diff --git a/board/shredos/bootia32.efi b/board/shredos/bootia32.efi new file mode 100644 index 0000000000..374f264578 Binary files /dev/null and b/board/shredos/bootia32.efi differ diff --git a/board/shredos/genimage.cfg b/board/shredos/genimage.cfg index 0dce8f782c..8242ab1bc9 100644 --- a/board/shredos/genimage.cfg +++ b/board/shredos/genimage.cfg @@ -6,6 +6,7 @@ image boot.vfat { file boot/version.txt { image = 'version.txt' } file boot/shredos.id { image = '/dev/null' } file boot/memtest { image = 'memtest.bin' } + file EFI/BOOT/bootia32.efi { image = 'bootia32.efi' } file EFI/BOOT/bootx64.efi { image = 'bootx64.efi' } file EFI/BOOT/grub.cfg { image = 'grub.cfg' } file EFI/BOOT/memtest.efi { image = 'memtest.efi' } diff --git a/board/shredos/make_img_file.sh b/board/shredos/make_img_file.sh index 97d692fb92..4bbc817b34 100755 --- a/board/shredos/make_img_file.sh +++ b/board/shredos/make_img_file.sh @@ -1,12 +1,10 @@ #!/bin/bash -e if grep -Eq "^BR2_ARCH_IS_64=y$" "${BR2_CONFIG}"; then - MKIMAGE_ARCH=x86_64 - MKIMAGE_EFI=bootx64.efi + MKIMAGE_ARCH=x86-64 MKIMAGE_CFG=genimage.cfg else MKIMAGE_ARCH=i686 - MKIMAGE_EFI=bootia32.efi MKIMAGE_CFG=genimage_i686.cfg fi @@ -14,7 +12,7 @@ version=$(cat board/shredos/fsoverlay/etc/shredos/version.txt) cp "board/shredos/grub.cfg" "${BINARIES_DIR}/grub.cfg" || exit 1 cp "output/target/lib/grub/i386-pc/boot.img" "${BINARIES_DIR}/boot.img" || exit 1 -cp "${BINARIES_DIR}/efi-part/EFI/BOOT/${MKIMAGE_EFI}" "${BINARIES_DIR}/${MKIMAGE_EFI}" || exit 1 +cp "${BINARIES_DIR}/efi-part/EFI/BOOT/bootia32.efi" "${BINARIES_DIR}/bootia32.efi" || exit 1 cp "${BINARIES_DIR}/efi-part/EFI/BOOT/bootx64.efi" "${BINARIES_DIR}/bootx64.efi" || exit 1 cp "board/shredos/autorun.inf" "${BINARIES_DIR}/autorun.inf" || exit 1 diff --git a/board/shredos/make_iso_file.sh b/board/shredos/make_iso_file.sh index d9068f1cd9..f81ff93c57 100755 --- a/board/shredos/make_iso_file.sh +++ b/board/shredos/make_iso_file.sh @@ -1,7 +1,7 @@ #!/bin/bash -e if grep -Eq "^BR2_ARCH_IS_64=y$" "${BR2_CONFIG}"; then - MKIMAGE_ARCH=x86_64 + MKIMAGE_ARCH=x86-64 else MKIMAGE_ARCH=i686 fi diff --git a/build_all_shredos.sh b/build_all_shredos.sh index 607e24ae5a..27f26d6970 100755 --- a/build_all_shredos.sh +++ b/build_all_shredos.sh @@ -42,7 +42,8 @@ X32_CONFIGS=( # Packages always needing rebuild between runs, even for the same architecture. # This only applies when QUICK_BUILD is enabled, otherwise rebuilds everything. ALWAYS_REBUILD_PKGS=( - "grub2" + "nwipe" # For specific version/banner patching + "grub2" # For specific bootloader generation ) ################################################################################ diff --git a/fs/iso9660/iso9660.mk b/fs/iso9660/iso9660.mk index c12f59febe..ad3b52fc0f 100644 --- a/fs/iso9660/iso9660.mk +++ b/fs/iso9660/iso9660.mk @@ -150,14 +150,20 @@ ROOTFS_ISO9660_GRUB2_CONFIG_PATH = $(ROOTFS_ISO9660_TMP_TARGET_DIR)/boot/grub/gr ROOTFS_ISO9660_GRUB2_EFI_CONFIG_PATH = $(ROOTFS_ISO9660_TMP_TARGET_DIR)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/grub.cfg ifeq ($(BR2_ARCH_IS_64),y) -# Backup 64-bit bootloader for use with future 32-bit builds -define ROOTFS_ISO9660_BACKUP_RESTORE_X64_EFI +# Include also the 32-bit bootloader for 64-bit builds +define ROOTFS_ISO9660_EFI_OTHER_ARCH $(INSTALL) -D -m 0644 $(ROOTFS_ISO9660_EFI_PARTITION_CONTENT)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootx64.efi \ $(TOPDIR)/board/shredos/bootx64.efi + $(INSTALL) -D -m 0644 $(TOPDIR)/board/shredos/bootia32.efi \ + $(ROOTFS_ISO9660_EFI_PARTITION_CONTENT)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootia32.efi + $(INSTALL) -D -m 0644 $(ROOTFS_ISO9660_EFI_PARTITION_CONTENT)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootia32.efi \ + $(ROOTFS_ISO9660_TMP_TARGET_DIR)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootia32.efi endef else -# We are building for 32-bit, but also add the 64-bit bootloader -define ROOTFS_ISO9660_BACKUP_RESTORE_X64_EFI +# Include also the 64-bit bootloader for 32-bit builds +define ROOTFS_ISO9660_EFI_OTHER_ARCH + $(INSTALL) -D -m 0644 $(ROOTFS_ISO9660_EFI_PARTITION_CONTENT)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootia32.efi \ + $(TOPDIR)/board/shredos/bootia32.efi $(INSTALL) -D -m 0644 $(TOPDIR)/board/shredos/bootx64.efi \ $(ROOTFS_ISO9660_EFI_PARTITION_CONTENT)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootx64.efi $(INSTALL) -D -m 0644 $(ROOTFS_ISO9660_EFI_PARTITION_CONTENT)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootx64.efi \ @@ -168,8 +174,8 @@ endif define ROOTFS_ISO9660_INSTALL_GRUB2_EFI # Install memtest binaries to ISO9660 filesystem $(ROOTFS_ISO9660_COPY_MEMTEST_BINARIES) - # Either backup or restore the 64-bit bootloader - $(ROOTFS_ISO9660_BACKUP_RESTORE_X64_EFI) + # Include also the other achitecture bootloader + $(ROOTFS_ISO9660_EFI_OTHER_ARCH) # Create file to better find ISO9660 filesystem $(INSTALL) -D -m 0644 /dev/null \ $(ROOTFS_ISO9660_TMP_TARGET_DIR)/$(ROOTFS_ISO9660_GRUB2_EFI_IDENT_FILE) @@ -274,14 +280,20 @@ define ROOTFS_ISO9660_INSTALL_ISOLINUX_CONFIG endef ifeq ($(BR2_ARCH_IS_64),y) -# Backup 64-bit bootloader for use with future 32-bit builds -define ROOTFS_ISO9660_BACKUP_RESTORE_X64_EFI +# Include also the 32-bit bootloader for 64-bit builds +define ROOTFS_ISO9660_EFI_OTHER_ARCH $(INSTALL) -D -m 0644 $(ROOTFS_ISO9660_EFI_PARTITION_CONTENT)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootx64.efi \ $(TOPDIR)/board/shredos/bootx64.efi + $(INSTALL) -D -m 0644 $(TOPDIR)/board/shredos/bootia32.efi \ + $(ROOTFS_ISO9660_EFI_PARTITION_CONTENT)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootia32.efi + $(INSTALL) -D -m 0644 $(ROOTFS_ISO9660_EFI_PARTITION_CONTENT)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootia32.efi \ + $(ROOTFS_ISO9660_TMP_TARGET_DIR)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootia32.efi endef else -# We are building for 32-bit, but also add the 64-bit bootloader -define ROOTFS_ISO9660_BACKUP_RESTORE_X64_EFI +# Include also the 64-bit bootloader for 32-bit builds +define ROOTFS_ISO9660_EFI_OTHER_ARCH + $(INSTALL) -D -m 0644 $(ROOTFS_ISO9660_EFI_PARTITION_CONTENT)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootia32.efi \ + $(TOPDIR)/board/shredos/bootia32.efi $(INSTALL) -D -m 0644 $(TOPDIR)/board/shredos/bootx64.efi \ $(ROOTFS_ISO9660_EFI_PARTITION_CONTENT)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootx64.efi $(INSTALL) -D -m 0644 $(ROOTFS_ISO9660_EFI_PARTITION_CONTENT)/$(ROOTFS_ISO9660_GRUB2_EFI_PREFIX)/bootx64.efi \ @@ -292,8 +304,8 @@ endif define ROOTFS_ISO9660_INSTALL_GRUB2_EFI # Install memtest binaries to ISO9660 filesystem $(ROOTFS_ISO9660_COPY_MEMTEST_BINARIES) - # Either backup or restore the 64-bit bootloader - $(ROOTFS_ISO9660_BACKUP_RESTORE_X64_EFI) + # Include also the other achitecture bootloader + $(ROOTFS_ISO9660_EFI_OTHER_ARCH) # Create file to better find ISO9660 filesystem $(INSTALL) -D -m 0644 /dev/null \ $(ROOTFS_ISO9660_TMP_TARGET_DIR)/$(ROOTFS_ISO9660_GRUB2_EFI_IDENT_FILE) diff --git a/package/nwipe/Config.in b/package/nwipe/Config.in index cdbe4632e0..55e0da2369 100644 --- a/package/nwipe/Config.in +++ b/package/nwipe/Config.in @@ -8,10 +8,9 @@ config BR2_PACKAGE_NWIPE help NWipe – secure disk wiping tool (fork of Darik's Boot and Nuke). -if BR2_PACKAGE_NWIPE - config BR2_PACKAGE_NWIPE_SITE string "nwipe Git repository URL" + depends on BR2_PACKAGE_NWIPE default "https://github.com/martijnvanbrummelen/nwipe.git" help Git repository used to fetch the nwipe sources. @@ -21,11 +20,10 @@ config BR2_PACKAGE_NWIPE_SITE config BR2_PACKAGE_NWIPE_GIT_REVISION string "Git revision (full commit SHA-1 or tag v0.25-v0.40 ..)" + depends on BR2_PACKAGE_NWIPE + default "v0.40" help When 'Git revision' is selected above, this string is passed as the Git ref to check out. Examples: - 051e1aa0c9572b26301a33d40689adb544927d11 (full commit SHA-1) - v0.40 (tag) - -endif - diff --git a/package/nwipe/nwipe.mk b/package/nwipe/nwipe.mk index db9e212667..eefc9af76c 100644 --- a/package/nwipe/nwipe.mk +++ b/package/nwipe/nwipe.mk @@ -4,17 +4,29 @@ # ################################################################################ +NWIPE_BUILD_ARCH = $(call qstrip,$(BR2_ARCH)) NWIPE_VERSION = $(call qstrip,$(BR2_PACKAGE_NWIPE_GIT_REVISION)) - -# Default Git repository URL (never empty). -NWIPE_SITE = https://github.com/martijnvanbrummelen/nwipe.git -ifneq ($(call qstrip,$(BR2_PACKAGE_NWIPE_SITE)),) -NWIPE_SITE = $(call qstrip,$(BR2_PACKAGE_NWIPE_SITE)) -endif - +NWIPE_DEPENDENCIES = ncurses parted dmidecode coreutils libconfig NWIPE_SITE_METHOD = git -NWIPE_DEPENDENCIES = ncurses parted dmidecode coreutils libconfig +ifneq ($(call qstrip,$(BR2_PACKAGE_NWIPE_SITE)),) +NWIPE_SITE = $(call qstrip,$(BR2_PACKAGE_NWIPE_SITE)) +else +NWIPE_SITE = https://github.com/martijnvanbrummelen/nwipe.git +endif + +################################################################################ +# Architecture safeguard +################################################################################ + +define NWIPE_CHECK_ARCH + case "$(NWIPE_BUILD_ARCH)" in \ + i686|x86_64) ;; \ + *) echo "Unsupported architecture: $(NWIPE_BUILD_ARCH)"; exit 1 ;; \ + esac +endef + +NWIPE_PRE_CONFIGURE_HOOKS += NWIPE_CHECK_ARCH ################################################################################ # SHREDOS version.txt and banner updater. Updates the nwipe version which @@ -25,44 +37,32 @@ NWIPE_DEPENDENCIES = ncurses parted dmidecode coreutils libconfig SHREDOS_VERSION_FILE = board/shredos/fsoverlay/etc/shredos/version.txt -ifeq ($(BR2_PACKAGE_NWIPE),y) - -ifeq ($(BR2_PACKAGE_NWIPE_VERSION_GIT_REVISION),y) -# Take first 7 characters of the git revision and append suffix -NWIPE_VERSION_BANNER := $(shell printf "%.7s-commit-dev" "$(BR2_PACKAGE_NWIPE_GIT_REVISION)") +# If version contains a dot, treat it as a release tag +ifneq ($(findstring .,$(NWIPE_VERSION)),) +NWIPE_VERSION_BANNER = $(NWIPE_VERSION) else -NWIPE_VERSION_BANNER := $(NWIPE_VERSION) +# Otherwise assume it is a development version by hash +NWIPE_VERSION_BANNER = $(shell printf "%.7s-commit-dev" "$(NWIPE_VERSION)") endif -endif +# Normalize x86_64 to x86-64 for version +NWIPE_VERSION_ARCH = $(if $(filter x86_64,$(NWIPE_BUILD_ARCH)),x86-64,$(NWIPE_BUILD_ARCH)) define NWIPE_UPDATE_VERSION_TXT - @if [ -n "$(NWIPE_VERSION_BANNER)" ]; then \ - echo "Updating version.txt and nwipe banner with Nwipe version: $(NWIPE_VERSION_BANNER)"; \ - sed -i 's/\(.*_\)[^_]*$$/\1$(NWIPE_VERSION_BANNER)/' $(SHREDOS_VERSION_FILE); \ - fi + echo "Updating version.txt: arch=$(NWIPE_VERSION_ARCH) banner=$(NWIPE_VERSION_BANNER)" + sed -i "s/\(.*_\)\(x86-64\|i686\)_.*$$/\1$(NWIPE_VERSION_ARCH)_$(NWIPE_VERSION_BANNER)/" \ + $(SHREDOS_VERSION_FILE) + grep -q "$(NWIPE_VERSION_ARCH)_$(NWIPE_VERSION_BANNER)" $(SHREDOS_VERSION_FILE) || \ + { echo "ERROR: Failed to update version.txt - unexpected format in file?"; exit 1; } endef NWIPE_PRE_CONFIGURE_HOOKS += NWIPE_UPDATE_VERSION_TXT -###### - ################################################################################ # Version architecture nwipe banner updater (pre-build) ################################################################################ -define NWIPE_INITSH - @echo "Updating version.txt and nwipe banner with architecture: $(BR2_ARCH)" - - @if [ "$(BR2_ARCH)" = "i686" ]; then \ - sed -i 's/\(^.*_\)\(x86-64\|i686\)\(_.*\)/\1i686\3/' $(SHREDOS_VERSION_FILE); \ - elif [ "$(BR2_ARCH)" = "x86_64" ]; then \ - sed -i 's/\(^.*_\)\(x86-64\|i686\)\(_.*\)/\1x86-64\3/' $(SHREDOS_VERSION_FILE); \ - else \ - echo "Unsupported architecture: $(BR2_ARCH)"; \ - exit 1; \ - fi - +define NWIPE_INIT_BUILD (cd $(@D) && \ cp ../../../package/nwipe/002-nwipe-banner-patch.sh . && \ ./002-nwipe-banner-patch.sh && \ @@ -72,7 +72,7 @@ endef # Pre-configure hook, as a post-patch hook would not get triggered on a package # reconfigure, and possibly also taint the sources directory with the generated # autogen files (which should not be there). -NWIPE_PRE_CONFIGURE_HOOKS += NWIPE_INITSH +NWIPE_PRE_CONFIGURE_HOOKS += NWIPE_INIT_BUILD $(eval $(autotools-package))