From d7260639caa9f2762e40ba9c8d8c9ea16344ef1d Mon Sep 17 00:00:00 2001 From: ading2210 Date: Fri, 26 Apr 2024 21:20:51 -0700 Subject: [PATCH 01/17] add nissa as a prebuilt --- .github/workflows/build-image.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-image.yaml b/.github/workflows/build-image.yaml index b189a7e..78028d7 100644 --- a/.github/workflows/build-image.yaml +++ b/.github/workflows/build-image.yaml @@ -9,7 +9,7 @@ jobs: strategy: matrix: - board: [dedede, octopus, coral, grunt] + board: [dedede, octopus, coral, grunt, nissa] runs-on: ubuntu-latest steps: From b26505849cbc0f54f5405ebab425eb1fb97b5efc Mon Sep 17 00:00:00 2001 From: ading2210 Date: Fri, 26 Apr 2024 21:36:03 -0700 Subject: [PATCH 02/17] conserve disk space in the actions runner --- .github/workflows/build-image.yaml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-image.yaml b/.github/workflows/build-image.yaml index 78028d7..0bb6ab5 100644 --- a/.github/workflows/build-image.yaml +++ b/.github/workflows/build-image.yaml @@ -13,11 +13,18 @@ jobs: runs-on: ubuntu-latest steps: + - name: Maximize build space + uses: easimon/maximize-build-space@master + with: + root-reserve-mb: 1024 + swap-size-mb: 1024 + remove-dotnet: 'true' + - name: download repo uses: actions/checkout@v4 - name: run build - run: sudo DEBUG=1 ./build_complete.sh ${{ matrix.board }} compress_img=1 quiet=1 + run: sudo DEBUG=1 ./build_complete.sh ${{ matrix.board }} quiet=1 - name: upload img uses: actions/upload-artifact@v4 From 8c522cd61587a082fe6ed9ff57169d7ca6fee663 Mon Sep 17 00:00:00 2001 From: ading2210 Date: Mon, 29 Apr 2024 00:53:01 -0700 Subject: [PATCH 03/17] fix handling of compressed kernel modules --- README.md | 51 +++++++++++++------------------------ bootloader/bin/bootstrap.sh | 2 +- patch_rootfs.sh | 11 +++++--- website/index.html | 3 ++- 4 files changed, 28 insertions(+), 39 deletions(-) diff --git a/README.md b/README.md index f12ef80..aa78eef 100644 --- a/README.md +++ b/README.md @@ -22,49 +22,34 @@ Note that rootfs partitions have to be named `shimboot_rootfs:` for th ## Status: Driver support depends on the device you are using shimboot on. This list is for the [`dedede`](https://chrome100.dev/board/dedede/) board, which is the only device I was able to do extensive testing on. The `patch_rootfs.sh` script attempts to copy all the firmware from the shim and recovery image into the rootfs, so expect most things to work on other boards. -### What Works: -- Booting Chrome OS -- Systemd -- X11 -- XFCE -- Backlight -- Touchscreen -- 3D acceleration -- Bluetooth -- Zram -- Wifi -- Booting a squashfs -- Webcam +### Device Compatibility Table: +| Feature \ Board Name | [`dedede`](https://chrome100.dev/board/dedede/) | [`octopus`](https://chrome100.dev/board/octopus/) | [`reks`](https://chrome100.dev/board/reks/) | [`nissa`](https://chrome100.dev/board/nissa/) | +|----------------------|-------------------------------------------------|---------------------------------------------------|---------------------------------------------|-----------------------------------------------| +| X11 | yes | yes | no (kernel too old) | yes | +| Wifi | yes | yes | yes | yes | +| Internal Audio | no | yes | untested | no | +| Backlight | yes | yes | untested | yes | +| Touchscreen | yes | yes | untested | yes | +| 3D Acceleration | yes | yes | no | yes | +| Bluetooth | yes | yes | untested | yes | +| Webcam | yes | yes | untested | yes | -### What Doesn't Work: -- Audio (due to a firmware bug on `dedede`, this works just fine on `octopus`) +This table is incomplete. If you want to contribute a device compatibility report please create a new issue on the Github repository. + +On all devices, the following features will not work: - Suspend (disabled by the kernel) - Swap (disabled by the kernel) -### Development Roadmap: -- ~~build the image automatically~~ -- ~~boot to a shell~~ -- ~~switch_root into an actual rootfs~~ -- ~~start X11 in the actual rootfs~~ -- ~~ui improvements in the bootloader~~ -- ~~load all needed drivers~~ -- ~~autostart X11~~ -- ~~host repo for patched systemd packages~~ -- ~~use debootstrap to install debian~~ -- ~~prompt user for hostname and account when creating the rootfs~~ -- ~~auto load iwlmvm~~ -- ~~get wifi fully working~~ -- ~~host prebuilt images~~ -- ~~write detailed documentation~~ +### TODO: - Finish Python TUI rewrite - -### Long Term Goals: - Transparent disk compression - Full disk encryption - eliminate binwalk dependency - get audio to work - get kexec working +PRs and contributions are welcome to help implement these features. + ## Usage: ### Prerequisites: @@ -88,7 +73,7 @@ Alternatively, you can run each of the steps manually: 7. Run `sudo ./build.sh image.bin path_to_shim data/rootfs` to generate a disk image at `image.bin`. ### Booting the Image: -1. Obtain a shimboot image by downloading a [prebuilt one](https://github.com/ading2210/shimboot/actions?query=branch%3Amain) or building it yourself. +1. Obtain a shimboot image by downloading a [prebuilt one](https://github.com/ading2210/shimboot/releases) or building it yourself. 2. Flash the shimboot image to a USB drive or SD card. Use the [Chromebook Recovery Utility](https://chrome.google.com/webstore/detail/chromebook-recovery-utili/pocpnlppkickgojjlmhdmidojbmbodfm) or [dd](https://linux.die.net/man/1/dd) if you're on Linux. 3. Enable developer mode on your Chromebook. If the Chromebook is enrolled, follow the instructions on the [sh1mmer website](https://sh1mmer.me) (see the "Executing on Chromebook" section). 4. Plug the USB into your Chromebook and enter recovery mode. It should detect the USB and run the shimboot bootloader. diff --git a/bootloader/bin/bootstrap.sh b/bootloader/bin/bootstrap.sh index 669cb63..1a8862b 100755 --- a/bootloader/bin/bootstrap.sh +++ b/bootloader/bin/bootstrap.sh @@ -80,7 +80,7 @@ move_mounts() { print_license() { cat << EOF -Shimboot v1.0.0 +Shimboot v1.0.1 ading2210/shimboot: Boot desktop Linux from a Chrome OS RMA shim. Copyright (C) 2023 ading2210 diff --git a/patch_rootfs.sh b/patch_rootfs.sh index 101b19a..4cd5518 100755 --- a/patch_rootfs.sh +++ b/patch_rootfs.sh @@ -7,16 +7,16 @@ if [ "$DEBUG" ]; then set -x fi +. ./common.sh . ./image_utils.sh print_help() { echo "Usage: ./patch_rootfs.sh shim_path reco_path rootfs_dir" } -if [ "$EUID" -ne 0 ]; then - echo "this needs to be run as root." - exit 1 -fi +assert_root +assert_deps "git gunzip" +assert_args "$3" if [ -z "$3" ]; then print_help @@ -39,6 +39,9 @@ copy_modules() { mkdir -p "${target_rootfs}/etc/modprobe.d/" cp -r "${reco_rootfs}/lib/modprobe.d/"* "${target_rootfs}/lib/modprobe.d/" cp -r "${reco_rootfs}/etc/modprobe.d/"* "${target_rootfs}/etc/modprobe.d/" + + #decompress kernel modules if necessary - debian won't recognize these otherwise + find "${target_rootfs}/lib/modules" -name "*.gz" | xargs gunzip } copy_firmware() { diff --git a/website/index.html b/website/index.html index 8e86a72..e2ceb7e 100644 --- a/website/index.html +++ b/website/index.html @@ -68,7 +68,7 @@ Another problem is encountered at this stage: the Chrome OS kernel will complain After copying all the firmware from the recovery image and shim to the rootfs, we're able to boot to a mostly working XFCE desktop. Prebuilt Images: -Prebuilt images are available here. If there is not a prebuilt image for your board, you must manually build the shimboot image. +Prebuilt images are available here. If there is not a prebuilt image for your board, you must manually build the shimboot image. For these images, the root password is "root". The name of the default user is "user" and its password is "user" as well. You should change these credentials as soon as possible. @@ -92,6 +92,7 @@ Alternatively, you can run each of the steps manually: 4. Plug the USB into your Chromebook and enter recovery mode. It should detect the USB and run the shimboot bootloader. 5. Boot into Debian and log in with the username and password that you configured earlier. The default username/password for the prebuilt images is `user/user`. 6. Expand the rootfs partition so that it fills up the entire disk by running `sudo growpart /dev/sdX 4` (replacing `sdX` with the block device corresponding to your disk) to expand the partition, then running `sudo resize2fs /dev/sdX4` to expand the filesystem. +7. Change the root password and regular user password by running `sudo passwd root` and `passwd user`. Copyright: Shimboot is licensed under the GNU GPL v3. Unless otherwise indicated, all code has been written by me, ading2210. From 1bc54d785b02992b598f97686929e2bfa45a5694 Mon Sep 17 00:00:00 2001 From: ading2210 Date: Mon, 29 Apr 2024 01:17:45 -0700 Subject: [PATCH 04/17] improve documentation --- README.md | 31 +++++++++++++++++++++++-------- 1 file changed, 23 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index aa78eef..455aae8 100644 --- a/README.md +++ b/README.md @@ -2,15 +2,26 @@ Shimboot is a collection of scripts for patching a Chrome OS RMA shim to serve as a bootloader for a standard Linux distribution. It allows you to boot a full desktop Debian install on a Chromebook, without needing to unenroll it or modify the firmware. +## Features: +- Run a full Debian installation on a Chromebook +- Does not modify the firmware +- Works on enterprise enrolled devices +- Can boot Chrome OS with no restrictions (useful for enrolled devices) +- Nearly full device compatibility +- Optional disk compression +- Multiple desktop environments supported + ## About: Chrome OS RMA shims are bootable disk images which are designed to run a variety of diagnostic utilities on Chromebooks, and they'll work even if the device is enterprise enrolled. Unfortunately for Google, there exists a [security flaw](https://sh1mmer.me/) where the root filesystem of the RMA shim is not verified. This lets us replace the rootfs with anything we want, including a full Linux distribution. -Simply replacing the shim's rootfs doesn't work, as it boots in an environment friendly to the RMA shim, not regular Linux distros. To get around this, a separate bootloader is required to transition from the shim environment to the main rootfs. This bootloader then does `pivot_root` to enter the rootfs, where it then starts the init system. +Simply replacing the shim's rootfs doesn't work, as it boots in an environment friendly to the RMA shim, not regular Linux distros. To get around this, a separate bootloader is required to transition from the shim environment to the main rootfs. This bootloader then runs `pivot_root` to enter the rootfs, where it then starts the init system. Another problem is encountered at this stage: the Chrome OS kernel will complain about systemd's mounts, and the boot process will hang. A simple workaround is to [apply a patch](https://github.com/ading2210/chromeos-systemd) to systemd, and then it can be recompiled and hosted at a [repo somewhere](https://github.com/ading2210/shimboot-repo). After copying all the firmware from the recovery image and shim to the rootfs, we're able to boot to a mostly working XFCE desktop. +The main advantages of this approach are that you don't need to touch the device's firmware in order to run Linux. Simply rebooting and unplugging the USB drive will return the device to normal, which can be useful if the device is enterprise enrolled. However, since we are stuck with the kernel from the RMA shim, some features such as audio and suspend may not work. + ### Partition Layout: 1. 1MB dummy stateful partition 2. 32MB Chrome OS kernel @@ -20,7 +31,7 @@ After copying all the firmware from the recovery image and shim to the rootfs, w Note that rootfs partitions have to be named `shimboot_rootfs:` for the bootloader to recognize them. ## Status: -Driver support depends on the device you are using shimboot on. This list is for the [`dedede`](https://chrome100.dev/board/dedede/) board, which is the only device I was able to do extensive testing on. The `patch_rootfs.sh` script attempts to copy all the firmware from the shim and recovery image into the rootfs, so expect most things to work on other boards. +Driver support depends on the device you are using shimboot on. The `patch_rootfs.sh` script attempts to copy all the firmware and drivers from the shim and recovery image into the rootfs, so expect most things to work on other boards. ARM Chromebooks are not supported at the moment. ### Device Compatibility Table: | Feature \ Board Name | [`dedede`](https://chrome100.dev/board/dedede/) | [`octopus`](https://chrome100.dev/board/octopus/) | [`reks`](https://chrome100.dev/board/reks/) | [`nissa`](https://chrome100.dev/board/nissa/) | @@ -41,12 +52,14 @@ On all devices, the following features will not work: - Swap (disabled by the kernel) ### TODO: -- Finish Python TUI rewrite +- Finish Python TUI rewrite (see the `python` branch if you want to help with this) - Transparent disk compression - Full disk encryption -- eliminate binwalk dependency -- get audio to work -- get kexec working +- Support for more distros (Ubuntu and Arch maybe) +- Support for ARM based Chromebooks (see [issue #8](https://github.com/ading2210/shimboot/issues/8)) +- Eliminate binwalk dependency +- Get audio to work on dedede +- Get kexec working PRs and contributions are welcome to help implement these features. @@ -72,6 +85,8 @@ Alternatively, you can run each of the steps manually: 6. Run `sudo ./patch_rootfs.sh path_to_shim path_to_reco data/rootfs` to patch the base rootfs and add any needed drivers. 7. Run `sudo ./build.sh image.bin path_to_shim data/rootfs` to generate a disk image at `image.bin`. +[Prebuilt images](https://github.com/ading2210/shimboot/releases) are available if you don't have a suitable device to run the build on. + ### Booting the Image: 1. Obtain a shimboot image by downloading a [prebuilt one](https://github.com/ading2210/shimboot/releases) or building it yourself. 2. Flash the shimboot image to a USB drive or SD card. Use the [Chromebook Recovery Utility](https://chrome.google.com/webstore/detail/chromebook-recovery-utili/pocpnlppkickgojjlmhdmidojbmbodfm) or [dd](https://linux.die.net/man/1/dd) if you're on Linux. @@ -84,9 +99,9 @@ Alternatively, you can run each of the steps manually: ## FAQ: #### I want to use a different Linux distribution. How can I do that? -Using any Linux distro is possible, provided that you apply the [proper patches](https://github.com/ading2210/chromeos-systemd) to systemd and recompile it. Most distros have some sort of bootstrapping tool that allows you to install it to a directory on your host PC. Then, you can just pass that rootfs dir into `build.sh`. +Using any Linux distro is possible, provided that you apply the [proper patches](https://github.com/ading2210/chromeos-systemd) to systemd and recompile it. Most distros have some sort of bootstrapping tool that allows you to install it to a directory on your host PC. Then, you can just pass that rootfs directory into `patch_rootfs.sh` and `build.sh`. -Debian Sid (the unstable rolling release version of Debian) is also supported if you just want newer packages, and you can install it by passing an argument to `build_rootfs.sh`: +Debian Sid (the rolling release version of Debian) is also supported if you just want newer packages, and you can install it by passing an argument to `build_rootfs.sh`: ```bash sudo ./build_rootfs.sh data/rootfs unstable ``` From 88a7d10b120551b4b1f89935012c83545bcc4c8d Mon Sep 17 00:00:00 2001 From: ading2210 <71154407+ading2210@users.noreply.github.com> Date: Mon, 29 Apr 2024 01:52:16 -0700 Subject: [PATCH 05/17] Update issue templates --- .github/ISSUE_TEMPLATE/bug_report.md | 36 +++++++++++++++++++ .../device-compatibility-report.md | 21 +++++++++++ .github/ISSUE_TEMPLATE/feature_request.md | 20 +++++++++++ 3 files changed, 77 insertions(+) create mode 100644 .github/ISSUE_TEMPLATE/bug_report.md create mode 100644 .github/ISSUE_TEMPLATE/device-compatibility-report.md create mode 100644 .github/ISSUE_TEMPLATE/feature_request.md diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md new file mode 100644 index 0000000..3db17d5 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -0,0 +1,36 @@ +--- +name: Bug report +about: Create a report to help us improve +title: '' +labels: bug +assignees: '' + +--- + +**Describe the bug** +A clear and concise description of what the bug is. + +**To Reproduce** +Steps to reproduce the behavior: +1. Go to '...' +2. Click on '....' +3. Scroll down to '....' +4. See error + +**Expected behavior** +A clear and concise description of what you expected to happen. + +**Screenshots / Photos** +If applicable, add screenshots or photos to help explain your problem. + +**Target Chrome OS Device (please complete the following information):** + - Board Name (e.g. dedede) + - Device Name (e.g. drawcia) + - Shimboot version (e.g. v1.0.1) + +**Build Device (please complete the following information):** + - OS: [e.g. Debian 12] + - Neofetch out [run `neofetch --stdout` and paste it here] + +**Additional context** +Add any other context about the problem here. diff --git a/.github/ISSUE_TEMPLATE/device-compatibility-report.md b/.github/ISSUE_TEMPLATE/device-compatibility-report.md new file mode 100644 index 0000000..7242831 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/device-compatibility-report.md @@ -0,0 +1,21 @@ +--- +name: Device Compatibility Report +about: Report your experiences using Shimboot on a previously untested device. +title: 'Device compatibility report for: (device name)' +labels: documentation +assignees: '' + +--- + +This template is not meant to be used if Shimboot fails completely. Submit a bug report instead. + +**Compatibility Info**: +- Board Name: (e.g. octopus) +- X11: yes/no/untested +- Wifi: yes/no/untested +- Internal Audio: yes/no/untested +- Backlight: yes/no/untested +- Touchscreen: yes/no/untested +- 3D acceleration: yes/no/untested +- Bluetooth: yes/no/untested +- Webcam: yes/no/untested diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md new file mode 100644 index 0000000..11fc491 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request.md @@ -0,0 +1,20 @@ +--- +name: Feature request +about: Suggest an idea for this project +title: '' +labels: enhancement +assignees: '' + +--- + +**Is your feature request related to a problem? Please describe.** +A clear and concise description of what the problem is. Ex. I'm always frustrated when [...] + +**Describe the solution you'd like** +A clear and concise description of what you want to happen. + +**Describe alternatives you've considered** +A clear and concise description of any alternative solutions or features you've considered. + +**Additional context** +Add any other context or screenshots about the feature request here. From d6e17916c4f3d675513ca99d43755656af4acce2 Mon Sep 17 00:00:00 2001 From: ading2210 Date: Mon, 29 Apr 2024 02:02:30 -0700 Subject: [PATCH 06/17] fix build script oversight, improve documentation --- .github/workflows/build-image.yaml | 2 +- README.md | 7 ++++++- patch_rootfs.sh | 15 ++++----------- 3 files changed, 11 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build-image.yaml b/.github/workflows/build-image.yaml index 0bb6ab5..c58f4c7 100644 --- a/.github/workflows/build-image.yaml +++ b/.github/workflows/build-image.yaml @@ -24,7 +24,7 @@ jobs: uses: actions/checkout@v4 - name: run build - run: sudo DEBUG=1 ./build_complete.sh ${{ matrix.board }} quiet=1 + run: sudo DEBUG=1 ./build_complete.sh ${{ matrix.board }} compress_img=1 quiet=1 - name: upload img uses: actions/upload-artifact@v4 diff --git a/README.md b/README.md index 455aae8..fa22df1 100644 --- a/README.md +++ b/README.md @@ -47,6 +47,10 @@ Driver support depends on the device you are using shimboot on. The `patch_rootf This table is incomplete. If you want to contribute a device compatibility report please create a new issue on the Github repository. +On all devices, expect the following features to work: +- Zram (compressed memory) +- Disk compression with squashfs + On all devices, the following features will not work: - Suspend (disabled by the kernel) - Swap (disabled by the kernel) @@ -67,7 +71,8 @@ PRs and contributions are welcome to help implement these features. ### Prerequisites: - A separate Linux PC for the build process (preferably something Debian-based) -- A USB that is at least 8GB in size + - WSL2 is supported if you are on Windows +- A USB drive that is at least 8GB in size - At least 20GB of free disk space - An x86-based Chromebook diff --git a/patch_rootfs.sh b/patch_rootfs.sh index 4cd5518..be12f50 100755 --- a/patch_rootfs.sh +++ b/patch_rootfs.sh @@ -2,11 +2,6 @@ #patch the target rootfs to add any needed drivers -set -e -if [ "$DEBUG" ]; then - set -x -fi - . ./common.sh . ./image_utils.sh @@ -18,11 +13,6 @@ assert_root assert_deps "git gunzip" assert_args "$3" -if [ -z "$3" ]; then - print_help - exit 1 -fi - copy_modules() { local shim_rootfs=$(realpath -m $1) local reco_rootfs=$(realpath -m $2) @@ -41,7 +31,10 @@ copy_modules() { cp -r "${reco_rootfs}/etc/modprobe.d/"* "${target_rootfs}/etc/modprobe.d/" #decompress kernel modules if necessary - debian won't recognize these otherwise - find "${target_rootfs}/lib/modules" -name "*.gz" | xargs gunzip + local compressed_files="$(find "${target_rootfs}/lib/modules" -name '*.gz')" + if [ "$compressed_files" ]; then + find "${target_rootfs}/lib/modules" -name "*.gz" | xargs gunzip -k + fi } copy_firmware() { From adf8546c308f31eff5392ae58e10e182051dd96b Mon Sep 17 00:00:00 2001 From: ading2210 Date: Mon, 29 Apr 2024 10:27:08 -0700 Subject: [PATCH 07/17] run depmod after decompressing modules --- .github/workflows/build-image.yaml | 6 ++++-- patch_rootfs.sh | 8 ++++++-- website/index.html | 2 +- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-image.yaml b/.github/workflows/build-image.yaml index c58f4c7..e5f4fb8 100644 --- a/.github/workflows/build-image.yaml +++ b/.github/workflows/build-image.yaml @@ -16,9 +16,11 @@ jobs: - name: Maximize build space uses: easimon/maximize-build-space@master with: - root-reserve-mb: 1024 + root-reserve-mb: 4096 swap-size-mb: 1024 remove-dotnet: 'true' + remove-android: 'true' + remove-haskell: 'true' - name: download repo uses: actions/checkout@v4 @@ -31,7 +33,7 @@ jobs: with: name: shimboot_${{ matrix.board }} path: data/shimboot_${{ matrix.board }}.bin - compression-level: 9 + compression-level: 7 - name: create release uses: softprops/action-gh-release@v1 diff --git a/patch_rootfs.sh b/patch_rootfs.sh index be12f50..ae679ca 100755 --- a/patch_rootfs.sh +++ b/patch_rootfs.sh @@ -10,7 +10,7 @@ print_help() { } assert_root -assert_deps "git gunzip" +assert_deps "git gunzip depmod" assert_args "$3" copy_modules() { @@ -33,7 +33,11 @@ copy_modules() { #decompress kernel modules if necessary - debian won't recognize these otherwise local compressed_files="$(find "${target_rootfs}/lib/modules" -name '*.gz')" if [ "$compressed_files" ]; then - find "${target_rootfs}/lib/modules" -name "*.gz" | xargs gunzip -k + echo "$compressed_files" | xargs gunzip + for kernel_dir in "$target_rootfs/lib/modules/"*; do + local version="$(basename "$kernel_dir")" + depmod -b "$target_rootfs" "$version" + done fi } diff --git a/website/index.html b/website/index.html index e2ceb7e..6e35731 100644 --- a/website/index.html +++ b/website/index.html @@ -86,7 +86,7 @@ Alternatively, you can run each of the steps manually: 6. Run `sudo ./build.sh image.bin path_to_shim data/rootfs` to generate a disk image at `image.bin`. Booting the Image: -1. Obtain a shimboot image by downloading a prebuilt one or building it yourself. +1. Obtain a shimboot image by downloading a prebuilt one or building it yourself. 2. Flash the shimboot image to a USB drive or SD card. Use the Chromebook Recovery Utility or dd if you're on Linux. 3. Enable developer mode on your Chromebook. If the Chromebook is enrolled, follow the instructions on the sh1mmer website (see the "Executing on Chromebook" section). 4. Plug the USB into your Chromebook and enter recovery mode. It should detect the USB and run the shimboot bootloader. From 60033eb690b716ed944060969d4f99241e627fec Mon Sep 17 00:00:00 2001 From: ading2210 Date: Fri, 3 May 2024 04:59:07 -0700 Subject: [PATCH 08/17] many build script improvements --- README.md | 8 ++++-- build_complete.sh | 26 +++++++++++------- build_rootfs.sh | 15 ++++++++-- common.sh | 5 ++++ rootfs/opt/setup_rootfs.sh | 56 +++++++++++++++++++++++--------------- 5 files changed, 73 insertions(+), 37 deletions(-) diff --git a/README.md b/README.md index fa22df1..8966608 100644 --- a/README.md +++ b/README.md @@ -99,7 +99,7 @@ Alternatively, you can run each of the steps manually: 4. Plug the USB into your Chromebook and enter recovery mode. It should detect the USB and run the shimboot bootloader. 5. Boot into Debian and log in with the username and password that you configured earlier. The default username/password for the prebuilt images is `user/user`. 6. Expand the rootfs partition so that it fills up the entire disk by running `sudo growpart /dev/sdX 4` (replacing `sdX` with the block device corresponding to your disk) to expand the partition, then running `sudo resize2fs /dev/sdX4` to expand the filesystem. -7. Change the root password and regular user password by running `sudo passwd root` and `passwd user`. +7. Change the user password by running `passwd user`. The root user is disabled by default. ## FAQ: @@ -111,7 +111,11 @@ Debian Sid (the rolling release version of Debian) is also supported if you just sudo ./build_rootfs.sh data/rootfs unstable ``` #### How can I install a desktop environment other than XFCE? -You can pass another argument to the `build_rootfs.sh` script, like this: `sudo ./build_rootfs.sh data/rootfs bookworm custom_packages=task-lxde-desktop`. The `custom_packages` argument is a list of packages (separated by spaces) that will be installed in the place of XFCE. +You can pass the `desktop` argument to the `build_complete.sh` script, like this: +```bash +sudo ./build_complete.sh grunt desktop=lxde +``` +The valid values for this argument are: `gnome`, `xfce`, `kde`, `lxde`, `gnome-flashback`, `cinnamon`, `mate`, and `lxqt`. #### Will this prevent me from using Chrome OS normally? Shimboot does not touch the internal storage at all, so you will be able to use Chrome OS as if nothing happened. However, if you are on an enterprise enrolled device, booting Chrome OS again will force a powerwash due to the attempted switch into developer mode. diff --git a/build_complete.sh b/build_complete.sh index 2e2a57d..d72858d 100755 --- a/build_complete.sh +++ b/build_complete.sh @@ -8,12 +8,19 @@ print_help() { echo " compress_img - Compress the final disk image into a zip file. Set this to any value to enable this option." echo " rootfs_dir - Use a different rootfs for the build. The directory you select will be copied before any patches are applied." echo " quiet - Don't use progress indicators which may clog up log files." + echo " desktop - The desktop environment to install. This defaults to 'xfce'. Valid options include:" + echo " gnome, xfce, kde, lxde, gnome-flashback, cinnamon, mate, lxqt" } assert_root assert_args "$1" parse_args "$@" +compress_img="${args['compress_img']}" +rootfs_dir="${args['rootfs_dir']}" +quiet="${args['quiet']}" +desktop="${args['desktop']-'xfce'}" + needed_deps="wget python3 unzip zip git debootstrap cpio binwalk pcregrep cgpt mkfs.ext4 mkfs.ext2 fdisk rsync" if [ "$(check_deps "$needed_deps")" ]; then #install deps automatically on debian and ubuntu @@ -63,7 +70,7 @@ download_and_unzip() { local zip_path="$2" local bin_path="$3" if [ ! -f "$bin_path" ]; then - if [ ! "${args['quiet']}" ]; then + if [ ! "$quiet" ]; then wget -q --show-progress $url -O $zip_path -c else wget -q $url -O $zip_path -c @@ -74,7 +81,7 @@ download_and_unzip() { cleanup_path="$bin_path" echo "extracting $zip_path" local total_bytes="$(unzip -lq $zip_path | tail -1 | xargs | cut -d' ' -f1)" - if [ ! "${args['quiet']}" ]; then + if [ ! "$quiet" ]; then unzip -p $zip_path | pv -s $total_bytes > $bin_path else unzip -p $zip_path > $bin_path @@ -97,31 +104,30 @@ download_and_unzip $reco_url $reco_zip $reco_bin echo "downloading shim image" download_and_unzip $shim_url $shim_zip $shim_bin -if [ ! "${args['rootfs_dir']}" ]; then +if [ ! "$rootfs_dir" ]; then rootfs_dir="$(realpath -m data/rootfs_$board)" + desktop_package="task-$desktop-desktop" rm -rf $rootfs_dir mkdir -p $rootfs_dir echo "building debian rootfs" ./build_rootfs.sh $rootfs_dir bookworm \ + custom_packages=$desktop_package \ hostname=shimboot-$board \ - root_passwd=root \ username=user \ - user_passwd=user -else - rootfs_dir="$(realpath -m "${args['rootfs_dir']}")" + user_passwd=user fi echo "patching debian rootfs" -retry_cmd ./patch_rootfs.sh $shim_bin $reco_bin $rootfs_dir "quiet=${args['quiet']}" +retry_cmd ./patch_rootfs.sh $shim_bin $reco_bin $rootfs_dir "quiet=$quiet" echo "building final disk image" final_image="$base_dir/data/shimboot_$board.bin" rm -rf $final_image -retry_cmd ./build.sh $final_image $shim_bin $rootfs_dir "quiet=${args['quiet']}" +retry_cmd ./build.sh $final_image $shim_bin $rootfs_dir "quiet=$quiet" echo "build complete! the final disk image is located at $final_image" -if [ "${args['compress_img']}" ]; then +if [ "$compress_img" ]; then image_zip="$base_dir/data/shimboot_$board.zip" echo "compressing disk image into a zip file" zip -j $image_zip $final_image diff --git a/build_rootfs.sh b/build_rootfs.sh index e313ee4..9a05f6d 100755 --- a/build_rootfs.sh +++ b/build_rootfs.sh @@ -14,9 +14,11 @@ print_help() { echo "Valid named arguments (specify with 'key=value'):" echo " custom_packages - The packages that will be installed in place of task-xfce-desktop." echo " hostname - The hostname for the new rootfs." - echo " root_passwd - The root password." + echo " enable_root - Enable the root user." + echo " root_passwd - The root password. This only has an effect if enable_root is set." echo " username - The unprivileged user name for the new rootfs." echo " user_passwd - The password for the unprivileged user." + echo " disable_base - Disable the base packages such as zram, cloud-utils, and command-not-found." echo "If you do not specify the hostname and credentials, you will be prompted for them later." } @@ -49,11 +51,18 @@ done hostname="${args['hostname']}" root_passwd="${args['root_passwd']}" +enable_root="${args['enable_root']}" username="${args['username']}" user_passwd="${args['user_passwd']}" +disable_base="${args['disable_base']}" + +chroot_command="/opt/setup_rootfs.sh \ + '$DEBUG' '$release_name' '$packages' \ + '$hostname' '$root_passwd' '$username' \ + '$user_passwd' '$enable_root' '$disable_base'" + +LC_ALL=C chroot $rootfs_dir /bin/bash -c "${chroot_command}" -chroot_command="/opt/setup_rootfs.sh '$DEBUG' '$release_name' '$packages' '$hostname' '$root_passwd' '$username' '$user_passwd'" -chroot $rootfs_dir /bin/bash -c "${chroot_command}" trap - EXIT unmount_all diff --git a/common.sh b/common.sh index b452a0c..827228f 100755 --- a/common.sh +++ b/common.sh @@ -29,6 +29,11 @@ assert_deps() { parse_args() { declare -g -A args for argument in "$@"; do + if [ "$argument" = "-h" ] || [ "$argument" = "--help" ]; then + print_help + exit 0 + fi + local key=$(echo $argument | cut -f1 -d=) local key_length=${#key} local value="${argument:$key_length+1}" diff --git a/rootfs/opt/setup_rootfs.sh b/rootfs/opt/setup_rootfs.sh index f2c6279..238035b 100755 --- a/rootfs/opt/setup_rootfs.sh +++ b/rootfs/opt/setup_rootfs.sh @@ -16,12 +16,14 @@ hostname="$4" root_passwd="$5" username="$6" user_passwd="$7" +enable_root="$8" +disable_base_pkgs="$9" custom_repo="https://shimboot.ading.dev/debian" custom_repo_domain="shimboot.ading.dev" sources_entry="deb [trusted=yes arch=amd64] ${custom_repo} ${release_name} main" -export DEBIAN_FRONTEND=noninteractive +export DEBIAN_FRONTEND="noninteractive" #add shimboot repos echo -e "${sources_entry}\n$(cat /etc/apt/sources.list)" > /etc/apt/sources.list @@ -40,14 +42,17 @@ apt-get install --reinstall $installed_systemd #enable shimboot services systemctl enable kill-frecon.service -#install desktop -apt-get install -y $packages cloud-utils zram-tools +#install base packages +if [ -z "$disable_base_pkgs" ]; then + apt-get install -y cloud-utils zram-tools sudo command-not-found -#set up zram -tee -a /etc/default/zramswap << END -ALGO=lzo -PERCENT=50 -END + #set up zram + echo "ALGO=lzo" >> /etc/default/zramswap + echo "PERCENT=50" >> /etc/default/zramswap + + #update apt-file cache + apt-file update +fi #set up hostname and username if [ ! "$hostname" ]; then @@ -64,28 +69,35 @@ ff02::1 ip6-allnodes ff02::2 ip6-allrouters END -echo "Enter a root password:" -if [ ! "$root_passwd" ]; then - while ! passwd root; do - echo "Failed to set password, please try again." - done -else - yes "$root_passwd" | passwd root -fi +#install desktop and other custom packages +apt-get install -y $packages if [ ! $username ]; then read -p "Enter the username for the user account: " username fi useradd -m -s /bin/bash -G sudo $username -if [ ! "$user_passwd" ]; then - echo "Enter the password for ${username}:" - while ! passwd $username; do - echo "Failed to set password, please try again." - done +set_password() { + local user="$1" + local password="$2" + if [ ! "$password" ]; then + while ! passwd $user; do + echo "Failed to set password for $user, please try again." + done + else + yes "$password" | passwd $user + fi +} + +if [ "$enable_root" ]; then + echo "Enter a root password:" + set_password root "$root_passwd" else - yes "$user_passwd" | passwd $username + usermod -a -G sudo $username fi +echo "Enter a user password:" +set_password "$username" "$user_passwd" + #clean apt caches apt-get clean \ No newline at end of file From a67bb493af0c6e25cedcee1440a6904f9e80566e Mon Sep 17 00:00:00 2001 From: ading2210 <71154407+ading2210@users.noreply.github.com> Date: Fri, 3 May 2024 17:10:55 +0000 Subject: [PATCH 09/17] remount without nodev/noexec, fixes #16 --- build_rootfs.sh | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/build_rootfs.sh b/build_rootfs.sh index 9a05f6d..84af9f2 100755 --- a/build_rootfs.sh +++ b/build_rootfs.sh @@ -40,6 +40,22 @@ unmount_all() { done } +need_remount() { + local target="$1" + local mnt_options="$(findmnt -T "$target" | tail -n1 | rev | cut -f1 -d' '| rev)" + echo "$mnt_options" | grep -e "noexec" -e "nodev" +} + +do_remount() { + local target="$1" + local mountpoint="$(findmnt -T "$target" | tail -n1 | cut -f1 -d' ')" + mount -o remount,dev,exec "$mountpoint" +} + +if [ "$(need_remount "$rootfs_dir")" ]; then + do_remount "$rootfs_dir" +fi + debootstrap --arch amd64 $release_name $rootfs_dir http://deb.debian.org/debian/ cp -ar rootfs/* $rootfs_dir cp /etc/resolv.conf $rootfs_dir/etc/resolv.conf From 16000d09e20ee8acae09e081f1038ebb31174ed6 Mon Sep 17 00:00:00 2001 From: ading2210 <71154407+ading2210@users.noreply.github.com> Date: Fri, 3 May 2024 19:20:09 +0000 Subject: [PATCH 10/17] various build script improvements and fixes --- .github/ISSUE_TEMPLATE/bug_report.md | 2 ++ README.md | 1 + build_complete.sh | 29 +++++++++++++++++++--------- build_rootfs.sh | 2 +- image_utils.sh | 22 +++++++++++++++++---- rootfs/opt/setup_rootfs.sh | 2 +- 6 files changed, 43 insertions(+), 15 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 3db17d5..93f8a30 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -23,6 +23,8 @@ A clear and concise description of what you expected to happen. **Screenshots / Photos** If applicable, add screenshots or photos to help explain your problem. +If you are reporting an issue with the build process, please run the scripts in debug mode by putting `DEBUG=1` before the build commmand, like `sudo DEBUG=1 ./build_complete.sh`. + **Target Chrome OS Device (please complete the following information):** - Board Name (e.g. dedede) - Device Name (e.g. drawcia) diff --git a/README.md b/README.md index 8966608..15f2bf8 100644 --- a/README.md +++ b/README.md @@ -72,6 +72,7 @@ PRs and contributions are welcome to help implement these features. ### Prerequisites: - A separate Linux PC for the build process (preferably something Debian-based) - WSL2 is supported if you are on Windows + - Github Codespaces is not supported at the moment - A USB drive that is at least 8GB in size - At least 20GB of free disk space - An x86-based Chromebook diff --git a/build_complete.sh b/build_complete.sh index d72858d..d10c525 100755 --- a/build_complete.sh +++ b/build_complete.sh @@ -10,6 +10,7 @@ print_help() { echo " quiet - Don't use progress indicators which may clog up log files." echo " desktop - The desktop environment to install. This defaults to 'xfce'. Valid options include:" echo " gnome, xfce, kde, lxde, gnome-flashback, cinnamon, mate, lxqt" + echo " data_dir - The working directory for the scripts. This defaults to ./data" } assert_root @@ -20,13 +21,14 @@ compress_img="${args['compress_img']}" rootfs_dir="${args['rootfs_dir']}" quiet="${args['quiet']}" desktop="${args['desktop']-'xfce'}" +data_dir="${args['data_dir']}" -needed_deps="wget python3 unzip zip git debootstrap cpio binwalk pcregrep cgpt mkfs.ext4 mkfs.ext2 fdisk rsync" +needed_deps="wget python3 unzip zip git debootstrap cpio binwalk pcregrep cgpt mkfs.ext4 mkfs.ext2 fdisk rsync depmod findmnt" if [ "$(check_deps "$needed_deps")" ]; then #install deps automatically on debian and ubuntu if [ -f "/etc/debian_version" ]; then echo "attempting to install build deps" - apt-get install wget python3-all unzip zip debootstrap cpio binwalk pcregrep cgpt rsync pv -y + apt-get install wget python3-all unzip zip debootstrap cpio binwalk pcregrep cgpt rsync kmod pv -y fi assert_deps "$needed_deps" fi @@ -45,6 +47,12 @@ board="$1" shim_url="https://dl.darkn.bio/api/raw/?path=/SH1mmer/$board.zip" boards_url="https://chromiumdash.appspot.com/cros/fetch_serving_builds?deviceCategory=ChromeOS" +if [ -z "$data_dir" ]; then + data_dir="$base_dir/data" +else + data_dir="$(realpath -m "$data_dir")" +fi + echo "downloading list of recovery images" reco_url="$(wget -qO- --show-progress $boards_url | python3 -c ' import json, sys @@ -59,11 +67,11 @@ print(reco_url) ' $board)" echo "found url: $reco_url" -shim_bin="$base_dir/data/shim_$board.bin" -shim_zip="$base_dir/data/shim_$board.zip" -reco_bin="$base_dir/data/reco_$board.bin" -reco_zip="$base_dir/data/reco_$board.zip" -mkdir -p "$base_dir/data" +shim_bin="$data_dir/shim_$board.bin" +shim_zip="$data_dir/shim_$board.zip" +reco_bin="$data_dir/reco_$board.bin" +reco_zip="$data_dir/reco_$board.zip" +mkdir -p "$data_dir" download_and_unzip() { local url="$1" @@ -107,6 +115,9 @@ download_and_unzip $shim_url $shim_zip $shim_bin if [ ! "$rootfs_dir" ]; then rootfs_dir="$(realpath -m data/rootfs_$board)" desktop_package="task-$desktop-desktop" + if [ "$(findmnt -T "$rootfs_dir/dev")" ]; then + sudo umount -l $rootfs_dir/* 2>/dev/null || true + fi rm -rf $rootfs_dir mkdir -p $rootfs_dir @@ -122,13 +133,13 @@ echo "patching debian rootfs" retry_cmd ./patch_rootfs.sh $shim_bin $reco_bin $rootfs_dir "quiet=$quiet" echo "building final disk image" -final_image="$base_dir/data/shimboot_$board.bin" +final_image="$data_dir/shimboot_$board.bin" rm -rf $final_image retry_cmd ./build.sh $final_image $shim_bin $rootfs_dir "quiet=$quiet" echo "build complete! the final disk image is located at $final_image" if [ "$compress_img" ]; then - image_zip="$base_dir/data/shimboot_$board.zip" + image_zip="$data_dir/shimboot_$board.zip" echo "compressing disk image into a zip file" zip -j $image_zip $final_image echo "finished compressing the disk file" diff --git a/build_rootfs.sh b/build_rootfs.sh index 84af9f2..0964d30 100755 --- a/build_rootfs.sh +++ b/build_rootfs.sh @@ -23,7 +23,7 @@ print_help() { } assert_root -assert_deps "realpath debootstrap" +assert_deps "realpath debootstrap findmnt" assert_args "$2" parse_args "$@" diff --git a/image_utils.sh b/image_utils.sh index 4e6059c..d449efb 100755 --- a/image_utils.sh +++ b/image_utils.sh @@ -2,6 +2,12 @@ create_loop() { local loop_device=$(losetup -f) + if [ ! -b "$loop_device" ]; then + #we might run out of loop devices, see https://stackoverflow.com/a/66020349 + local major=$(grep loop /proc/devices | cut -c3) + local number="$(echo "$loop_device" | grep -Eo '[0-9]+' | tail -n1)" + mknod $loop_device b $major $number + fi losetup -P $loop_device "${1}" echo $loop_device } @@ -65,10 +71,18 @@ partition_disk() { } safe_mount() { - umount $2 2> /dev/null || /bin/true - rm -rf $2 - mkdir -p $2 - mount $1 $2 + local source="$1" + local dest="$2" + local opts="$3" + + umount $dest 2> /dev/null || /bin/true + rm -rf $dest + mkdir -p $dest + if [ "$opts" ]; then + mount $source $dest -o $dest + else + mount $source $dest + fi } create_partitions() { diff --git a/rootfs/opt/setup_rootfs.sh b/rootfs/opt/setup_rootfs.sh index 238035b..fe57fcc 100755 --- a/rootfs/opt/setup_rootfs.sh +++ b/rootfs/opt/setup_rootfs.sh @@ -44,7 +44,7 @@ systemctl enable kill-frecon.service #install base packages if [ -z "$disable_base_pkgs" ]; then - apt-get install -y cloud-utils zram-tools sudo command-not-found + apt-get install -y cloud-utils zram-tools sudo command-not-found bash-completion #set up zram echo "ALGO=lzo" >> /etc/default/zramswap From f9b33836981ee798905f4036b89550890e7fcd67 Mon Sep 17 00:00:00 2001 From: ading2210 Date: Mon, 13 May 2024 11:03:17 -0700 Subject: [PATCH 11/17] don't modify shim and reco images at all --- build_complete.sh | 4 ++++ image_utils.sh | 20 ++++++++++++++------ patch_rootfs.sh | 6 ++---- 3 files changed, 20 insertions(+), 10 deletions(-) diff --git a/build_complete.sh b/build_complete.sh index d10c525..0cd67d6 100755 --- a/build_complete.sh +++ b/build_complete.sh @@ -1,6 +1,7 @@ #!/bin/bash . ./common.sh +. ./image_utils.sh print_help() { echo "Usage: ./build_complete.sh board_name" @@ -138,6 +139,9 @@ rm -rf $final_image retry_cmd ./build.sh $final_image $shim_bin $rootfs_dir "quiet=$quiet" echo "build complete! the final disk image is located at $final_image" +echo "cleaning up" +clean_loops + if [ "$compress_img" ]; then image_zip="$data_dir/shimboot_$board.zip" echo "compressing disk image into a zip file" diff --git a/image_utils.sh b/image_utils.sh index d449efb..779b3e2 100755 --- a/image_utils.sh +++ b/image_utils.sh @@ -12,11 +12,6 @@ create_loop() { echo $loop_device } -#original shim rootfses have a non standard ext2 filesystem -make_mountable() { - printf '\000' | dd of=$1 seek=$((0x464 + 3)) conv=notrunc count=1 bs=1 status=none -} - #set required flags on the kernel partition make_bootable() { cgpt add -i 2 -S 1 -T 5 -P 10 -l kernel $1 @@ -79,7 +74,7 @@ safe_mount() { rm -rf $dest mkdir -p $dest if [ "$opts" ]; then - mount $source $dest -o $dest + mount $source $dest -o $opts else mount $source $dest fi @@ -151,4 +146,17 @@ patch_initramfs() { cp -r bootloader/* "${initramfs_path}/" find ${initramfs_path}/bin -name "*" -exec chmod +x {} \; +} + +#clean up unused loop devices +clean_loops() { + local loop_devices="$(losetup -a | awk -F':' {'print $1'})" + for loop_device in $loop_devices; do + local mountpoints="$(cat /proc/mounts | grep "$loop_device")" + if [ ! "$mountpoints" ]; then + losetup -d $loop_device + else + echo "warning: not removing $loop_device because it is still mounted" + fi + done } \ No newline at end of file diff --git a/patch_rootfs.sh b/patch_rootfs.sh index ae679ca..7e941d9 100755 --- a/patch_rootfs.sh +++ b/patch_rootfs.sh @@ -67,13 +67,11 @@ reco_rootfs="/tmp/reco_rootfs" echo "mounting shim" shim_loop=$(create_loop "${shim_path}") -make_mountable "${shim_loop}p3" -safe_mount "${shim_loop}p3" $shim_rootfs +safe_mount "${shim_loop}p3" $shim_rootfs ro echo "mounting recovery image" reco_loop=$(create_loop "${reco_path}") -make_mountable "${reco_loop}p3" -safe_mount "${reco_loop}p3" $reco_rootfs +safe_mount "${reco_loop}p3" $reco_rootfs ro echo "copying modules to rootfs" copy_modules $shim_rootfs $reco_rootfs $target_rootfs From dff0132f0308b2f9ea36189a13976541f14331eb Mon Sep 17 00:00:00 2001 From: ading2210 Date: Mon, 13 May 2024 11:49:28 -0700 Subject: [PATCH 12/17] update device compatibility documentation --- .../device-compatibility-report.md | 3 +++ README.md | 20 +++++++++---------- 2 files changed, 13 insertions(+), 10 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/device-compatibility-report.md b/.github/ISSUE_TEMPLATE/device-compatibility-report.md index 7242831..8fbc5ca 100644 --- a/.github/ISSUE_TEMPLATE/device-compatibility-report.md +++ b/.github/ISSUE_TEMPLATE/device-compatibility-report.md @@ -19,3 +19,6 @@ This template is not meant to be used if Shimboot fails completely. Submit a bug - 3D acceleration: yes/no/untested - Bluetooth: yes/no/untested - Webcam: yes/no/untested + + +**Other Notes:**: \ No newline at end of file diff --git a/README.md b/README.md index 15f2bf8..2bf2f88 100644 --- a/README.md +++ b/README.md @@ -34,16 +34,16 @@ Note that rootfs partitions have to be named `shimboot_rootfs:` for th Driver support depends on the device you are using shimboot on. The `patch_rootfs.sh` script attempts to copy all the firmware and drivers from the shim and recovery image into the rootfs, so expect most things to work on other boards. ARM Chromebooks are not supported at the moment. ### Device Compatibility Table: -| Feature \ Board Name | [`dedede`](https://chrome100.dev/board/dedede/) | [`octopus`](https://chrome100.dev/board/octopus/) | [`reks`](https://chrome100.dev/board/reks/) | [`nissa`](https://chrome100.dev/board/nissa/) | -|----------------------|-------------------------------------------------|---------------------------------------------------|---------------------------------------------|-----------------------------------------------| -| X11 | yes | yes | no (kernel too old) | yes | -| Wifi | yes | yes | yes | yes | -| Internal Audio | no | yes | untested | no | -| Backlight | yes | yes | untested | yes | -| Touchscreen | yes | yes | untested | yes | -| 3D Acceleration | yes | yes | no | yes | -| Bluetooth | yes | yes | untested | yes | -| Webcam | yes | yes | untested | yes | +| Feature \ Board Name | [`dedede`](https://chrome100.dev/board/dedede/) | [`octopus`](https://chrome100.dev/board/octopus/) | [`nissa`](https://chrome100.dev/board/nissa/) | [`reks`](https://chrome100.dev/board/reks/) | [`kefka`](https://chrome100.dev/board/kefka) | +|----------------------|-------------------------------------------------|---------------------------------------------------|-----------------------------------------------|---------------------------------------------|----------------------------------------------| +| X11 | yes | yes | yes | no (kernel too old) | no (kernel too old) | +| Wifi | yes | yes | yes | yes | yes | +| Internal Audio | no | yes | no | untested | untested | +| Backlight | yes | yes | yes | untested | untested | +| Touchscreen | yes | yes | yes | untested | untested | +| 3D Acceleration | yes | yes | yes | no | no | +| Bluetooth | yes | yes | yes | untested | untested | +| Webcam | yes | yes | yes | untested | untested | This table is incomplete. If you want to contribute a device compatibility report please create a new issue on the Github repository. From 0ac7dc2cfeccd3d568ebd6a13eba2cac9276e234 Mon Sep 17 00:00:00 2001 From: ading2210 Date: Tue, 21 May 2024 20:16:58 -0700 Subject: [PATCH 13/17] fix #12 maybe --- bootloader/bin/bootstrap.sh | 35 +++++++++++++++-------------------- 1 file changed, 15 insertions(+), 20 deletions(-) diff --git a/bootloader/bin/bootstrap.sh b/bootloader/bin/bootstrap.sh index 1a8862b..fa7c1a1 100755 --- a/bootloader/bin/bootstrap.sh +++ b/bootloader/bin/bootstrap.sh @@ -28,6 +28,20 @@ enable_debug_console() { invoke_terminal "${tty}" "[Bootstrap Debug Console]" "/bin/busybox sh" } +#get a partition block device from a disk path and a part number +get_part_dev() { + local disk="$1" + local partition="$2" + + #disk paths ending with a number will have a "p" before the partition number + last_char="$(echo -n "$disk" | tail -c 1)" + if [ "$last_char" -eq "$last_char" ] 2>/dev/null; then + echo "${disk}p${partition}" + else + echo "${disk}${partition}" + fi +} + find_rootfs_partitions() { local disks=$(fdisk -l | sed -n "s/Disk \(\/dev\/.*\):.*/\1/p") if [ ! "${disks}" ]; then @@ -40,7 +54,7 @@ find_rootfs_partitions() { continue fi for partition in $partitions; do - echo "${disk}${partition}" + get_part_dev "$disk" "$partition" done done } @@ -182,25 +196,6 @@ contains_word() { return 1 } -#might be useful in case we need to disable the tpm -#currently this causes a kernel panic when we try to boot cros -unbind_driver() { - local driver_path="$1" - local sys_files="$(ls $driver_path)" - local excluded_files="bind uevent unbind" - for file in $sys_files; do - if ! contains_word "$file" "$excluded_files"; then - echo "$file" > "${driver_path}/unbind" - fi - done -} - -unbind_tpm() { - unbind_driver "/sys/bus/spi/drivers/tpm_tis_spi" - unbind_driver "/sys/bus/pnp/drivers/tpm_tis" - unbind_driver "/sys/bus/platform/drivers/tpm_tis" -} - copy_progress() { local source="$1" local destination="$2" From e444beefaface4c2f4f34cc535220512c820454c Mon Sep 17 00:00:00 2001 From: ading2210 Date: Sun, 2 Jun 2024 22:00:40 -0700 Subject: [PATCH 14/17] update device compatibility table --- README.md | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/README.md b/README.md index 2bf2f88..0531572 100644 --- a/README.md +++ b/README.md @@ -34,16 +34,16 @@ Note that rootfs partitions have to be named `shimboot_rootfs:` for th Driver support depends on the device you are using shimboot on. The `patch_rootfs.sh` script attempts to copy all the firmware and drivers from the shim and recovery image into the rootfs, so expect most things to work on other boards. ARM Chromebooks are not supported at the moment. ### Device Compatibility Table: -| Feature \ Board Name | [`dedede`](https://chrome100.dev/board/dedede/) | [`octopus`](https://chrome100.dev/board/octopus/) | [`nissa`](https://chrome100.dev/board/nissa/) | [`reks`](https://chrome100.dev/board/reks/) | [`kefka`](https://chrome100.dev/board/kefka) | -|----------------------|-------------------------------------------------|---------------------------------------------------|-----------------------------------------------|---------------------------------------------|----------------------------------------------| -| X11 | yes | yes | yes | no (kernel too old) | no (kernel too old) | -| Wifi | yes | yes | yes | yes | yes | -| Internal Audio | no | yes | no | untested | untested | -| Backlight | yes | yes | yes | untested | untested | -| Touchscreen | yes | yes | yes | untested | untested | -| 3D Acceleration | yes | yes | yes | no | no | -| Bluetooth | yes | yes | yes | untested | untested | -| Webcam | yes | yes | yes | untested | untested | +| Feature \ Board Name | [`dedede`](https://chrome100.dev/board/dedede/) | [`octopus`](https://chrome100.dev/board/octopus/) | [`nissa`](https://chrome100.dev/board/nissa/) | [`reks`](https://chrome100.dev/board/reks/) | [`kefka`](https://chrome100.dev/board/kefka) | [`zork`](https://chrome100.dev/board/zork) | +|----------------------|-------------------------------------------------|---------------------------------------------------|-----------------------------------------------|---------------------------------------------|----------------------------------------------|--------------------------------------------| +| X11 | yes | yes | yes | no (kernel too old) | no (kernel too old) | yes | +| Wifi | yes | yes | yes | yes | yes | yes | +| Internal Audio | no | yes | no | untested | yes | no | +| Backlight | yes | yes | yes | untested | yes | untested | +| Touchscreen | yes | yes | yes | untested | untested | yes | +| 3D Acceleration | yes | yes | yes | no | no | yes | +| Bluetooth | yes | yes | yes | untested | untested | yes | +| Webcam | yes | yes | yes | untested | untested | yes | This table is incomplete. If you want to contribute a device compatibility report please create a new issue on the Github repository. From 80aa5ee868834a987ecea4f29485e11e782c2491 Mon Sep 17 00:00:00 2001 From: ading2210 Date: Sun, 2 Jun 2024 22:06:43 -0700 Subject: [PATCH 15/17] fix issue #24 --- build_complete.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/build_complete.sh b/build_complete.sh index 0cd67d6..493f8f9 100755 --- a/build_complete.sh +++ b/build_complete.sh @@ -61,7 +61,10 @@ import json, sys all_builds = json.load(sys.stdin) board = all_builds["builds"][sys.argv[1]] if "models" in board: - board = next(iter(board["models"].values())) + for device in board["models"].values(): + if device["pushRecoveries"]: + board = device + break reco_url = list(board["pushRecoveries"].values())[-1] print(reco_url) From ad23945967c93196a20061ba2e311fe931ce8aa6 Mon Sep 17 00:00:00 2001 From: ading2210 Date: Sun, 2 Jun 2024 22:24:38 -0700 Subject: [PATCH 16/17] add zork as a prebuilt image --- .github/workflows/build-image.yaml | 2 +- README.md | 4 +++- bootloader/bin/bootstrap.sh | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build-image.yaml b/.github/workflows/build-image.yaml index e5f4fb8..a7a8f94 100644 --- a/.github/workflows/build-image.yaml +++ b/.github/workflows/build-image.yaml @@ -9,7 +9,7 @@ jobs: strategy: matrix: - board: [dedede, octopus, coral, grunt, nissa] + board: [dedede, octopus, coral, grunt, nissa, zork] runs-on: ubuntu-latest steps: diff --git a/README.md b/README.md index 0531572..f8ca122 100644 --- a/README.md +++ b/README.md @@ -36,7 +36,7 @@ Driver support depends on the device you are using shimboot on. The `patch_rootf ### Device Compatibility Table: | Feature \ Board Name | [`dedede`](https://chrome100.dev/board/dedede/) | [`octopus`](https://chrome100.dev/board/octopus/) | [`nissa`](https://chrome100.dev/board/nissa/) | [`reks`](https://chrome100.dev/board/reks/) | [`kefka`](https://chrome100.dev/board/kefka) | [`zork`](https://chrome100.dev/board/zork) | |----------------------|-------------------------------------------------|---------------------------------------------------|-----------------------------------------------|---------------------------------------------|----------------------------------------------|--------------------------------------------| -| X11 | yes | yes | yes | no (kernel too old) | no (kernel too old) | yes | +| X11 | yes | yes | yes | no [1] | no [1] | yes | | Wifi | yes | yes | yes | yes | yes | yes | | Internal Audio | no | yes | no | untested | yes | no | | Backlight | yes | yes | yes | untested | yes | untested | @@ -45,6 +45,8 @@ Driver support depends on the device you are using shimboot on. The `patch_rootf | Bluetooth | yes | yes | yes | untested | untested | yes | | Webcam | yes | yes | yes | untested | untested | yes | +1. The kernel is too old. + This table is incomplete. If you want to contribute a device compatibility report please create a new issue on the Github repository. On all devices, expect the following features to work: diff --git a/bootloader/bin/bootstrap.sh b/bootloader/bin/bootstrap.sh index fa7c1a1..8258c61 100755 --- a/bootloader/bin/bootstrap.sh +++ b/bootloader/bin/bootstrap.sh @@ -94,7 +94,7 @@ move_mounts() { print_license() { cat << EOF -Shimboot v1.0.1 +Shimboot v1.0.2 ading2210/shimboot: Boot desktop Linux from a Chrome OS RMA shim. Copyright (C) 2023 ading2210 From ac5bd3ec0b9b67be41c5d789893a886335ae612a Mon Sep 17 00:00:00 2001 From: ading2210 Date: Fri, 7 Jun 2024 17:19:59 -0700 Subject: [PATCH 17/17] update documentation and issue templates --- .github/ISSUE_TEMPLATE/bug_report.md | 13 +++++++++++- .../device-compatibility-report.md | 10 +++++----- README.md | 20 +++++++++---------- 3 files changed, 27 insertions(+), 16 deletions(-) diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md index 93f8a30..39fc74a 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.md +++ b/.github/ISSUE_TEMPLATE/bug_report.md @@ -7,6 +7,15 @@ assignees: '' --- + + **Describe the bug** A clear and concise description of what the bug is. @@ -27,9 +36,11 @@ If you are reporting an issue with the build process, please run the scripts in **Target Chrome OS Device (please complete the following information):** - Board Name (e.g. dedede) - - Device Name (e.g. drawcia) + - Device Name (e.g. drawcia) - Shimboot version (e.g. v1.0.1) + + **Build Device (please complete the following information):** - OS: [e.g. Debian 12] - Neofetch out [run `neofetch --stdout` and paste it here] diff --git a/.github/ISSUE_TEMPLATE/device-compatibility-report.md b/.github/ISSUE_TEMPLATE/device-compatibility-report.md index 8fbc5ca..301ae9e 100644 --- a/.github/ISSUE_TEMPLATE/device-compatibility-report.md +++ b/.github/ISSUE_TEMPLATE/device-compatibility-report.md @@ -11,12 +11,12 @@ This template is not meant to be used if Shimboot fails completely. Submit a bug **Compatibility Info**: - Board Name: (e.g. octopus) -- X11: yes/no/untested -- Wifi: yes/no/untested -- Internal Audio: yes/no/untested -- Backlight: yes/no/untested +- X11: yes/no/untested +- Wifi: yes/no/untested +- Internal Audio: yes/no/untested +- Backlight: yes/no/untested - Touchscreen: yes/no/untested -- 3D acceleration: yes/no/untested +- 3D acceleration: yes/no/untested - Bluetooth: yes/no/untested - Webcam: yes/no/untested diff --git a/README.md b/README.md index f8ca122..bc42840 100644 --- a/README.md +++ b/README.md @@ -34,16 +34,16 @@ Note that rootfs partitions have to be named `shimboot_rootfs:` for th Driver support depends on the device you are using shimboot on. The `patch_rootfs.sh` script attempts to copy all the firmware and drivers from the shim and recovery image into the rootfs, so expect most things to work on other boards. ARM Chromebooks are not supported at the moment. ### Device Compatibility Table: -| Feature \ Board Name | [`dedede`](https://chrome100.dev/board/dedede/) | [`octopus`](https://chrome100.dev/board/octopus/) | [`nissa`](https://chrome100.dev/board/nissa/) | [`reks`](https://chrome100.dev/board/reks/) | [`kefka`](https://chrome100.dev/board/kefka) | [`zork`](https://chrome100.dev/board/zork) | -|----------------------|-------------------------------------------------|---------------------------------------------------|-----------------------------------------------|---------------------------------------------|----------------------------------------------|--------------------------------------------| -| X11 | yes | yes | yes | no [1] | no [1] | yes | -| Wifi | yes | yes | yes | yes | yes | yes | -| Internal Audio | no | yes | no | untested | yes | no | -| Backlight | yes | yes | yes | untested | yes | untested | -| Touchscreen | yes | yes | yes | untested | untested | yes | -| 3D Acceleration | yes | yes | yes | no | no | yes | -| Bluetooth | yes | yes | yes | untested | untested | yes | -| Webcam | yes | yes | yes | untested | untested | yes | +| Feature \ Board Name | [`dedede`](https://chrome100.dev/board/dedede/) | [`octopus`](https://chrome100.dev/board/octopus/) | [`nissa`](https://chrome100.dev/board/nissa/) | [`reks`](https://chrome100.dev/board/reks/) | [`kefka`](https://chrome100.dev/board/kefka) | [`zork`](https://chrome100.dev/board/zork) | [`grunt`](https://chrome100.dev/board/grunt) | +|----------------------|-------------------------------------------------|---------------------------------------------------|-----------------------------------------------|---------------------------------------------|----------------------------------------------|--------------------------------------------|----------------------------------------------| +| X11 | yes | yes | yes | no [1] | no [1] | yes | yes | +| Wifi | yes | yes | yes | yes | yes | yes | yes | +| Internal Audio | no | yes | no | untested | yes | no | no | +| Backlight | yes | yes | yes | untested | yes | untested | yes | +| Touchscreen | yes | yes | yes | untested | untested | yes | yes | +| 3D Acceleration | yes | yes | yes | no | no | yes | yes | +| Bluetooth | yes | yes | yes | untested | untested | yes | yes | +| Webcam | yes | yes | yes | untested | untested | yes | yes | 1. The kernel is too old.