summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--resources/grub/config/menuentries/common.cfg195
1 files changed, 74 insertions, 121 deletions
diff --git a/resources/grub/config/menuentries/common.cfg b/resources/grub/config/menuentries/common.cfg
index 3b0dae4..094a0fa 100644
--- a/resources/grub/config/menuentries/common.cfg
+++ b/resources/grub/config/menuentries/common.cfg
@@ -1,149 +1,102 @@
-function switch_to_grub_config {
+function try_user_config {
set root="${1}"
- # a) Check possible file locations...
- for p in boot/grub/coreboot_ grub/coreboot_ boot/grub/libreboot_ grub/libreboot_ boot/grub/autoboot_ grub/autoboot_ boot/grub/ grub/ boot/grub2/ grub2/; do
- if [ -f "/${p}grub.cfg" ]; then
- # b) And eventually try to load the config. Using ESC one can still exit and revert back to
- # libreboot's menu.
- configfile /${p}grub.cfg
- fi
+ for dir in boot grub grub2 boot/grub boot/grub2; do
+ for name in '' autoboot_ libreboot_; do
+ if [ -f /"${dir}"/"${name}"grub.cfg ]; then
+ configfile /"${dir}"/"${name}"grub.cfg
+ fi
+ done
+ done
+}
+function search_grub {
+ for i in 0 1; do
+ # raw devices
+ try_user_config "(${1}${i})"
+ for part in 1 2 3 4 5; do
+ # MBR/GPT partitions
+ try_user_config "(${1}${i},${part})"
+ done
done
}
-function parse_isolinux_config {
- set root=${1}
- for p in /isolinux /syslinux; do
- if [ -f "${p}${p}.cfg" ]; then
- syslinux_configfile -i ${p}${p}.cfg
- elif [ -f "/boot${p}${p}.cfg" ]; then
- syslinux_configfile -i /boot${p}${p}.cfg
+function try_isolinux_config {
+ set root="${1}"
+ for dir in '' /boot; do
+ if [ -f "${dir}"/isolinux/isolinux.cfg ]; then
+ syslinux_configfile -i "${dir}"/isolinux/isolinux.cfg
+ elif [ -f "${dir}"/syslinux/syslinux.cfg ]; then
+ syslinux_configfile -s "${dir}"/syslinux/syslinux.cfg
fi
done
}
+function search_isolinux {
+ for i in 0 1; do
+ # raw devices
+ try_isolinux_config "(${1},${i})"
+ for part in 1 2 3 4 5; do
+ # MBR/GPT partitions
+ try_isolinux_config "(${1}${i},${part})"
+ done
+ done
+}
menuentry 'Load Operating System (incl. fully encrypted disks) [o]' --hotkey='o' {
+# GRUB2 handles (almost) every possible disk setup, but only the location of
+# /boot is actually important since GRUB2 only loads the user's config.
-# GRUB handles (almost) every possible disk setup, but only the location of /boot is actually important,
-# since GRUB only loads the user's config. As soon as the kernel takes over, libreboot's done.
+# LVM, RAID, filesystems and encryption on both raw devices and partitions in
+# all various combinations need to be supported. Since full disk encryption is
+# possible with GRUB2 as payload and probably even used by most users, this
+# configuration tries to load the operating system in the following way:
-# filesystems and encryption on both raw devices and partitions in all various combinations
-# need to be supported. Since full disk encryption is possible with GRUB as payload and probably desired/used
-# by most users, libreboot GRUB config tries to load the operating system (kernel) in the following way:
+# 1. Look for user configuration on unencrypted devices first to avoid
+# unnecessary decryption routines in the following order:
- # Try to decrypt raw devices first. This <your disk setup> inside a LUKS container is pretty common
-
- # prompt user for passphrase if LUKS header is found
- cryptomount ahci0
- for j in 1 2 3 4 5 6 7 8 9; do
- cryptomount ahci0,${j}
+# 1) raw devices and MBR/GPT partitions
+ search_grub ahci
+# 2) LVM and RAID which might be used accross multiple devices
+ lvm="lvm/*"
+ raid="md0 md0,1 md0,2 md0,3 md0,4 md0,6 md0,7 md0,8 md0,9"
+ for vol in ${lvm} ${raid}; do
+ try_user_config "(${vol})"
done
+# 2. In case no configuration could be found, try decrypting devices. Look
+# on raw crypto devices as well as inside LVM volumes this time.
- # 2. Look for user config. If the above routine successfully decrypted a LUKS container, its content
- # will be searched before everything else for obvious reasons. Regardless of this, the devices'
- # hirachy stays the same.
- for d in crypto0 ahci0; do
- switch_to_grub_config ${d}
+# The user will be prompted for a passphrase if a LUKS header was found.
+ for dev in ahci0 ahci1 ${lvm}; do
+ cryptomount "(${dev})"
done
- for j in 1 2 3 4 5 6 7 8 9; do
- for d in crypto0 ahci0; do
- switch_to_grub_config "${d},${j}"
+# 3) encrypted devices/partitions
+ for i in 0 1; do
+ for part in 1 2 3 4 5; do
+ cryptomount "(ahci${i},${part})"
done
done
- for l in lvm/matrix-root lvm/matrix-boot; do
- switch_to_grub_config ${l}
- done
- # prompt user for passphrase if LUKS header is found but try using external keyfiles first
- search -n -f /keyfile --set=kf --hint usb0, --hint usb1,
- if [ $? = 0 ]; then
- kf="-k (${kf})/keyfile ${d}"
- fi
- for d in ${devs}; do
- cryptomount ${kf} ${d}
- done
- # 3. Do the same routine again, but for possibly decrypted data this time.
- switch_to_grub_config crypto0
- for j in 1 2 3 4 5 6 7 8 9; do
- switch_to_grub_config "crypto0,${j}"
- done
- for l in lvm/matrix-root lvm/matrix-boot; do
- switch_to_grub_config ${l}
- done
-
- # 3. Last resort, if none of the above succeeds, all you have is GRUB's shell
- set root=ahci0,1
- for p in / /boot/; do
- if [ -f "${p}vmlinuz" ]; then
- linux ${p}vmlinuz root=/dev/sda1 rw
- if [ -f "${p}initrd.img" ]; then
- initrd ${p}initrd.img
- fi
- fi
+# 3) encrypted devices/partitions
+ search_grub crypto
+# 4) LVM inside LUKS containers
+ for vol in ${lvm}; do
+ try_user_config "(${vol})"
done
}
-menuentry 'Parse ISOLINUX menu (AHCI) [a]' --hotkey='a' {
- # Check for filesystem on raw device without partition table (MBR/GPT), e.g. BTRFS or ZFS
- parse_isolinux_config ahci0
- # Look for partitions
- # GPT allows more than 4 partitions, /boot on /dev/sda7 is quite unlikely but still possible
- for j in 1 2 3 4 5 6 7 8 9; do
- parse_isolinux_config "ahci0,${j}"
- done
+menuentry 'Search ISOLINUX menu (AHCI) [a]' --hotkey='a' {
+ search_isolinux ahci
}
-menuentry 'Parse ISOLINUX menu (USB) [u]' --hotkey='u' {
- for i in 0 1; do
- # Check for filesystem on raw device without partition table (MBR/GPT), e.g. BTRFS or ZFS
- parse_isolinux_config usb${i}
- # Look for partitions
- # GPT allows more than 4 partitions, /boot on /dev/sda7 is quite unlikely but still possible
- for j in 1 2 3 4 5 6 7 8 9; do
- parse_isolinux_config "usb${i},${j}"
- done
- done
+menuentry 'Search ISOLINUX menu (USB) [u]' --hotkey='u' {
+ search_isolinux usb
}
-menuentry 'Parse ISOLINUX menu (CD/DVD) [d]' --hotkey='d' {
+menuentry 'Search ISOLINUX menu (CD/DVD) [d]' --hotkey='d' {
insmod ata
- for x in ata0 ahci1; do
- parse_isolinux_config ${x}
+ for dev in ata0 ahci1; do
+ try_isolinux_config "(${dev})"
done
}
-menuentry 'Switch to grubtest.cfg [t]' --hotkey='t' {
- set root=cbfsdisk
+menuentry 'Load test configuration (grubtest.cfg) inside of CBFS [t]' --hotkey='t' {
+ set root='(cbfsdisk)'
configfile /grubtest.cfg
}
-menuentry 'Search for GRUB configuration (grub.cfg) outside of CBFS [s]' --hotkey='s' {
- insmod ahci
- insmod usbms
- insmod part_msdos
- insmod part_gpt
- for x in (ahci0,1) (ahci0,2) (ahci0,3) (ahci0,4) (usb0) (usb0,1) (usb0,2) (usb0,3) (usb0,4); do
- if [ -f "$x/grub/grub.cfg" ] ; then
- submenu "Load Config from $x" $x {
- root=$2
- source /grub/grub.cfg
- unset superusers
- }
- fi
- if [ -f "$x/boot/grub/grub.cfg" ] ; then
- submenu "Load Config from $x" $x {
- root=$2
- source /boot/grub/grub.cfg
- unset superusers
- }
- fi
- if [ -f "$x/grub2/grub.cfg" ] ; then
- submenu "Load Config from $x" $x {
- root=$2
- source /grub2/grub.cfg
- unset superusers
- }
- fi
- if [ -f "$x/boot/grub2/grub.cfg" ] ; then
- submenu "Load Config from $x" $x {
- root=$2
- source /boot/grub2/grub.cfg
- unset superusers
- }
- fi
- done
+menuentry 'Search for GRUB2 configuration on external media [s]' --hotkey='s' {
+ search_grub usb
}
menuentry 'Poweroff [p]' --hotkey='p' {
halt