From fc1deb4796f71454e944a6c422e8613c1303b506 Mon Sep 17 00:00:00 2001 From: Hal Emmerich Date: Tue, 31 Mar 2020 00:27:34 -0500 Subject: [PATCH] Add script for crossystem/mosys building, update readme with docs for both --- README.md | 39 +++++++++++++ scripts/InstallScripts/buildCrossystem.sh | 69 +++++++++++++++++++++++ 2 files changed, 108 insertions(+) create mode 100644 scripts/InstallScripts/buildCrossystem.sh diff --git a/README.md b/README.md index a433764..4663821 100644 --- a/README.md +++ b/README.md @@ -190,6 +190,45 @@ You can use the environment variable `PRAWNOS_SUITE` to use a Debian suite other You can use the environment variable `PRAWNOS_DEBOOTSTRAP_MIRROR` to use a non-default Debian mirror with debootstrap. For example, to use [Debian's Tor onion service mirror](https://onion.debian.org/) with debootstrap, you can build with `sudo PRAWNOS_DEBOOTSTRAP_MIRROR=http://vwakviie2ienjx6t.onion/debian make image`. +## Crossystem / mosys +You can run the `buildCrossystem.sh` script located in `/InstallScripts/` to build `mosys` and install `crossystem` +``` +sudo /InstallScripts/buildCrossystem.sh +``` + +### Warning: running these commands can leave you in a state where you cannot boot. +Specifically, enabling `dev_boot_signed_only` will prevent PrawnOS from booting, as no key is stored in the bootloader for the PrawnOS Linux kernel +Its also a bad idea to disable `dev_boot_usb` unless you are positive you will always be able to boot to the internal emmc. +Unless you are running libreboot, the only way to recover if you get in one of these states is to reinstall chromeos using recovery media + +#### Example crossystem and mosys commands, most require root privileges + +Kernels signature verification: + +`sudo crossystem dev_boot_signed_only=1` enable +`sudo crossystem dev_boot_signed_only=0` disable + +External media boot: + +`sudo crossystem dev_boot_usb=1` enable +`sudo crossystem dev_boot_usb=0` disable + +Legacy payload boot: + +`sudo crossystem dev_boot_legacy=1` enable +`sudo crossystem dev_boot_legacy=0` disable + +Default boot medium: +`sudo crossystem dev_default_boot=disk` internal storage +`sudo crossystem dev_default_boot=usb` external media +`sudo crossystem dev_default_boot=legacy` legacy payload + +Dump system state: +`sudo crossystem` + +View mosys command tree: +`sudo mosys -t` + ### GPU Support Watch this link for GPU support: diff --git a/scripts/InstallScripts/buildCrossystem.sh b/scripts/InstallScripts/buildCrossystem.sh new file mode 100644 index 0000000..21baff0 --- /dev/null +++ b/scripts/InstallScripts/buildCrossystem.sh @@ -0,0 +1,69 @@ +#!/bin/sh -xe + +#Build mosys, which is required for crossystem + + +# This file is part of PrawnOS (http://www.prawnos.com) +# Copyright (c) 2018 Hal Emmerich + +# PrawnOS is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# as published by the Free Software Foundation. + +# PrawnOS is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with PrawnOS. If not, see . + + +# install crossystem +sudo apt install -y vboot-utils + +#install clang and pre-reqs +sudo apt install -y clang uuid-dev meson pkg-config cmake libcmocka-dev cargo + +#clone flashmap, need to build libfmap +git clone https://github.com/dhendrix/flashmap.git +cd flashmap +make all +sudo make install + +#clone mosys. Later releases start depending on the minijail library which we would have to build, and that we don't care about anyway on linux +git clone https://chromium.googlesource.com/chromiumos/platform/mosys +cd mosys +git checkout release-R69-10895.B + +# compile the c parts +CC=clang meson -Darch=arm build +ninja -C build +# compile the rust parts +MESON_BUILD_ROOT=build cargo build + +# install mosys so crossystem can access it. It EXPECTS it to be right here and fails otherwise... +sudo cp build/mosys /usr/sbin/mosys + + +# Example crossystem commands, all require root priviledges +#Kernels signature verification: + +# crossystem dev_boot_signed_only=1 # enable +# crossystem dev_boot_signed_only=0 # disable + +#External media boot: + +# crossystem dev_boot_usb=1 # enable +# crossystem dev_boot_usb=0 # disable + +#Legacy payload boot: + +# crossystem dev_boot_legacy=1 # enable +# crossystem dev_boot_legacy=0 # disable + +#Default boot medium: + +# crossystem dev_default_boot=disk # internal storage +# crossystem dev_default_boot=usb # external media +# crossystem dev_default_boot=legacy # legacy payload