Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
ading2210
GitHub Repository: ading2210/shimboot
 Path: blob/main/build.sh
402 views
1
#!/bin/bash

2


3
#build the bootloader image

4


5
. ./common.sh

6
. ./image_utils.sh

7
. ./shim_utils.sh

8


9
print_help() {

10
  echo "Usage: ./build.sh output_path shim_path rootfs_dir"

11
  echo "Valid named arguments (specify with 'key=value'):"

12
  echo "  quiet - Don't use progress indicators which may clog up log files."

13
  echo "  arch  - Set this to 'arm64' to specify that the shim is for an ARM chromebook."

14
  echo "  name  - The name for the shimboot rootfs partition."

15
  echo "  luks  - Set this argument to encrypt the rootfs partition. Currently not available on arm64-based chromebooks."

16
}

17


18
assert_root

19
assert_deps "cpio binwalk pcregrep realpath cgpt mkfs.ext4 mkfs.ext2 fdisk lz4"

20
assert_args "$3"

21
parse_args "$@"

22


23
output_path="$(realpath -m "${1}")"

24
shim_path="$(realpath -m "${2}")"

25
rootfs_dir="$(realpath -m "${3}")"

26


27
quiet="${args['quiet']}"

28
arch="${args['arch']-amd64}"

29
bootloader_part_name="${args['name']}"

30
luks_enabled="${args['luks']}"

31


32
if [ "$luks_enabled" ]; then

33
  while true; do

34
    read -p "Enter the LUKS2 password for the image: " crypt_password

35
    read -p "Retype the password: " crypt_password_confirm

36
    if [ "$crypt_password" = "$crypt_password_confirm" ]; then

37
      break

38
    else

39
      echo "Passwords do not match. Please try again."

40
    fi

41
  done

42
  print_info "downloading shimboot-binaries"

43
  temp_shimboot_binaries="/tmp/shimboot-binaries.tar.gz"

44
  #download the tar into /tmp before extracting cryptsetup

45
  wget -q --show-progress "https://github.com/ading2210/shimboot-binaries/releases/latest/download/shimboot_binaries_$arch.tar.gz" -O "$temp_shimboot_binaries"

46
  #extract cryptsetup and delete the archive

47
  tar -xf "$temp_shimboot_binaries" -C $(realpath -m "bootloader/bin/") "cryptsetup"

48
  rm "$temp_shimboot_binaries"

49
  chmod +x "$(realpath -m "bootloader/bin/")/cryptsetup"

50
fi

51


52
print_info "reading the shim image"

53
initramfs_dir=/tmp/shim_initramfs

54
kernel_img=/tmp/kernel.img

55
rm -rf "$initramfs_dir" "$kernel_img"

56
extract_initramfs_full "$shim_path" "$initramfs_dir" "$kernel_img" "$arch"

57


58
print_info "patching initramfs"

59
patch_initramfs "$initramfs_dir"

60


61
print_info "creating disk image"

62
rootfs_size="$(du -sm $rootfs_dir | cut -f 1)"

63
rootfs_part_size="$(($rootfs_size * 12 / 10 + 5))"

64
#create a 20mb bootloader partition

65
#rootfs partition is 20% larger than its contents

66
create_image "$output_path" 20 "$rootfs_part_size" "$bootloader_part_name"

67


68
print_info "creating loop device for the image"

69
image_loop="$(create_loop ${output_path})"

70


71
print_info "creating partitions on the disk image"

72
create_partitions "$image_loop" "$kernel_img" "$luks_enabled" "$crypt_password"

73


74
print_info "copying data into the image"

75
populate_partitions "$image_loop" "$initramfs_dir" "$rootfs_dir" "$quiet" "$luks_enabled"

76
rm -rf "$initramfs_dir" "$kernel_img"

77


78
print_info "cleaning up loop devices"

79
losetup -d "$image_loop"

80
print_info "done"

81


82