We need to resolve the boot chains another place based on the trusted
assets we encountered to be installed. At this point it could be any chain.
We will need to discover later what the correct chain is.
Also make TrustedAssets return an unsorted data structure to make sure
we do not use the order like the comments claimed.
We know what are the default the default command line so that we can
compute measurement, so there is not much reason to use
`snapd_extra_cmdline_args`. Always using `snapd_full_cmdline_args`
will allow us to filter part of the default command line.
There is a potential bug when filtering all arguments, `grub.cfg` will
just revert to the all the default. We will need to fix it when we
introduce the filtering.
Implement RestartParameters which helps keeping track of tasks that needs to restart and why for a change. It also adds the new logic for performing deferred restarts.
Go 1.19 includes some changes to gofmt which intend to make lists and
heading clearer when rendered (https://go.dev/doc/go1.19). This commit
is the result of running the new gofmt and manually fixing some of it.
This was necessary because the new gofmt assumed lines beginning w/ tabs
to start lists or examples. While this is often true in our codebase,
we occasionally also use tabs to indent the lines after a TODO or FIXME
prefix or in yaml (e.g., excerpts of a snap.yaml). This meant that a lot of the
reformatted comments were broken and had to be fixed manually.
Signed-off-by: Miguel Pires <miguel.pires@canonical.com>
This new interface is needed by piboot for the moment, and makes sure
that we do not reconfigure the bootloader while changing the
environment file from the initramfs.
Add support for the official RPi bootloader, so we can use it instead
of RPi's U-Boot port. The U-Boot port is a community effort, so it has
a series of problems, like:
1. It takes some time until it gets ported when a new RPi model
appears in the market
2. It lacks support for USB drivers so USB is not possible
This commit makes it possible to use RPi bootloader, however there are
some limitations that cannot be directly solved as this firmware is
closed source:
1. We can cold-boot only from the first partition in the disk. This
implies that we need to write boot assets to the ubuntu-seed
partition instead of to ubuntu-boot.
2. The OS updates mechanism depends on a volatile flag that gets
removed in cold boots. That makes it not possible to distinguish
sometimes between failed updates and having power-cycled a device
before really trying a pending update.
3. There is no scripting language for the RPi bootloader. The only
way to influence its behavior is by changes to the
{config,tryboot}.txt files.
The implementation leverages the os_prefix [1] setting in the
bootloader configuration files to select the
kernel/initramfs/dtb/dtbos/cmdline to use in the next
boot. Environment is stored in key=value pairs in text files that are
translated to bootloader configuration when needed (a new kernel is
installed, the run mode changes, etc.). To be able to try new kernels,
fail-safe OS updates are used [2].
[1] https://www.raspberrypi.com/documentation/computers/config_txt.html#os_prefix
[2] https://www.raspberrypi.com/documentation/computers/raspberry-pi.html#fail-safe-os-updates-tryboot
Introduce a structure for passing components of kernel command line. Extend the
structure with a field to carry the full set of arguments. Introduce support in
grub.
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
This is not used anywhere anymore, so let's just drop it. If we need it again,
we can bring it back.
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
bootloader/many: rm ConfigFile, add Present for indicating presence of bloader
Now we have a specific method on the Bootloader interface which tells Find()
whether the specific bootloader is actually present on the current system. This
will simplify future bootloader implementations to be able to return errors when
identifying if a bootloader is present on the system is more complicated a
question than just if the config file for that bootloader exists.
This is required for the UC20 lk bootloader work, where the Present() implementation will be more complicated than just whether a file exists.
This is simpler and avoids from having to maintain the list of names of
bootloaders in three locations, one in the bootloader implementation itself, one
in the gadget.yaml bootloader setting, and one in Find(). Now we just have the
bootloader implementation and the gadget.yaml validator.
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Indicate when the bootloader boot config was updated. This allows the callers to
take a better decision as to whether an update or some other action is required.
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Now we have a specific method on the Bootloader interface which tells Find()
whether the specific bootloader is actually present on the current system. This
will simplify future bootloader implementations to be able to return errors when
identifying if a bootloader is present on the system is more complicated a
question than just if the config file for that bootloader exists.
Signed-off-by: Ian Johnson <ian.johnson@canonical.com>
Address TODO added during UC20 development and use a ForGadget helper when
installing boot configs of a bootloader.
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
