}
|
|
|
|
|
|
|
|
cmdline_clear() {
|
|
|
|
echo -n > /tmp/append
|
|
|
|
}
|
|
|
|
|
|
|
|
cmdline_add() {
|
|
|
|
echo "$@" >> /tmp/append
|
|
|
|
}
|
|
|
|
|
|
|
|
cmdline_has() {
|
|
|
|
grep -q "$1" /tmp/append
|
|
|
|
}
|
|
|
|
|
|
|
|
cmdline_echo() {
|
|
|
|
# echo trims and remove whitespace duplicates
|
|
|
|
echo $(cat /tmp/append | tr '\n' ' ')
|
|
|
|
}
|
|
|
|
|
|
|
|
cmdline_get() {
|
|
|
|
# extract last matching value for key
|
|
|
|
sed -nr "s/.*$1=([^ ]+).*/\1/p" /tmp/append | tail -n 1
|
|
|
|
}
|
|
|
|
|
|
|
|
find_first_kernel_under() {
|
|
|
|
local path="$1"
|
|
|
|
find "$path" -name 'vmlinuz-*' -type f | head -n 1
|
|
|
|
}
|
|
|
|
|
|
|
|
find_first_initrd_under() {
|
|
|
|
local path="$1"
|
|
|
|
find "$path" -name 'initrd.img-*' -type f | head -n 1
|
|
|
|
}
|
|
|
|
|
2020-12-24 00:38:59 -06:00
|
|
|
is_file_in_memory() {
|
|
|
|
local file="$1"
|
|
|
|
local filemnt=$(mountpoint_for_file "$file")
|
|
|
|
local filemntfs=$(mount | grep " $filemnt " | cut -f5 -d' ')
|
|
|
|
|
|
|
|
case "$filemntfs" in
|
|
|
|
tmpfs|ramfs) return 0;;
|
|
|
|
*) return 1;;
|
|
|
|
esac
|
|
|
|
}
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
get_tmpfs() {
|
2020-12-24 00:38:59 -06:00
|
|
|
local tmpfs="$(mktemp -d)"
|
2020-06-22 11:30:31 -05:00
|
|
|
|
|
|
|
mkdir -p "$tmpfs"
|
2019-05-15 14:45:06 -05:00
|
|
|
if ! $in_aboot && ! mount | grep -q ' /tmp type tmpfs'; then
|
2020-06-22 11:30:31 -05:00
|
|
|
# mount a real tmpfs on /tmp/xxx if /tmp is not one already.
|
|
|
|
mount -t tmpfs "$(dirname $tmpfs)" "$tmpfs"
|
2019-05-15 14:45:06 -05:00
|
|
|
fi
|
2020-06-22 11:30:31 -05:00
|
|
|
echo "$tmpfs"
|
|
|
|
}
|
|
|
|
|
|
|
|
clean_tmpfs() {
|
|
|
|
local tmpfs="$1"
|
2020-12-24 00:38:59 -06:00
|
|
|
|
|
|
|
case "$tmpfs" in
|
|
|
|
/tmp) return 0;;
|
|
|
|
/tmp/*);; # only cleanup tmpfs created by this script
|
|
|
|
*) return 0;;
|
|
|
|
esac
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
if mount | grep -q "$tmpfs"; then
|
|
|
|
umount "$tmpfs" || :
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
move_swi_to_tmpfs() {
|
|
|
|
local oldswi="$1"
|
2020-12-24 00:38:59 -06:00
|
|
|
|
|
|
|
if is_file_in_memory "$oldswi"; then
|
|
|
|
echo "$oldswi"
|
|
|
|
return 0
|
|
|
|
fi
|
|
|
|
|
|
|
|
local tmpfs="$(get_tmpfs)"
|
2020-06-22 11:30:31 -05:00
|
|
|
local newswi="$tmpfs/$(basename "$oldswi")"
|
2019-05-15 14:45:06 -05:00
|
|
|
|
|
|
|
mv "$oldswi" "$newswi"
|
|
|
|
echo "$newswi"
|
|
|
|
}
|
|
|
|
|
|
|
|
cleanup_swi_tmpfs() {
|
|
|
|
rm -f "$swipath"
|
2020-12-24 00:38:59 -06:00
|
|
|
clean_tmpfs "$(mountpoint_for_file "$swipath")"
|
2019-05-15 14:45:06 -05:00
|
|
|
}
|
|
|
|
|
2020-07-27 20:56:25 -05:00
|
|
|
mount_relpath() {
|
|
|
|
local abspath="$1"
|
|
|
|
local mountpath="$(df "$abspath" | sed -nr '/\//s/^.* ([^ ]+)$/\1/p')"
|
|
|
|
|
|
|
|
echo "$abspath" | sed "s#^$mountpath/##"
|
|
|
|
}
|
|
|
|
|
|
|
|
zip_file_offset() {
|
|
|
|
local zipfile="$1"
|
|
|
|
local filename="$2"
|
|
|
|
|
|
|
|
if $in_aboot; then
|
|
|
|
unzip -qqf "$zipfile" "$filename"
|
|
|
|
else
|
|
|
|
local hexoffset="$(zipdetails "$zipfile" | sed -En "/Filename +'$filename'/,/^$/p" | sed -En 's/^([^ ]+) PAYLOAD$/\1/p')"
|
|
|
|
echo "$((0x$hexoffset))"
|
|
|
|
fi
|
|
|
|
}
|
2017-04-21 19:23:36 -05:00
|
|
|
|
2020-07-17 17:07:12 -05:00
|
|
|
SWI_ALREADY_INSTALLED=0
|
|
|
|
SWI_NOT_INSTALLED=1
|
|
|
|
SWI_VERSION_MISMATCH=2
|
|
|
|
SWI_OTHER_VARIANT_INSTALLED=3
|
|
|
|
|
|
|
|
is_swi_installed() {
|
|
|
|
local swi_path="$1"
|
|
|
|
local swi_version="$(unzip -qp "$swi_path" .imagehash)"
|
|
|
|
local local_version="$(cat $image_path/.imagehash 2>/dev/null || :)"
|
|
|
|
|
|
|
|
if [ -z "$local_version" ]; then
|
|
|
|
# no image installed for this version
|
|
|
|
return $SWI_NOT_INSTALLED
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ "$swi_version" != "$local_version" ]; then
|
|
|
|
warn "Installed image has a different version than $swipath"
|
|
|
|
return $SWI_VERSION_MISMATCH
|
|
|
|
fi
|
|
|
|
|
|
|
|
if $secureboot; then
|
|
|
|
if [ -s "$installer_image_path" ]; then
|
|
|
|
# secureboot image already installed
|
|
|
|
return $SWI_ALREADY_INSTALLED
|
|
|
|
else
|
|
|
|
# regular image of the same version already installed
|
|
|
|
return $SWI_OTHER_VARIANT_INSTALLED
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
if [ -s "$boot_image_path" ]; then
|
|
|
|
# regular image already installed
|
|
|
|
return $SWI_ALREADY_INSTALLED
|
|
|
|
else
|
|
|
|
# secureboot image of the same version already installed
|
|
|
|
return $SWI_OTHER_VARIANT_INSTALLED
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
extract_image() {
|
2019-05-15 14:45:06 -05:00
|
|
|
info "Moving swi to a tmpfs"
|
|
|
|
## Avoid problematic flash usage spike on older systems, also improves I/O
|
2020-06-22 11:30:31 -05:00
|
|
|
swipath="$(move_swi_to_tmpfs "$swipath")"
|
2019-05-15 14:45:06 -05:00
|
|
|
|
2018-12-04 12:08:55 -06:00
|
|
|
info "Extracting swi content"
|
2017-06-06 12:41:06 -05:00
|
|
|
## Unzip the image except boot0 and dockerfs archive
|
2018-12-04 12:08:55 -06:00
|
|
|
unzip -oq "$swipath" -x boot0 "$dockerfs" -d "$image_path"
|
2017-02-05 00:32:45 -06:00
|
|
|
|
2017-02-06 00:11:52 -06:00
|
|
|
## detect rootfs type
|
2022-03-15 20:12:49 -05:00
|
|
|
local mountstr="$(grep " $target_path " /proc/mounts)"
|
|
|
|
local rootdev="$(echo $mountstr | cut -f1 -d' ')"
|
|
|
|
rootfs_type="$(echo $mountstr | cut -d' ' -f3)"
|
|
|
|
|
2018-12-04 12:08:55 -06:00
|
|
|
info "Extracting $dockerfs from swi"
|
2019-08-07 01:04:00 -05:00
|
|
|
## Unpacking dockerfs delayed
|
|
|
|
## 1. when disk is vfat as it does not support symbolic link
|
|
|
|
## 2. when disk is small, expand it into ramfs during initrd
|
2020-06-22 11:30:31 -05:00
|
|
|
if [ "$rootfs_type" != "vfat" ] && ! cmdline_has docker_inram=on; then
|
|
|
|
mkdir -p "$image_path/$docker_dir"
|
2017-02-06 10:17:16 -06:00
|
|
|
|
2018-12-04 12:08:55 -06:00
|
|
|
if [ -n "$install" ]; then
|
|
|
|
TAR_EXTRA_OPTION="--numeric-owner --warning=no-timestamp"
|
2017-05-31 21:27:47 -05:00
|
|
|
fi
|
|
|
|
|
2017-02-06 10:17:16 -06:00
|
|
|
## extract docker archive
|
2020-06-22 11:30:31 -05:00
|
|
|
unzip -oqp "$swipath" "$dockerfs" | tar xzf - -C "$image_path/$docker_dir" $TAR_EXTRA_OPTION
|
2017-02-06 00:11:52 -06:00
|
|
|
else
|
2017-06-06 12:41:06 -05:00
|
|
|
## save dockerfs archive in the image directory
|
2018-12-04 12:08:55 -06:00
|
|
|
unzip -oq "$swipath" "$dockerfs" -d "$image_path"
|
2019-08-07 01:04:00 -05:00
|
|
|
info "Unpacking $dockerfs delayed to initrd because $target_path is $rootfs_type or docker_inram is on"
|
2017-02-06 00:11:52 -06:00
|
|
|
fi
|
2017-02-05 17:59:59 -06:00
|
|
|
|
2019-05-15 14:45:06 -05:00
|
|
|
## remove installer since it's not needed anymore
|
2020-06-22 11:30:31 -05:00
|
|
|
if $preserve_installer; then
|
|
|
|
info "Preserving installer under $installer_image_path"
|
|
|
|
mv "$swipath" "$installer_image_path"
|
|
|
|
chmod a+r "$installer_image_path"
|
|
|
|
else
|
|
|
|
info "Remove installer"
|
2020-12-24 00:38:59 -06:00
|
|
|
cleanup_swi_tmpfs "$swipath"
|
2020-06-22 11:30:31 -05:00
|
|
|
fi
|
2019-05-15 14:45:06 -05:00
|
|
|
|
2017-04-21 19:23:36 -05:00
|
|
|
## use new reduced-size boot swi
|
2020-06-22 11:30:31 -05:00
|
|
|
local swi_boot_path="flash:$image_name/$boot_image"
|
2018-09-20 02:19:40 -05:00
|
|
|
update_boot_config SWI "$swi_boot_path"
|
|
|
|
update_boot_config SWI_DEFAULT "$swi_boot_path"
|
2017-04-21 19:23:36 -05:00
|
|
|
|
2017-02-17 00:10:29 -06:00
|
|
|
## sync disk operations
|
|
|
|
sync
|
2017-02-01 15:02:29 -06:00
|
|
|
}
|
2016-07-26 14:01:58 -05:00
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
extract_image_secureboot() {
|
|
|
|
info "Extracting necessary swi content"
|
2021-02-02 03:55:09 -06:00
|
|
|
# NOTE: boot/ is not used by the boot process but only extracted for kdump
|
|
|
|
unzip -oq "$swipath" 'boot/*' platform/firsttime .imagehash -d "$image_path"
|
2020-06-22 11:30:31 -05:00
|
|
|
|
|
|
|
info "Installing image as $installer_image_path"
|
|
|
|
mv "$swipath" "$installer_image_path"
|
|
|
|
chmod a+r "$installer_image_path"
|
|
|
|
swipath="$installer_image_path"
|
|
|
|
|
|
|
|
local swi_boot_path="flash:$image_name/$installer_image"
|
|
|
|
update_boot_config SWI "$swi_boot_path"
|
|
|
|
update_boot_config SWI_DEFAULT "$swi_boot_path"
|
|
|
|
|
|
|
|
sync
|
|
|
|
}
|
|
|
|
|
|
|
|
prepare_image_secureboot() {
|
|
|
|
local boot_tmpfs="$(get_tmpfs)"
|
|
|
|
|
|
|
|
info "Extracting boot content in tmpfs"
|
|
|
|
unzip -oq "$swipath" 'boot/*' -d "$boot_tmpfs"
|
|
|
|
|
|
|
|
info "Generating machine.conf and cmdline"
|
|
|
|
write_secureboot_configs
|
|
|
|
|
|
|
|
sync
|
|
|
|
|
|
|
|
# override environment variables preventing external tamper on kernel execution
|
2020-07-27 20:56:25 -05:00
|
|
|
CMDLINE="$(cmdline_echo) $ENV_EXTRA_CMDLINE"
|
2020-06-22 11:30:31 -05:00
|
|
|
KERNEL="$(find_first_kernel_under "$boot_tmpfs")"
|
|
|
|
INITRD="$(find_first_initrd_under "$boot_tmpfs")"
|
|
|
|
}
|
|
|
|
|
2017-02-01 15:02:29 -06:00
|
|
|
write_machine_config() {
|
2016-07-26 14:01:58 -05:00
|
|
|
## Detect SKU and create a hardware description file
|
2020-06-22 11:30:31 -05:00
|
|
|
aboot_version=$(cmdline_get Aboot | sed 's/^.*norcal.-//')
|
2018-03-07 17:28:14 -06:00
|
|
|
if [ -x /bin/sysinit ]; then
|
|
|
|
aboot_build_date=$(stat -c %y /bin/sysinit | sed 's/ /T/')
|
|
|
|
else
|
|
|
|
aboot_build_date="unknown"
|
|
|
|
fi
|
2017-02-01 15:02:29 -06:00
|
|
|
cat <<EOF > ${target_path}/machine.conf
|
2016-07-26 14:01:58 -05:00
|
|
|
aboot_version=$aboot_version
|
|
|
|
aboot_vendor=arista
|
|
|
|
aboot_platform=x86_64-$aboot_machine
|
|
|
|
aboot_machine=$aboot_machine
|
|
|
|
aboot_arch=x86_64
|
|
|
|
aboot_build_date=$aboot_build_date
|
|
|
|
EOF
|
2018-03-07 17:28:14 -06:00
|
|
|
chmod a+r "${target_path}/machine.conf"
|
2017-02-01 15:02:29 -06:00
|
|
|
}
|
2016-07-26 14:01:58 -05:00
|
|
|
|
2020-01-17 12:44:49 -06:00
|
|
|
read_system_eeprom() {
|
2020-06-22 11:30:31 -05:00
|
|
|
if [ -x /bin/readprefdl ] && [ -f /tmp/.system-prefdl ]; then
|
2020-01-17 12:44:49 -06:00
|
|
|
readprefdl -f /tmp/.system-prefdl -d > $target_path/.system-prefdl
|
|
|
|
elif [ -f /etc/prefdl ]; then
|
|
|
|
cp /etc/prefdl $target_path/.system-prefdl
|
|
|
|
chmod a+r $target_path/.system-prefdl
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
write_platform_specific_cmdline() {
|
|
|
|
local platform="$(cmdline_get platform)"
|
|
|
|
local sid="$(cmdline_get sid | sed 's/Ssd$//')"
|
2017-06-02 03:31:53 -05:00
|
|
|
|
|
|
|
# set varlog size to 100MB
|
2017-08-05 22:56:32 -05:00
|
|
|
local varlog_size=100
|
2017-06-02 03:31:53 -05:00
|
|
|
|
2020-09-10 03:34:38 -05:00
|
|
|
# sonic_mode is set to fixed by default.
|
|
|
|
sonic_mode="fixed"
|
|
|
|
supervisor_mode="supervisor"
|
|
|
|
linecard_mode="linecard"
|
|
|
|
|
2018-08-21 02:58:16 -05:00
|
|
|
# detect the size of the flash partition from name in Aboot/EOS/SONiC
|
2020-07-27 20:56:25 -05:00
|
|
|
local flash_size=$(($(df "$target_path" | tail -1 | tr -s ' ' | cut -f2 -d' ') / 1000))
|
2017-11-22 04:58:20 -06:00
|
|
|
|
2017-02-01 15:02:29 -06:00
|
|
|
if [ "$platform" = "raven" ]; then
|
2020-01-17 12:44:49 -06:00
|
|
|
# Assuming sid=Cloverdale
|
2017-02-01 15:02:29 -06:00
|
|
|
aboot_machine=arista_7050_qx32
|
2017-11-22 04:58:20 -06:00
|
|
|
flash_size=2000
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add modprobe.blacklist=radeon,sp5100_tco
|
|
|
|
cmdline_add acpi=off
|
2017-02-01 15:02:29 -06:00
|
|
|
fi
|
|
|
|
if [ "$platform" = "crow" ]; then
|
2020-01-17 12:44:49 -06:00
|
|
|
# Assuming sid=Clearlake
|
2017-02-01 15:02:29 -06:00
|
|
|
aboot_machine=arista_7050_qx32s
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add modprobe.blacklist=radeon,sp5100_tco
|
2017-02-03 18:32:42 -06:00
|
|
|
fi
|
2020-01-17 12:44:49 -06:00
|
|
|
if [ "$sid" = "Upperlake" ] || [ "$sid" = "UpperlakeES" ]; then
|
2017-02-03 18:32:42 -06:00
|
|
|
aboot_machine=arista_7060_cx32s
|
2017-11-22 04:58:20 -06:00
|
|
|
flash_size=3700
|
2017-02-01 15:02:29 -06:00
|
|
|
fi
|
2020-03-27 19:28:27 -05:00
|
|
|
if [ "$sid" = "UpperlakePlus" ]; then
|
|
|
|
aboot_machine=arista_7060cx2_32s
|
|
|
|
flash_size=3700
|
|
|
|
fi
|
2020-01-17 12:44:49 -06:00
|
|
|
if [ "$sid" = "Gardena" ] || [ "$sid" = "GardenaE" ]; then
|
2017-08-05 22:56:32 -05:00
|
|
|
aboot_machine=arista_7260cx3_64
|
2017-11-22 04:58:20 -06:00
|
|
|
flash_size=28000
|
2017-08-05 22:56:32 -05:00
|
|
|
fi
|
2020-01-17 12:44:49 -06:00
|
|
|
if [ "$sid" = "Alhambra" ]; then
|
2018-07-03 19:10:11 -05:00
|
|
|
aboot_machine=arista_7170_64c
|
|
|
|
flash_size=28000
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add hugepages=128
|
2018-07-03 19:10:11 -05:00
|
|
|
fi
|
2020-03-27 19:28:27 -05:00
|
|
|
if [ "$sid" = "Mineral" ]; then
|
|
|
|
aboot_machine=arista_7170_32c
|
|
|
|
flash_size=28000
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add hugepages=128
|
2020-03-27 19:28:27 -05:00
|
|
|
fi
|
|
|
|
if [ "$sid" = "MineralD" ]; then
|
|
|
|
aboot_machine=arista_7170_32cd
|
|
|
|
flash_size=28000
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add hugepages=128
|
2020-03-27 19:28:27 -05:00
|
|
|
fi
|
2021-12-08 13:33:36 -06:00
|
|
|
if [ "$sid" = "Woodleaf" ]; then
|
|
|
|
aboot_machine=arista_7170b_64c
|
|
|
|
cmdline_add hugepages=128
|
|
|
|
fi
|
2020-01-17 12:44:49 -06:00
|
|
|
if [ "$sid" = "Lodoga" ]; then
|
|
|
|
aboot_machine=arista_7050cx3_32s
|
|
|
|
fi
|
2021-02-19 12:48:52 -06:00
|
|
|
if [ "$sid" = "Marysville" ]; then
|
|
|
|
aboot_machine=arista_7050sx3_48yc8
|
|
|
|
flash_size=7382
|
|
|
|
fi
|
|
|
|
if [ "$sid" = "Marysville10" ]; then
|
|
|
|
aboot_machine=arista_7050sx3_48c8
|
|
|
|
flash_size=7382
|
|
|
|
fi
|
2019-02-09 00:02:01 -06:00
|
|
|
if [ "$sid" = "BlackhawkO" ]; then
|
|
|
|
aboot_machine=arista_7060px4_32
|
|
|
|
flash_size=28000
|
|
|
|
fi
|
2020-12-04 12:11:06 -06:00
|
|
|
if [ "$sid" = "BlackhawkDD" ] || [ "$sid" = "BlackhawkDDM" ]; then
|
2019-02-09 00:02:01 -06:00
|
|
|
aboot_machine=arista_7060dx4_32
|
|
|
|
flash_size=28000
|
|
|
|
fi
|
2020-01-17 12:44:49 -06:00
|
|
|
if [ "$sid" = "Smartsville" ]; then
|
2019-05-18 12:34:07 -05:00
|
|
|
aboot_machine=arista_7280cr3_32p4
|
|
|
|
fi
|
2020-01-17 12:44:49 -06:00
|
|
|
if [ "$sid" = "SmartsvilleBK" ]; then
|
2019-11-06 12:11:38 -06:00
|
|
|
aboot_machine=arista_7280cr3k_32p4
|
2021-02-19 12:48:52 -06:00
|
|
|
fi
|
|
|
|
if [ "$sid" = "SmartsvilleBkMs" ] || [ "$sid" = "SmartsvilleBkMsTpm" ]; then
|
|
|
|
aboot_machine=arista_7280cr3mk_32p4
|
2019-11-06 12:11:38 -06:00
|
|
|
fi
|
2020-01-17 12:44:49 -06:00
|
|
|
if [ "$sid" = "SmartsvilleDD" ]; then
|
2019-11-06 12:11:38 -06:00
|
|
|
aboot_machine=arista_7280cr3_32d4
|
|
|
|
fi
|
2020-05-28 16:59:00 -05:00
|
|
|
if [ "$sid" = "SmartsvilleDDBK" ]; then
|
|
|
|
aboot_machine=arista_7280cr3k_32d4
|
2021-02-19 12:48:52 -06:00
|
|
|
fi
|
|
|
|
if [ "$sid" = "SmartsvilleDDBkMs" ] || [ "$sid" = "SmartsvilleDDBkMsTpm" ]; then
|
|
|
|
aboot_machine=arista_7280cr3mk_32d4
|
2020-05-28 16:59:00 -05:00
|
|
|
fi
|
2020-09-10 03:34:38 -05:00
|
|
|
if [ "$sid" = "Clearwater2" ]; then
|
|
|
|
aboot_machine=arista_7800r3_48cq2_lc
|
|
|
|
sonic_mode="$linecard_mode"
|
|
|
|
fi
|
|
|
|
if [ "$sid" = "Clearwater2Ms" ]; then
|
|
|
|
aboot_machine=arista_7800r3_48cqm2_lc
|
|
|
|
sonic_mode="$linecard_mode"
|
|
|
|
fi
|
2022-05-20 16:11:06 -05:00
|
|
|
if [ "$sid" = "WolverineQCpu" ]; then
|
|
|
|
aboot_machine=arista_7800r3a_36d2_lc
|
|
|
|
sonic_mode="$linecard_mode"
|
|
|
|
fi
|
|
|
|
if [ "$sid" = "WolverineQCpuBk" ]; then
|
|
|
|
aboot_machine=arista_7800r3ak_36d2_lc
|
|
|
|
sonic_mode="$linecard_mode"
|
|
|
|
fi
|
|
|
|
if [ "$sid" = "WolverineQCpuMs" ]; then
|
|
|
|
aboot_machine=arista_7800r3a_36dm2_lc
|
|
|
|
sonic_mode="$linecard_mode"
|
|
|
|
fi
|
|
|
|
if [ "$sid" = "WolverineQCpuBkMs" ]; then
|
|
|
|
aboot_machine=arista_7800r3ak_36dm2_lc
|
|
|
|
sonic_mode="$linecard_mode"
|
|
|
|
fi
|
2020-09-10 03:34:38 -05:00
|
|
|
if [ "$sid" = "OtterLake" ]; then
|
|
|
|
aboot_machine=arista_7800_sup
|
|
|
|
flash_size=30000
|
|
|
|
sonic_mode=$supervisor_mode
|
|
|
|
fi
|
2021-02-19 12:48:52 -06:00
|
|
|
if [ "$sid" = "SmartsvilleBkMs" ]; then
|
|
|
|
aboot_machine=arista_7280cr3mk_32p4
|
|
|
|
flash_size=7382
|
|
|
|
fi
|
2020-09-10 03:34:38 -05:00
|
|
|
if in_array "$platform" "rook" "magpie" "woodpecker" "sprucefish"; then
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add tsc=reliable
|
|
|
|
cmdline_add pcie_ports=native
|
|
|
|
cmdline_add rhash_entries=1
|
|
|
|
cmdline_add usb-storage.delay_use=0
|
|
|
|
cmdline_add reassign_prefmem
|
2017-08-05 22:56:32 -05:00
|
|
|
fi
|
2020-09-10 03:34:38 -05:00
|
|
|
if in_array "$platform" "rook" "sprucefish"; then
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add iommu=on
|
|
|
|
cmdline_add intel_iommu=on
|
2020-12-08 13:17:28 -06:00
|
|
|
cmdline_add intel_idle.max_cstate=0
|
2020-01-17 12:44:49 -06:00
|
|
|
read_system_eeprom
|
2019-05-18 12:34:07 -05:00
|
|
|
fi
|
2020-04-19 12:43:36 -05:00
|
|
|
if in_array "$platform" "crow" "magpie"; then
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add amd_iommu=off
|
|
|
|
cmdline_add modprobe.blacklist=snd_hda_intel,hdaudio
|
2020-01-17 12:44:49 -06:00
|
|
|
read_system_eeprom
|
2019-05-18 12:34:07 -05:00
|
|
|
fi
|
2020-04-19 12:43:36 -05:00
|
|
|
if in_array "$platform" "woodpecker"; then
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add modprobe.blacklist=snd_hda_intel,hdaudio
|
2020-04-19 12:43:36 -05:00
|
|
|
read_system_eeprom
|
|
|
|
fi
|
2020-09-10 03:34:38 -05:00
|
|
|
if in_array "$platform" "lorikeet" "hedgehog"; then
|
2020-12-08 13:17:28 -06:00
|
|
|
cmdline_add processor.max_cstate=1
|
2021-06-30 20:16:20 -05:00
|
|
|
cmdline_add reassign_prefmem
|
2020-09-10 03:34:38 -05:00
|
|
|
read_system_eeprom
|
|
|
|
fi
|
2017-08-05 22:56:32 -05:00
|
|
|
|
2017-12-06 17:13:18 -06:00
|
|
|
if [ $flash_size -ge 28000 ]; then
|
|
|
|
varlog_size=4096
|
2021-08-30 17:26:56 -05:00
|
|
|
elif [ $flash_size -gt 4000 ]; then
|
2017-12-06 17:13:18 -06:00
|
|
|
varlog_size=400
|
2021-08-13 11:01:34 -05:00
|
|
|
else
|
|
|
|
varlog_size=256
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add logs_inram=on
|
2021-08-13 11:01:34 -05:00
|
|
|
if [ $flash_size -le 2000 ]; then
|
|
|
|
# enable docker_inram for switches with less than 2G of flash
|
|
|
|
varlog_size=128
|
|
|
|
cmdline_add docker_inram=on
|
|
|
|
fi
|
2017-12-06 17:13:18 -06:00
|
|
|
fi
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add "varlog_size=$varlog_size"
|
2020-09-10 03:34:38 -05:00
|
|
|
|
|
|
|
cmdline_add "sonic.mode=$sonic_mode"
|
2017-02-01 15:02:29 -06:00
|
|
|
}
|
2016-03-16 01:38:26 -05:00
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
write_image_specific_cmdline() {
|
|
|
|
# security
|
|
|
|
cmdline_add security=apparmor
|
|
|
|
cmdline_add apparmor=1
|
2018-03-07 17:28:14 -06:00
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
# fs configuration
|
|
|
|
cmdline_add rw
|
2017-05-01 17:16:33 -05:00
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
# disable deterministic interface naming
|
|
|
|
cmdline_add net.ifnames=0
|
2021-04-20 16:55:14 -05:00
|
|
|
|
|
|
|
# disable unified cgroup hierarchy to workaround dockerd limitation
|
|
|
|
cmdline_add systemd.unified_cgroup_hierarchy=0
|
2017-05-01 17:16:33 -05:00
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
# verbosity
|
|
|
|
cmdline_add quiet
|
|
|
|
# Start showing systemd information from the first failing unit if any.
|
|
|
|
# systemd.show_status=false or quiet can be used to silence systemd entierly
|
|
|
|
cmdline_add systemd.show_status=auto
|
2016-03-16 01:38:26 -05:00
|
|
|
|
2018-04-06 12:48:13 -05:00
|
|
|
# Pass the MAC address to the new kernel as a command line parameter. This makes it
|
|
|
|
# possible to restore the MAC address in the new kernel without requiring driver modifications.
|
2018-04-10 22:14:45 -05:00
|
|
|
if [ -f /sys/class/net/ma1/address ]; then
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add "hwaddr_ma1=$(cat /sys/class/net/ma1/address)"
|
2018-04-10 22:14:45 -05:00
|
|
|
elif [ -f /sys/class/net/eth0/address ]; then
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add "hwaddr_ma1=$(cat /sys/class/net/eth0/address)"
|
2018-04-10 22:14:45 -05:00
|
|
|
else
|
2018-12-04 12:08:55 -06:00
|
|
|
err "Management port not found."
|
2018-04-10 22:14:45 -05:00
|
|
|
fi
|
2017-02-01 15:02:29 -06:00
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
# Obtain root partition uuid
|
2020-07-27 20:56:25 -05:00
|
|
|
local mountstr="$(mount | grep " $target_path ")"
|
|
|
|
local rootdev="$(echo $mountstr | cut -f1 -d' ')"
|
|
|
|
local rootfstype="$(echo $mountstr | cut -f5 -d' ')"
|
2020-06-22 11:30:31 -05:00
|
|
|
local rootuuid="$(get_uuid_for $rootdev)"
|
|
|
|
if [ -z "$rootuuid" ] || [ "$rootfstype" = "vfat" ] ; then
|
|
|
|
cmdline_add "root=$rootdev"
|
|
|
|
else
|
|
|
|
cmdline_add "root=UUID=$rootuuid"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
write_default_cmdline() {
|
|
|
|
local delimiter="cmdline-aboot-end"
|
|
|
|
|
|
|
|
cmdline_clear
|
|
|
|
|
|
|
|
if $in_aboot; then
|
|
|
|
# generate the default kernel parameters for the platform
|
|
|
|
cat /etc/cmdline | sed "/^\(${bootconfigvars// /\|}\|crashkernel\|loglevel\|ignore_loglevel\)\(\$\|=\)/d;/^\$/d" | cmdline_append
|
|
|
|
elif grep -q "$delimiter" /proc/cmdline; then
|
|
|
|
# we are on a recent sonic image using delimiter. extracting the part of the
|
|
|
|
# cmdline coming from aboot is trivial.
|
|
|
|
cat /proc/cmdline | sed -E "s/^(.*) $delimiter .*$/\1/" | tr ' ' '\n' | cmdline_append
|
|
|
|
else
|
|
|
|
# we are either on SONiC or EOS and the commandline doesn't have a delimiter
|
|
|
|
# for the Aboot part. Take an educated guess at a right delimiter.
|
|
|
|
# Subject to breakage if EOS or SONiC cmdline change.
|
|
|
|
cat /proc/cmdline | sed -E 's/^(.*) rw .*$/\1/' | tr ' ' '\n' | cmdline_append
|
|
|
|
fi
|
|
|
|
|
|
|
|
cmdline_add "$delimiter"
|
|
|
|
}
|
|
|
|
|
2021-02-02 03:55:09 -06:00
|
|
|
write_cmdline() {
|
|
|
|
# use extra parameters from kernel-params hook if the file exists
|
|
|
|
if [ -f "$target_path/$kernel_params" ] && ! $secureboot; then
|
|
|
|
info "Loading extra kernel parameters from $kernel_params"
|
|
|
|
cat "$target_path/$kernel_params" | cmdline_append
|
|
|
|
fi
|
|
|
|
|
|
|
|
# FIXME: sonic sometimes adds extra kernel parameters from user space
|
|
|
|
# this is unsafe but some will be kept as part of the regular boot
|
|
|
|
if [ -f "$image_path/kernel-cmdline" ]; then
|
|
|
|
for field in $cmdline_allowlist; do
|
|
|
|
cat "$image_path/kernel-cmdline" | tr ' ' '\n' | grep -E "$field" | tail -n 1 | cmdline_append
|
|
|
|
done
|
|
|
|
fi
|
|
|
|
|
|
|
|
# FIXME: legacy configuration files used by fast-reboot and eos2sonic
|
|
|
|
# these should be deprecated over time.
|
|
|
|
cmdline_echo > "$image_path/kernel-cmdline"
|
|
|
|
cmdline_echo | sed 's/ cmdline-aboot-end.*$//' > "$target_path/kernel-params-base"
|
|
|
|
}
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
write_common_configs() {
|
|
|
|
write_default_cmdline
|
|
|
|
write_platform_specific_cmdline
|
|
|
|
write_image_specific_cmdline
|
|
|
|
write_machine_config
|
|
|
|
}
|
|
|
|
|
|
|
|
write_secureboot_configs() {
|
|
|
|
write_common_configs
|
2020-07-27 20:56:25 -05:00
|
|
|
cmdline_add "loop=$(mount_relpath "$installer_image_path")"
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add loopfstype=squashfs
|
2020-07-27 20:56:25 -05:00
|
|
|
cmdline_add "loopoffset=$(zip_file_offset "$installer_image_path" fs.squashfs)"
|
2020-06-22 11:30:31 -05:00
|
|
|
cmdline_add docker_inram=on
|
|
|
|
cmdline_add secure_boot_enable=y
|
|
|
|
cmdline_add aboot.secureboot=enabled
|
|
|
|
# setting panic= has the side effect of disabling the initrd shell on error
|
|
|
|
cmdline_add panic=0
|
2021-02-02 03:55:09 -06:00
|
|
|
write_cmdline
|
2020-06-22 11:30:31 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
write_regular_configs() {
|
|
|
|
write_common_configs
|
|
|
|
cmdline_add "loop=$image_name/fs.squashfs"
|
|
|
|
cmdline_add loopfstype=squashfs
|
2021-02-02 03:55:09 -06:00
|
|
|
write_cmdline
|
2018-03-07 17:28:14 -06:00
|
|
|
}
|
|
|
|
|
|
|
|
run_kexec() {
|
2020-06-22 11:30:31 -05:00
|
|
|
local cmdline="${CMDLINE:-$(cmdline_echo) $ENV_EXTRA_CMDLINE}"
|
|
|
|
local kernel="${KERNEL:-$(find_first_kernel_under "$image_path/boot")}"
|
|
|
|
local initrd="${INITRD:-$(find_first_initrd_under "$image_path/boot")}"
|
2018-03-07 17:28:14 -06:00
|
|
|
|
2019-05-15 14:45:06 -05:00
|
|
|
if $verbose; then
|
2020-06-22 11:30:31 -05:00
|
|
|
# show systemd showdown sequence when verbose is set
|
|
|
|
cmdline="$(echo "$cmdline" | sed 's/systemd.show_status=auto/systemd.show_status=true/')"
|
|
|
|
fi
|
|
|
|
|
|
|
|
if $debug; then
|
|
|
|
# enable initrd debug as well as kernel verbose output
|
|
|
|
cmdline="$(echo "$cmdline" | sed 's/ quiet//')"
|
|
|
|
cmdline="$cmdline debug loglevel=7 log_buf_len=8M printk.devmsg=on"
|
2018-12-04 12:08:55 -06:00
|
|
|
fi
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
sync
|
2018-03-07 17:28:14 -06:00
|
|
|
kexec --load --initrd="$initrd" --append="$cmdline" "$kernel"
|
|
|
|
|
2020-07-27 20:56:25 -05:00
|
|
|
( [ -z "$testonly" ] && [ -z "$loadonly" ] ) || exit 0
|
2018-12-04 12:08:55 -06:00
|
|
|
info "Kexecing..."
|
2018-03-07 17:28:14 -06:00
|
|
|
kexec --exec
|
|
|
|
}
|
2017-02-01 15:02:29 -06:00
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
secureboot_install() {
|
|
|
|
if [ -e "$image_path" ]; then
|
2020-07-17 17:07:12 -05:00
|
|
|
warn "Image folder $image_path already exist (likely regular install)"
|
2020-06-22 11:30:31 -05:00
|
|
|
fi
|
|
|
|
|
2020-07-17 17:07:12 -05:00
|
|
|
mkdir -p "$image_path"
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
info "Installing image as $installer_image_path"
|
|
|
|
extract_image_secureboot
|
2018-12-04 12:08:55 -06:00
|
|
|
}
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
regular_install() {
|
2020-07-17 17:07:12 -05:00
|
|
|
if [ -e "$image_path" ]; then
|
|
|
|
warn "Image folder $image_path already exist (likely secureboot install)"
|
|
|
|
fi
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
mkdir -p $image_path
|
|
|
|
|
|
|
|
info "Generating boot-config, machine.conf and cmdline"
|
|
|
|
write_regular_configs "$image_path"
|
|
|
|
|
|
|
|
info "Installing image under $image_path"
|
|
|
|
extract_image
|
|
|
|
|
|
|
|
run_hooks post-install
|
|
|
|
}
|
|
|
|
|
|
|
|
secureboot_boot() {
|
|
|
|
# boot material is extracted and generated in RAM.
|
|
|
|
# SONiC starts as a live OS.
|
|
|
|
info "Preparing image for secureboot"
|
|
|
|
prepare_image_secureboot
|
|
|
|
update_next_boot
|
|
|
|
run_kexec
|
2018-12-04 12:08:55 -06:00
|
|
|
}
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
regular_boot() {
|
|
|
|
# boot uses the image installed on the flash
|
|
|
|
write_regular_configs "$image_path"
|
2021-02-02 03:55:09 -06:00
|
|
|
run_hooks pre-kexec
|
2020-06-22 11:30:31 -05:00
|
|
|
update_next_boot
|
|
|
|
run_kexec
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2018-03-07 17:28:14 -06:00
|
|
|
# In Aboot no option will be provided therefore these are the default values to use
|
|
|
|
in_aboot=true
|
|
|
|
do_clean=true
|
|
|
|
do_install=true
|
|
|
|
do_kexec=true
|
2017-05-01 17:16:33 -05:00
|
|
|
|
2018-03-07 17:28:14 -06:00
|
|
|
# prevent the flash from being cleaned if the do-not-clean file exists
|
|
|
|
if [ -f "$target_path/$do_not_clean" ]; then
|
|
|
|
do_clean=false
|
2017-02-01 15:02:29 -06:00
|
|
|
fi
|
|
|
|
|
2018-03-07 17:28:14 -06:00
|
|
|
# Parse the cmdline options (used from EOS or from SONiC)
|
2018-12-04 12:08:55 -06:00
|
|
|
if [ ! -z "$install" ]; then
|
2018-03-07 17:28:14 -06:00
|
|
|
# install from SONiC or EOS
|
|
|
|
in_aboot=false
|
|
|
|
do_clean=false
|
|
|
|
do_kexec=false
|
|
|
|
elif [ ! -z "$kexec" ]; then
|
|
|
|
# kexec from SONiC or EOS
|
|
|
|
in_aboot=false
|
|
|
|
do_install=false
|
|
|
|
do_clean=false
|
|
|
|
fi
|
|
|
|
|
2020-07-17 17:07:12 -05:00
|
|
|
# Make sure boot-config exists to avoid noise
|
|
|
|
touch "$boot_config"
|
|
|
|
|
2018-12-04 12:08:55 -06:00
|
|
|
# Verbosity can be defined by the caller, default to false otherwise
|
|
|
|
verbose=${verbose:-false}
|
2020-06-22 11:30:31 -05:00
|
|
|
debug=${debug:-false}
|
2018-12-04 12:08:55 -06:00
|
|
|
if [ -f "$target_path/verbose-boot" ] ||
|
|
|
|
[ "$(get_boot_config VERBOSE)" = "1" ] ||
|
|
|
|
! $in_aboot; then
|
2020-06-22 11:30:31 -05:00
|
|
|
verbose=true
|
|
|
|
fi
|
|
|
|
if [ -f "$target_path/debug-boot" ] || [ "$(get_boot_config DEBUG)" = "1" ]; then
|
|
|
|
verbose=true
|
|
|
|
debug=true
|
2018-12-04 12:08:55 -06:00
|
|
|
fi
|
|
|
|
|
2020-06-22 11:30:31 -05:00
|
|
|
# behavioral configuration for secureboot
|
|
|
|
# can be overidden by passing secureboot=true via env
|
|
|
|
if [ -z "$secureboot" ]; then
|
|
|
|
if is_secureboot_enabled; then
|
|
|
|
secureboot=true
|
|
|
|
else
|
|
|
|
secureboot=false
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
|
2020-07-17 17:07:12 -05:00
|
|
|
# preserve original installer during regular install when set
|
2020-06-22 11:30:31 -05:00
|
|
|
preserve_installer=false
|
2020-07-17 17:07:12 -05:00
|
|
|
if [ -f "$target_path/preserve-installer" ] ||
|
|
|
|
[ "$(get_boot_config PRESERVE_INSTALLER)" = "1" ]; then
|
|
|
|
preserve_installer=true
|
|
|
|
fi
|
2020-06-22 11:30:31 -05:00
|
|
|
|
2018-12-04 12:08:55 -06:00
|
|
|
# enable shell debug mode to get the most verbosity
|
|
|
|
if $verbose; then
|
2020-06-22 11:30:31 -05:00
|
|
|
set -x
|
2018-12-04 12:08:55 -06:00
|
|
|
fi
|
|
|
|
|
2018-03-07 17:28:14 -06:00
|
|
|
# install the image if newer
|
|
|
|
if $do_install; then
|
2020-07-17 17:07:12 -05:00
|
|
|
if ! unzip -ql "$swipath" 2>&1 > /dev/null; then
|
2018-12-04 12:08:55 -06:00
|
|
|
err "The swipath= environment variable does not point to a valid SWI"
|
2018-03-07 17:28:14 -06:00
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2020-07-17 17:07:12 -05:00
|
|
|
swi_installed=0
|
|
|
|
is_swi_installed "$swipath" || swi_installed=$?
|
2018-03-07 17:28:14 -06:00
|
|
|
|
2020-07-17 17:07:12 -05:00
|
|
|
if [ "$swi_installed" -ne $SWI_ALREADY_INSTALLED ] || [ -n "$force" ]; then
|
|
|
|
if [ "$swi_installed" -eq $SWI_VERSION_MISMATCH ] || [ -n "$force" ]; then
|
|
|
|
warn "Removing existing installation folder $image_path"
|
|
|
|
rm -rf $image_path
|
|
|
|
fi
|
|
|
|
if [ "$swi_installed" -ne $SWI_OTHER_VARIANT_INSTALLED ] && $do_clean; then
|
2018-12-04 12:08:55 -06:00
|
|
|
info "Cleaning flash content $target_path"
|
2018-03-07 17:28:14 -06:00
|
|
|
clean_flash
|
|
|
|
fi
|
2020-06-22 11:30:31 -05:00
|
|
|
if $secureboot; then
|
|
|
|
secureboot_install
|
|
|
|
else
|
|
|
|
regular_install
|
|
|
|
fi
|
2018-12-04 12:08:55 -06:00
|
|
|
else
|
|
|
|
info "Using previously installed image"
|
2018-03-07 17:28:14 -06:00
|
|
|
fi
|
2017-02-01 15:02:29 -06:00
|
|
|
fi
|
|
|
|
|
|
|
|
# chainloading using kexec
|
2018-03-07 17:28:14 -06:00
|
|
|
if $do_kexec; then
|
2020-06-22 11:30:31 -05:00
|
|
|
if $secureboot; then
|
|
|
|
secureboot_boot
|
|
|
|
else
|
|
|
|
regular_boot
|
|
|
|
fi
|
2018-03-07 17:28:14 -06:00
|
|
|
fi
|