diff --git a/Earthfile b/Earthfile index f7b343be3..db75239a2 100644 --- a/Earthfile +++ b/Earthfile @@ -275,18 +275,8 @@ framework: # Copy bootargs.cfg into the final framework as its needed to boot if its not there IF [ ! -f /framework/etc/cos/bootargs.cfg ] - IF [[ "$FLAVOR" =~ ^alpine* ]] - COPY ./images/alpine/bootargs.cfg /framework/etc/cos/bootargs.cfg - ELSE IF [[ "$FLAVOR" = "ubuntu-20-lts-arm-nvidia-jetson-agx-orin" ]] - COPY ./images/nvidia/bootargs.cfg /framework/etc/cos/bootargs.cfg - ELSE IF [[ "$FLAVOR" =~ "ubuntu" ]] && [[ ! "$FLAVOR" =~ -rpi$ ]] - COPY ./images/debian/bootargs.cfg /framework/etc/cos/bootargs.cfg - ELSE IF [[ "$FLAVOR" =~ ^opensuse-leap$ ]] || [[ "$FLAVOR" =~ ^opensuse-tumbleweed$ ]] # Be specific so it doesnt match the arm-rpi flavors - COPY ./images/opensuse/bootargs.cfg /framework/etc/cos/bootargs.cfg - ELSE IF [[ "$FLAVOR" =~ ^rockylinux* ]] || [[ "$FLAVOR" =~ ^fedora* ]] || [[ "$FLAVOR" =~ ^almalinux* ]] - COPY ./images/redhat/bootargs.cfg /framework/etc/cos/bootargs.cfg - ELSE IF [[ "$FLAVOR" =~ -rpi$ ]] - COPY ./images/rpi/bootargs.cfg /framework/etc/cos/bootargs.cfg + COPY ./images/bootargs.cfg /framework/etc/cos/bootargs.cfg + IF [[ "$FLAVOR" =~ -rpi$ ]] COPY ./images/rpi/config.txt /framework/boot/config.txt ELSE IF [[ "$FLAVOR" =~ ^fips-systemd* ]] # Use a generic one like redhat which has selinux disabled so it can be used on all flavors?? diff --git a/images/Dockerfile.almalinux b/images/Dockerfile.almalinux index c8c57650e..4bfe583f9 100644 --- a/images/Dockerfile.almalinux +++ b/images/Dockerfile.almalinux @@ -46,8 +46,6 @@ RUN dnf install -y \ which \ https://zfsonlinux.org/epel/zfs-release-2-2.el9.noarch.rpm && dnf clean all -COPY redhat/bootargs.cfg /etc/cos/bootargs.cfg - RUN mkdir -p /run/lock RUN touch /usr/libexec/.keep RUN systemctl enable getty@tty1.service diff --git a/images/Dockerfile.alpine b/images/Dockerfile.alpine index dfee968e2..6238ced36 100644 --- a/images/Dockerfile.alpine +++ b/images/Dockerfile.alpine @@ -94,10 +94,8 @@ RUN apk --no-cache add \ bridge \ grub-bios \ rbd-nbd -COPY alpine/bootargs.cfg /etc/cos/bootargs.cfg FROM common as rpicommon -COPY rpi/bootargs.cfg /etc/cos/bootargs.cfg COPY rpi/config.txt /boot/config.txt FROM rpicommon AS rpi3 diff --git a/images/Dockerfile.debian b/images/Dockerfile.debian index f8f104168..8e17f53b3 100644 --- a/images/Dockerfile.debian +++ b/images/Dockerfile.debian @@ -115,7 +115,6 @@ RUN apt-get update \ qemu-guest-agent \ zfsutils-linux \ && apt-get clean && rm -rf /var/lib/apt/lists/* -COPY debian/bootargs.cfg /etc/cos/bootargs.cfg FROM common AS rpicommon RUN sed -i 's/^Components: main.*$/& non-free-firmware/' /etc/apt/sources.list.d/debian.sources @@ -126,7 +125,6 @@ RUN apt-get update \ linux-image-arm64 \ raspi-firmware \ && apt-get clean && rm -rf /var/lib/apt/lists/* -COPY rpi/bootargs.cfg /etc/cos/bootargs.cfg COPY rpi/config.txt /boot/config.txt FROM rpicommon AS rpi3 diff --git a/images/Dockerfile.fedora b/images/Dockerfile.fedora index 62ba84daa..c4e58e27e 100644 --- a/images/Dockerfile.fedora +++ b/images/Dockerfile.fedora @@ -47,8 +47,6 @@ RUN dnf install -y \ which \ zfs && dnf clean all -COPY redhat/bootargs.cfg /etc/cos/bootargs.cfg - RUN mkdir -p /run/lock && \ touch /usr/libexec/.keep && \ systemctl enable getty@tty1.service && \ diff --git a/images/Dockerfile.opensuse-leap b/images/Dockerfile.opensuse-leap index 0edef1738..1f8a57f56 100644 --- a/images/Dockerfile.opensuse-leap +++ b/images/Dockerfile.opensuse-leap @@ -80,7 +80,6 @@ RUN zypper in --force-resolution -y \ lldpd \ qemu-guest-agent \ && zypper cc -COPY opensuse/bootargs.cfg /etc/cos/bootargs.cfg FROM common AS rpicommon RUN zypper in --force-resolution -y \ @@ -107,7 +106,6 @@ RUN zypper in --force-resolution -y \ wireless-tools \ wpa_supplicant \ && zypper cc -COPY rpi/bootargs.cfg /etc/cos/bootargs.cfg COPY rpi/config.txt /boot/config.txt FROM rpicommon as rpi3 diff --git a/images/Dockerfile.opensuse-tumbleweed b/images/Dockerfile.opensuse-tumbleweed index e02af3671..ff387aa4d 100644 --- a/images/Dockerfile.opensuse-tumbleweed +++ b/images/Dockerfile.opensuse-tumbleweed @@ -115,7 +115,6 @@ FROM ${TARGETARCH} AS generic RUN zypper in --force-resolution -y \ qemu-guest-agent \ && zypper cc -COPY opensuse/bootargs.cfg /etc/cos/bootargs.cfg FROM ${TARGETARCH} AS rpicommon RUN zypper in --force-resolution -y \ @@ -128,7 +127,6 @@ RUN zypper in --force-resolution -y \ wireless-tools \ wpa_supplicant \ && zypper cc -COPY rpi/bootargs.cfg /etc/cos/bootargs.cfg COPY rpi/config.txt /boot/config.txt FROM rpicommon AS rpi3 diff --git a/images/Dockerfile.rockylinux b/images/Dockerfile.rockylinux index a7cec2dbf..92dac4ca3 100644 --- a/images/Dockerfile.rockylinux +++ b/images/Dockerfile.rockylinux @@ -47,8 +47,6 @@ RUN dnf install -y \ https://zfsonlinux.org/epel/zfs-release-2-2.el9.noarch.rpm \ && dnf clean all -COPY redhat/bootargs.cfg /etc/cos/bootargs.cfg - RUN mkdir -p /run/lock RUN touch /usr/libexec/.keep RUN systemctl enable getty@tty1.service diff --git a/images/Dockerfile.ubuntu b/images/Dockerfile.ubuntu index a2e58c26c..4163f7097 100644 --- a/images/Dockerfile.ubuntu +++ b/images/Dockerfile.ubuntu @@ -178,13 +178,11 @@ RUN apt-get update && apt-get install -y --no-install-recommends \ linux-base \ qemu-guest-agent \ && apt-get clean && rm -rf /var/lib/apt/lists/* -COPY debian/bootargs.cfg /etc/cos/bootargs.cfg FROM ${TARGETARCH}-${FLAVOR} AS rpicommon RUN apt-get update && apt-get install -y --no-install-recommends \ linux-raspi \ && apt-get clean && rm -rf /var/lib/apt/lists/* -COPY rpi/bootargs.cfg /etc/cos/bootargs.cfg COPY rpi/config.txt /boot/config.txt FROM rpicommon AS ubuntu-20-lts-rpi diff --git a/images/Dockerfile.ubuntu-20-lts-arm-nvidia-jetson-agx-orin b/images/Dockerfile.ubuntu-20-lts-arm-nvidia-jetson-agx-orin index d7a9e3e26..9481f13d2 100644 --- a/images/Dockerfile.ubuntu-20-lts-arm-nvidia-jetson-agx-orin +++ b/images/Dockerfile.ubuntu-20-lts-arm-nvidia-jetson-agx-orin @@ -219,8 +219,6 @@ RUN apt-get install -y libopencv-dev && \ # Drop the repository file installed by apt (we have installed the repository manually above) RUN rm -rf /etc/apt/sources.list.d/nvidia-l4t-apt-source.list -COPY nvidia/bootargs.cfg /etc/cos/bootargs.cfg - # Symlinks to make installer work RUN ln -s /usr/sbin/grub-install /usr/sbin/grub2-install && \ ln -s /usr/bin/grub-editenv /usr/bin/grub2-editenv diff --git a/images/alpine/bootargs.cfg b/images/alpine/bootargs.cfg deleted file mode 100644 index 92f349452..000000000 --- a/images/alpine/bootargs.cfg +++ /dev/null @@ -1,13 +0,0 @@ -if [ -n "$recoverylabel" ]; then - # Boot arguments when the image is used as recovery - set kernelcmd="console=tty1 console=ttyS0 root=live:LABEL=$recoverylabel net.ifnames=1 rd.live.dir=/ rd.live.squashimg=$img panic=5 rd.cos.oemlabel=COS_OEM" -else - # Boot arguments when the image is used as active/passive - set kernelcmd="console=tty1 console=ttyS0 root=LABEL=$label net.ifnames=1 cos-img/filename=$img rd.emergency=reboot rd.shell=0 panic=5 security=selinux rd.cos.oemlabel=COS_OEM selinux=1 fsck.mode=force fsck.repair=yes systemd.crash_reboot=yes" -fi - -# grub.cfg now ships this but during upgrades we do not update the COS_GRUB partition, so no new grub.cfg is copied over there -# We need to keep it for upgrades to work. -# TODO: Deprecate in v2.8-v3.0 -set kernel=/boot/vmlinuz -set initramfs=/boot/initrd \ No newline at end of file diff --git a/images/bootargs.cfg b/images/bootargs.cfg new file mode 100644 index 000000000..a71480e86 --- /dev/null +++ b/images/bootargs.cfg @@ -0,0 +1,64 @@ +function setSelinux { + source (loop0)/etc/os-release + set baseSelinuxCmd="" + if regexp "rockylinux|fedora|almalinux|redhat" $KAIROS_FLAVOR; then + set baseSelinuxCmd="selinux=0" + else + # if not in recovery + if [ -z "$recoverylabel" ];then + set baseSelinuxCmd="security=selinux selinux=1" + fi + fi +} + +function setExtraConsole { + source (loop0)/etc/os-release + set baseExtraConsole="console=ttyS0" + # rpi + if regexp "arm-rpi" $KAIROS_FLAVOR; then + set baseExtraConsole="console=ttyS0,115200" + fi + # nvidia orin + if regexp "arm-nvidia-jetson-agx-orin" $KAIROS_FLAVOR; then + set baseExtraConsole="console=ttyTCU0,115200" + fi +} + +function setExtraArgs { + source (loop0)/etc/os-release + set baseExtraArgs="" + # rpi + if regexp "arm-rpi" $KAIROS_FLAVOR; then + set baseExtraArgs="modprobe.blacklist=vc4 8250.nr_uarts=1" + fi +} + +function setKernelCmd { + # At this point we have the system mounted under (loop0) + # + # baseCmd -> Shared between all entries + # baseRootCmd -> specific bits that immucore uses to mount the boot devices and identify the image to mount + # baseSelinuxCmd -> selinux enabled/disabled + # baseExtraConsole -> extra console to set + # baseExtraArgs -> extra needed args + set baseCmd="console=tty1 net.ifnames=1 rd.cos.oemlabel=COS_OEM rd.cos.oemtimeout=10 panic=5 rd.emergency=reboot rd.shell=0 systemd.crash_reboot=yes" + if [ -n "$recoverylabel" ]; then + set baseRootCmd="root=live:LABEL=$recoverylabel rd.live.dir=/ rd.live.squashimg=$img" + else + set baseRootCmd="root=LABEL=$label cos-img/filename=$img" + fi + setSelinux + setExtraConsole + setExtraArgs + # finally set the full cmdline + set kernelcmd="$baseCmd $baseRootCmd $baseSelinuxCmd $baseExtraConsole $baseExtraArgs" +} + + +# grub.cfg now ships this but during upgrades we do not update the COS_GRUB partition, so no new grub.cfg is copied over there +# We need to keep it for upgrades to work. +# TODO: Deprecate in v2.8-v3.0 +set kernel=/boot/vmlinuz +set initramfs=/boot/initrd +# set the kernelcmd dynamically +setKernelCmd \ No newline at end of file diff --git a/images/debian/bootargs.cfg b/images/debian/bootargs.cfg deleted file mode 100644 index 9a84487ca..000000000 --- a/images/debian/bootargs.cfg +++ /dev/null @@ -1,11 +0,0 @@ -if [ -n "$recoverylabel" ]; then - set kernelcmd="console=tty1 console=ttyS0 root=live:LABEL=$recoverylabel rd.live.dir=/ rd.live.squashimg=$img panic=5 rd.cos.oemlabel=COS_OEM" -else - set kernelcmd="console=tty1 console=ttyS0 root=LABEL=$label cos-img/filename=$img panic=5 security=selinux selinux=1 rd.cos.oemlabel=COS_OEM rd.neednet=0 vga=795" -fi - -# grub.cfg now ships this but during upgrades we do not update the COS_GRUB partition, so no new grub.cfg is copied over there -# We need to keep it for upgrades to work. -# TODO: Deprecate in v2.8-v3.0 -set kernel=/boot/vmlinuz -set initramfs=/boot/initrd \ No newline at end of file diff --git a/images/nvidia/bootargs.cfg b/images/nvidia/bootargs.cfg deleted file mode 100644 index ff705f4ee..000000000 --- a/images/nvidia/bootargs.cfg +++ /dev/null @@ -1,11 +0,0 @@ -if [ -n "$recoverylabel" ]; then - set kernelcmd="console=tty1 console=ttyTCU0,115200 root=live:LABEL=$recoverylabel net.ifnames=1 rd.live.dir=/ rd.live.squashimg=$img panic=5 rd.cos.oemtimeout=10" -else - set kernelcmd="console=tty1 console=ttyTCU0,115200 root=LABEL=$label net.ifnames=1 cos-img/filename=$img panic=5 security=selinux selinux=1 rd.cos.oemtimeout=10 rd.cos.oemlabel=COS_OEM" -fi - -# grub.cfg now ships this but during upgrades we do not update the COS_GRUB partition, so no new grub.cfg is copied over there -# We need to keep it for upgrades to work. -# TODO: Deprecate in v2.8-v3.0 -set kernel=/boot/vmlinuz -set initramfs=/boot/initrd \ No newline at end of file diff --git a/images/opensuse/bootargs.cfg b/images/opensuse/bootargs.cfg deleted file mode 100644 index 92f349452..000000000 --- a/images/opensuse/bootargs.cfg +++ /dev/null @@ -1,13 +0,0 @@ -if [ -n "$recoverylabel" ]; then - # Boot arguments when the image is used as recovery - set kernelcmd="console=tty1 console=ttyS0 root=live:LABEL=$recoverylabel net.ifnames=1 rd.live.dir=/ rd.live.squashimg=$img panic=5 rd.cos.oemlabel=COS_OEM" -else - # Boot arguments when the image is used as active/passive - set kernelcmd="console=tty1 console=ttyS0 root=LABEL=$label net.ifnames=1 cos-img/filename=$img rd.emergency=reboot rd.shell=0 panic=5 security=selinux rd.cos.oemlabel=COS_OEM selinux=1 fsck.mode=force fsck.repair=yes systemd.crash_reboot=yes" -fi - -# grub.cfg now ships this but during upgrades we do not update the COS_GRUB partition, so no new grub.cfg is copied over there -# We need to keep it for upgrades to work. -# TODO: Deprecate in v2.8-v3.0 -set kernel=/boot/vmlinuz -set initramfs=/boot/initrd \ No newline at end of file diff --git a/images/redhat/bootargs.cfg b/images/redhat/bootargs.cfg deleted file mode 100644 index 01feeb034..000000000 --- a/images/redhat/bootargs.cfg +++ /dev/null @@ -1,13 +0,0 @@ -if [ -n "$recoverylabel" ]; then - # Boot arguments when the image is used as recovery - set kernelcmd="console=tty1 console=ttyS0 root=live:LABEL=$recoverylabel rd.live.dir=/ rd.live.squashimg=$img panic=5 selinux=0 rd.cos.oemlabel=COS_OEM" -else - # Boot arguments when the image is used as active/passive - set kernelcmd="console=tty1 console=ttyS0 root=LABEL=$label net.ifnames=1 cos-img/filename=$img panic=5 rd.cos.oemlabel=COS_OEM selinux=0" -fi - -# grub.cfg now ships this but during upgrades we do not update the COS_GRUB partition, so no new grub.cfg is copied over there -# We need to keep it for upgrades to work. -# TODO: Deprecate in v2.8-v3.0 -set kernel=/boot/vmlinuz -set initramfs=/boot/initrd \ No newline at end of file diff --git a/images/rpi/bootargs.cfg b/images/rpi/bootargs.cfg deleted file mode 100644 index 89d3cecdc..000000000 --- a/images/rpi/bootargs.cfg +++ /dev/null @@ -1,23 +0,0 @@ -# Note on RPI bootargs -# We additionally set modprobe.blacklist=vc4 as certain Displays are not supported by vc4. -# As kairos main target is cloud and not graphics usage, we blacklist it to avoid -# that the HDMI output goes off due to drivers kicking during boot. vc4 is required where graphics -# or video playback is needed, which is not the case in this example here. -# A similar workaround could be applied at config.txt level, by diabling the vc4 overlay. -# See also: https://en.opensuse.org/HCL:Raspberry_Pi3#I_see_HDMI_output_in_U-Boot.2C_but_not_in_Linux , -# https://en.opensuse.org/HCL:Raspberry_Pi3#DSI_output_not_supported_by_VC4_driver, -# https://bugzilla.opensuse.org/show_bug.cgi?id=1181683 and https://github.com/raspberrypi/linux/issues/4020 -# Regarding 8250.nr_uarts : https://forums.raspberrypi.com/viewtopic.php?t=246215#p1659905 -# If not set, ttyS0 produces this error in journalctl (and serial doesn't work): -# bcm2835-aux-uart: probe of fe215040.serial failed with error -28 -if [ -n "$recoverylabel" ]; then - set kernelcmd="console=tty1 console=ttyS0,115200 root=live:LABEL=$recoverylabel net.ifnames=1 rd.live.dir=/ rd.live.squashimg=$img panic=5 modprobe.blacklist=vc4 rd.cos.oemtimeout=10 8250.nr_uarts=1" -else - set kernelcmd="console=tty1 console=ttyS0,115200 root=LABEL=$label net.ifnames=1 cos-img/filename=$img panic=5 security=selinux selinux=1 modprobe.blacklist=vc4 rd.cos.oemtimeout=10 rd.cos.oemlabel=COS_OEM 8250.nr_uarts=1" -fi - -# grub.cfg now ships this but during upgrades we do not update the COS_GRUB partition, so no new grub.cfg is copied over there -# We need to keep it for upgrades to work. -# TODO: Deprecate in v2.8-v3.0 -set kernel=/boot/vmlinuz -set initramfs=/boot/initrd \ No newline at end of file