diff options
| author | Alyssa Ross <hi@alyssa.is> | 2021-12-08 20:06:39 +0000 |
|---|---|---|
| committer | Alyssa Ross <hi@alyssa.is> | 2021-12-12 00:37:05 +0000 |
| commit | e4add51bc949841c85edd45a8d7ae7a22825a8aa (patch) | |
| tree | 32ce262fc5d5f26ee392f5ce9350c431c80636b5 /etc/init | |
| parent | 23da945052085a9f3f4829c68adb49edb5be9582 (diff) | |
| download | spectrum-e4add51bc949841c85edd45a8d7ae7a22825a8aa.tar spectrum-e4add51bc949841c85edd45a8d7ae7a22825a8aa.tar.gz spectrum-e4add51bc949841c85edd45a8d7ae7a22825a8aa.tar.bz2 spectrum-e4add51bc949841c85edd45a8d7ae7a22825a8aa.tar.lz spectrum-e4add51bc949841c85edd45a8d7ae7a22825a8aa.tar.xz spectrum-e4add51bc949841c85edd45a8d7ae7a22825a8aa.tar.zst spectrum-e4add51bc949841c85edd45a8d7ae7a22825a8aa.zip | |
Discover partitions by UUID
The Spectrum installer is essentially a NixOS system, with a partition containing a Spectrum live image. The installer's bootloader also supports trying out Spectrum by loopback mounting the live image, and chainloading its bootloader. But in this case, LoaderDevicePartUUID is still set to the installer's bootloader, so discovering the rootfs by looking on the same disk won't work. Since we're using dm-verity, and know the contents of the filesystem upfront thanks to the verity hash, we can take advantage of the Discoverable Partitions Specification[1]'s recommendation to just use the head of the verity hash as the root partition UUID, and the tail as the verity partition UUID, and discover them based on that. In addition to making it possible to try out Spectrum from the installer, this gives us a nice reduction in complexity. [1]: https://systemd.io/DISCOVERABLE_PARTITIONS/
Diffstat (limited to 'etc/init')
| -rwxr-xr-x | etc/init | 40 |
1 files changed, 14 insertions, 26 deletions
diff --git a/etc/init b/etc/init index a654b87..503db2c 100755 --- a/etc/init +++ b/etc/init @@ -4,7 +4,16 @@ export PATH /bin if { mount -a } -if { mkfifo /dev/esp.poll } +piperw 3 4 +if { fdmove 1 4 /etc/getuuids } +fdclose 4 +# head -1 would be clearer, but it might use buffered I/O and consume +# too much from the fifo. Ideally we'd have line(1) from illumos. +backtick ROOTFS_UUID { fdmove 0 3 dd count=1 bs=37 status=none } +backtick VERITY_UUID { fdmove 0 3 dd count=1 bs=37 status=none } +fdclose 3 + +if { mkfifo /dev/rootfs.poll } background { fdclose 3 @@ -14,7 +23,7 @@ background { if { modprobe ext4 } if { - redirfd -r 0 /dev/esp.poll + redirfd -r 0 /dev/rootfs.poll redirfd -w 1 /dev/null head -c 1 } @@ -22,35 +31,14 @@ background { importas -iu mdevd_pid ! kill $mdevd_pid } -background { rm /dev/esp.poll } +background { rm /dev/rootfs.poll } if { - backtick -E diskname { - backtick -E diskpath { - backtick -E partpath { - backtick -E partname { readlink /dev/esp } - realpath /sys/class/block/${partname} - } - realpath ${partpath}/.. - } - basename $diskpath - } - - backtick -E rootdev { - pipeline { lsblk -lnpo PARTTYPE,NAME /dev/${diskname} } - awk "$1 == \"4f68bce3-e8cd-4db1-96e7-fbcaf984b709\" { print $2 }" - } - - backtick -E hashdev { - pipeline { lsblk -lnpo PARTTYPE,NAME /dev/${diskname} } - awk "$1 == \"2c7357ed-ebd2-46d9-aec1-23d437ec2bf5\" { print $2 }" - } - importas -i roothash roothash - veritysetup open $rootdev root-verity $hashdev $roothash + veritysetup open /dev/rootfs root-verity /dev/verity $roothash } -background { rm /dev/esp } +background { rm /dev/rootfs /dev/verity } if { mount /dev/mapper/root-verity /mnt } if { mount --move /proc /mnt/proc } |