-
Notifications
You must be signed in to change notification settings - Fork 548
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
fix: use custom Talos/kernel version when generating UKI
See siderolabs/image-factory#44 Instead of using constants, use proper Talos version and kernel version discovered from the image. Signed-off-by: Andrey Smirnov <[email protected]>
- Loading branch information
Showing
8 changed files
with
135 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
// This Source Code Form is subject to the terms of the Mozilla Public | ||
// License, v. 2.0. If a copy of the MPL was not distributed with this | ||
// file, You can obtain one at http://mozilla.org/MPL/2.0/. | ||
|
||
package uki | ||
|
||
import ( | ||
"bytes" | ||
"encoding/binary" | ||
"fmt" | ||
"os" | ||
"strings" | ||
) | ||
|
||
// DiscoverKernelVersion reads kernel version from the kernel image. | ||
// | ||
// This only works for x86 kernel images. | ||
// | ||
// Based on https://www.kernel.org/doc/html/v5.6/x86/boot.html. | ||
func DiscoverKernelVersion(kernelPath string) (string, error) { | ||
f, err := os.Open(kernelPath) | ||
if err != nil { | ||
return "", err | ||
} | ||
|
||
defer f.Close() //nolint:errcheck | ||
|
||
header := make([]byte, 1024) | ||
|
||
_, err = f.Read(header) | ||
if err != nil { | ||
return "", err | ||
} | ||
|
||
// check header magic | ||
if string(header[0x202:0x206]) != "HdrS" { | ||
return "", fmt.Errorf("invalid kernel image") | ||
} | ||
|
||
setupSects := header[0x1f1] | ||
versionOffset := binary.LittleEndian.Uint16(header[0x20e:0x210]) | ||
|
||
if versionOffset == 0 { | ||
return "", fmt.Errorf("no kernel version") | ||
} | ||
|
||
if versionOffset > uint16(setupSects)*0x200 { | ||
return "", fmt.Errorf("invalid kernel version offset") | ||
} | ||
|
||
versionOffset += 0x200 | ||
|
||
version := make([]byte, 256) | ||
|
||
_, err = f.ReadAt(version, int64(versionOffset)) | ||
if err != nil { | ||
return "", err | ||
} | ||
|
||
idx := bytes.IndexByte(version, 0) | ||
if idx == -1 { | ||
return "", fmt.Errorf("invalid kernel version") | ||
} | ||
|
||
versionString := string(version[:idx]) | ||
versionString, _, _ = strings.Cut(versionString, " ") | ||
|
||
return versionString, nil | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
// This Source Code Form is subject to the terms of the Mozilla Public | ||
// License, v. 2.0. If a copy of the MPL was not distributed with this | ||
// file, You can obtain one at http://mozilla.org/MPL/2.0/. | ||
|
||
package uki_test | ||
|
||
import ( | ||
"testing" | ||
|
||
"github.com/stretchr/testify/assert" | ||
"github.com/stretchr/testify/require" | ||
|
||
"github.com/siderolabs/talos/internal/pkg/secureboot/uki" | ||
) | ||
|
||
func TestKernelVersion(t *testing.T) { | ||
version, err := uki.DiscoverKernelVersion("testdata/kernel") | ||
require.NoError(t, err) | ||
|
||
assert.Equal(t, "6.1.58-talos", version) | ||
} |
Binary file not shown.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters