In the old days before BLS, setting the GRUB_DEFAULT_DTB variable would
create a devicetree entry for each kernel, which would be prepended by
/dtb-${kernelver}, so it was possible to test a different dtb per
installed kernel.
In the transition to BLS, the variable was kept but the functionality is
now slightly different. The value of GRUB_DEFAULT_DTB goes to the
grubenv and that dtb is loaded from the /dtb symlink instead, which may
change with kernel installs.
This patch introduces a different variable which restores the previous
behavior, and adds the devicetree entry to each BLS entry, if set.
This variable is not set by default in an install, so it does not affect
users with default settings.
It is useful for developers and users of boards with not yet stable
upstream support, where changes to the dtb may cause behavior
difference. In these cases, it is desirable to not pick the dtb of just
the latest installed kernel, but keep previous kernel+dtb choices
unaffected as a fallback.
Signed-off-by: Erico Nunes <ernunes@redhat.com>
8800efcb0b replaced '-a' with '--preserve=timestamps' to avoid
preserving ownership information on non vfat file systems. This breaks
copying of the 'dtb' directory on aarch64 systems since '-a' implies
'-r'. Add '-r' to the single place where 'dtb/' is copied to /boot.
Resolves: #2243060
Fixes: 8800efcb0b ("Do not preserve ownership or xattrs on copied files")
Signed-off-by: Janne Grunau <j@jannau.net>
Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
When kernel-install is called for a UKI, 20-grub.install copies it to /boot
which is totally unneeded, UKIs are now handled by the standard systemd's
90-uki-copy.install (systemd-253+) correctly which places them to the ESP.
Signed-off-by: Vitaly Kuznetsov <vkuznets@redhat.com>
As noticed in https://bugzilla.redhat.com/show_bug.cgi?id=2239008#c16, when
compiling a kernel as a user and doing 'sudo make install', and when using a
non-vfat fs for the install destination, the file would end up owned by the
user. This is not useful at all, so let's only preserve the timestamps on the
copied file, no other attributes.
Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
The mkbls() function would write 'linux /vmlinuz-${kernelver}' into the boot
loader entry. But the code that actually copies the file would use the original
file name with a version suffix ('cp -aT "$i" "/boot/${i##*/}-${KERNEL_VERSION}"').
In case of a local kernel build calling /sbin/installkernel this file name was
e.g. 'bzImage', so we would end up with '/bzImage-${KERNEL_VERSION}', which of
course doesn't match '/vmlinuz-*'. The script would later call 'grub2-mkrel'
on the name taken from the boot entry which would fail because the file does not
exist. Rename the argument to "vmlinuz", so that both parts match.
Tested by doing a local kernel build with 'sudo make install' at the end.
Signed-off-by: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
The kernel-install script is also used to install kernels when built from
source using the `make install` target.
And if this source contains modifications, a '+' is added as suffix by the
scripts/setlocalversion if no LOCALVERSION was set in the kernel config.
This confuses the grub2 kernel-install plugin, since it currently assumes
that any kernel that contain a version with a '+' suffix is a debug kernel.
But the match is too greedy, just having '+debug' should be enough to check
whether the kernel to install is a debug kernel or not.
Resolves: #2148351
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
The Fedora/ARK kernel is moving to removing gzip as a dependency and
replacing it with xz.
Use xz instead of gz as an extension for the symvers file.
Signed-off-by: Prarit Bhargava <prarit@redhat.com>
When SUSE_BTRFS_SNAPSHOT_BOOTING=true is set in /etc/default/grub, paths
to kernel and initrd images need to be relative. Since are used along with
snapper, configured so the default btrfs subvolume is the current snapshot.
Resolves: rhbz#1906191
This is only used by themes and these assume that boot entries for Fedora
will be named "fedora". Currently we are using "kernel" that's not useful.
Resolves: rhbz#1957014
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
This is not needed for boot, just a symlink would be enough for
tools that expect this file to be present in the boot directory.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
The kernel cmdline was stored as a kernelopts variable in the grubenv file
and the BLS snippets used that. But this turned out to be fragile since the
grubenv file could be removed or get corrupted easily.
To prevent the entries to not have a cmdline if the grubenv can't be read,
a fallback variable was set in the GRUB config file. But this still caused
issues since the config needs to be re-generated to change the parameters.
Instead, let's store the cmdline in the BLS snippets. This will make the
configuration more robust, since it will work even without the grubenv
file and the BLS entries will contain all the information needed to boot.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
The id field isn't used anymore by the blscfg module and instead the BLS
filename without the .conf is used as the id for the generated menu entry.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
The BLS files are copied from /lib/modules/$(uname -r)/bls.conf and this
file has a SELinux label of "system_u:object_r:modules_object_t" like all
the other files that are installed by the kernel package.
But the files in the /boot directory are expected to have a SELinux label
of "system_u:object_r:boot_t". For all the other files that are copied to
/boot by the kernel-install script, the SELinux security contexts are
restored to the default but that was missing for the BLS files.
Resolves: rhbz#1726020
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
In rhbz#1638405, we worked around the issue of an existing initramfs
being in the way by removing it if it's older than the kernel we're in
the process of installing.
But it was buggy and only worked with some filesystem layouts and paths, and
also possibly had some issues with file creation times causing the shell -ot
comparison to fail in some cases.
This patch changes it to remove the existing kernel (as well as other
related files) in the case that it's going to do the copy, and also fixes the
path issues.
Resolves: rhbz#1642402
Related: rhbz#1638405
Signed-off-by: Peter Jones <pjones@redhat.com>
Tested-by: Prarit Bhargava <prarit@redhat.com>
If a debug kernel package is installed, the default entry should only
be set when DEFAULTDEBUG=yes is set in /etc/sysconfig/kernel.
Resolves: rhbz#1636346
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
For the debug BLS entries a -debug suffix was added so they are sorted after
the kernel entries, but that only works with version sort and not rpm sort.
So instead use ~debug prefix so rpm sort algorithm could sort it correctly.
Related: rhbz#1638103
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Currently we fail to install a new kernel with "make install" on the second
try, because dracut won't over-write the initramfs without --force. In this
patch, 20-grub.install will remove an existing initramfs if it's newer than the
kernel we're installing.
Resolves: rhbz#1638405
Signed-off-by: Peter Jones <pjones@redhat.com>
For EFI systems, the BLS fragments were stored in the EFI System Partition
(ESP) while in non-EFI systems it was stored in /boot.
For consistency, it's better to always store the BLS fragments in the same
path regardless of the firmware interface used.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
The kernel-install plugins are called with an environment variable named
$KERNEL_INSTALL_MACHINE_ID, which is set to the machine ID read from the
/etc/machine-id file. If the file doesn't exist or is empty, the variable
is empty and $BOOT_DIR_ABS is set to a temporary directory that's removed
after all the plugins exit.
So if $KERNEL_INSTALL_MACHINE_ID is not set, just exit the script since
installing a kernel BootLoaderSpec fragment won't be possible anyways.
Resolves: rhbz#1576573
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Add some fixes for BLS parsing logic and also make 20-grub.install script
to query the relative path of the kernel and initramfs images, so BLS can
also work when /boot is not a mount point or is a btrfs subvolume.
Also pull some build fixes.
Resolves: rhbz#1588184
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
- Use version field to sort BLS entries if id field isn't defined
- Add version field to BLS fragments generated by 20-grub.install
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
If MAKEDEBUG=yes in /etc/sysconfig/kernel, then a debug menu entry should
be created. So for BLS, a debug configuration file has to be created that
contains debug kernel command line parameters.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
Install a 20-grubby.install and 90-loaderentry.install kernel-install
scripts in /etc/kernel/install.d so these have higher precedence than
the ones installed in /usr/lib/kernel/install.d by the systemd pkg.
If GRUB 2 pkg isn't installed, then the systemd scripts are executed
on kernel installation and removal.
Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>