For some setups the default GRUB script does not work. Either try updating the grub.cfg (next section) or boot manually (below).
#Open commandline in GRUB
- cryptomount -a #decrypt all HDDs
- root=lvm/matrix-boot #default boot partition, or use `ls` to list partitions
- linux=/vmlinuz #! choose the newest file, press TAB to list them !
- initrd=/initrd #! choose the newest file, press TAB to list them !
+ cryptomount -a #decrypt all HDDs (can also specify disk manually)
+ root=lvm/matrix-boot #default boot partition, or use `ls` to list partitions
+ linux=/vmlinuz #if (the symlink) not present, choose latest file, press TAB to list
+ initrd=/initrd #if (the symlink) not present, choose latest file, press TAB to list
boot
###Boot automatically
-Add the below to the preferred boot option, in grub.cfg, for automatic boot. It is recommended to test this configuration with grubtest.cfg, before changing the main config grub.cfg
+Add the below to the preferred boot option, in grub.cfg, for automatic boot. It is recommended to test any configuration with grubtest.cfg, before changing the main config grub.cfg
+
+ menuentry 'Boot to regular encrypted OS [x]' --hotkey='x' {
+ #Simple setup to boot from encrypted boot partition
+ #LUKS -> LVM -> logical volumes
+ #LVM name matrix and boot volume rootvol or boot
+ #Might get weird if multiple lvm devices connected
+
+ cryptomount -a
+
+ #try boot first since rootvol might symlink to boot and break
+ set root=(lvm/matrix-boot)
+ if [ -f "/vmlinuz" ]; then
+ if [ -f "/initrd.img" ]; then
+ linux /vmlinuz
+ initrd /initrd.img
+ fi
+
+ else
+ echo "Trying to boot lvm/matrix-boot.."
+ echo "Couldn't find kernel"
+ echo "Trying to boot lvm/matrix-rootvol.."
+ set root=(lvm/matrix-rootvol)
+ if [ -f "/vmlinuz" ]; then
+ if [ -f "/initrd.img" ]; then
+ linux /vmlinuz
+ initrd /initrd.img
+ fi
+ fi
+
+ fi
+ }
- set root=lvm/matrix-rootvol
- if [ -f "/vmlinuz" ]; then
- linux /vmlinuz
- if [ -f "/initrd.img" ]; then
- initrd /initrd.img
- fi
- fi
##Libreboot
When installing an OS on a Libreboot (/Coreboot) system, use these [guides](https://libreboot.org/docs/gnulinux/).
-When installing Debian I used [this guide](https://libreboot.org/docs/gnulinux/encrypted_debian.html) in particular. The guide uses LUKS->LVM->Partitions, thus everything is encrypted. You don't need to install GRUB since it is already on the libreboot ROM (if you're using the GRUB payload), however, using a local GRUB makes it possible to [change GRUB config](https://libreboot.org/docs/gnulinux/grub_cbfs.html) without reflashing ROM. But reflashing ROM can be done in the OS.
+When installing Debian I used [this guide](https://libreboot.org/docs/gnulinux/encrypted_debian.html) in particular. The guide uses LUKS->LVM->Partitions, thus everything is encrypted. You don't need to install GRUB since it is already on the libreboot ROM (if you're using the GRUB payload), however, using a local GRUB makes it possible to [change GRUB config](https://libreboot.org/docs/gnulinux/grub_cbfs.html) without reflashing ROM. But reflashing ROM can be done in the OS (boot with kernel flag iomem=relaxed).
If you have an unencrypted /boot the default GRUB-scripts works better, i e it boots automatically (using Libreboot2016).
#In my case the older version did not detect the exact chip on x200
#This was fixed by cloning and building the most recent version
+ #!/bin/bash -e
+ cd libreboot
./download flashrom
cd flashrom
- sudo apt-get install libusb-1.0-0-dev build-dep linux-image-$(uname -r)
- make install #needs sudo?
+ sudo apt-get install libusb-1.0-0-dev libpci-dev linux-image-$(uname -r) -y
+ sudo apt install make gcc pkg-config libssl1.0-dev zlib1g-dev pciutils-dev libftdi-dev libusb-dev build-essential -y
+ make install #does this need sudo?
make
-
+ cd ..
#backup current rom
- #sudo ./flashrom -p internal -r ~/this_is_my0.rom
+ sudo ./flashrom -p internal -r ~/this_is_my0.rom
+
-
#build libreboot, for the ROM
#dependencies for Debian
sudo ./oldbuild dependencies trisquel7
#download and build necessary
- ./download grub coreboot crossgcc seabios -y
+ ./download grub coreboot crossgcc seabios
+
./oldbuild module crossgcc
./oldbuild module grub
./oldbuild module coreboot
./oldbuild module seabios
- #finally build the ROM we want
- #./oldbuild roms withgrub x200_8mb
- #cd bin/grub
- #ls
+ cd resources/utilities/ich9deblob
+ make
+ cd ../../../
- #./oldbuild clean all
+ cd ./crossgcc/util/cbfstool/
+ make
+ cd ../../../
+
+ #finally build the ROM we want
+ ./oldbuild roms withgrub x200_8mb
+ cp bin/grub/x200_8mb/x200_8mb_usqwerty_vesafb.rom resources/utilities/ich9deblob/x200.rom
+ cd resources/utilities/ich9deblob/
+ ./ich9gen --macaddress "00:DE:AD:BE:EF:00"
+ dd if=ich9fdgbe_8m.bin of=x200.rom bs=1 count=12K conv=notrunc
+ mv x200.rom ../../../
+ cd ../../../
- ## Moving on
- #cp new.rom ich9deblob/x86_64
- #cd ich9deblob/x86_64
- #/ich9gen --macaddress XX:XX:XX:XX:XX:XX
- #dd if=ich9fdgbe_8m.bin of=libreboot.rom bs=1 count=12k conv=notrunc #for 8mb chip
- #mv new.rom ../../
- #sudo ./flash update libreboot.rom
+ #./cbfstool x200.rom extract -n grub.cfg -f grubtest.cfg
+ #./crossgcc/util/cbfstool/cbfstool x200_other_mac.rom remove -n grubtest.cfg
+ #./crossgcc/util/cbfstool/cbfstool x200_other_mac.rom add -n grubtest.cfg -f grubtest.cfg -t raw
+
+ ## LASTLY FLASH TO CHIP
+ #sudo ./flashrom/flashrom -p internal -w x200.rom
+
###X200
####Flashing Internally
projects / inbyggd-frihet-wiki.git / commitdiff