metropolis: implement and use A/B preloader
This switches over from using the EFI built-in bootloader for A/B
updates to using our own EFI preloader due to significant issues with
in-the-wild EFI implementations. It is a very minimal design relying
on a single Protobuf state file instead of EFI variables.
Change-Id: Ieebd0a8172ebe3f44c69b3e8c278c53d3fe2eeb4
Reviewed-on: https://review.monogon.dev/c/monogon/+/2203
Tested-by: Jenkins CI
Reviewed-by: Serge Bazanski <serge@monogon.tech>
diff --git a/metropolis/node/build/mkimage/main.go b/metropolis/node/build/mkimage/main.go
index 077348e..7de951e 100644
--- a/metropolis/node/build/mkimage/main.go
+++ b/metropolis/node/build/mkimage/main.go
@@ -27,6 +27,8 @@
package main
import (
+ "bytes"
+ _ "embed"
"flag"
"log"
"os"
@@ -36,6 +38,9 @@
"source.monogon.dev/metropolis/pkg/blockdev"
)
+//go:embed metropolis/node/core/abloader/abloader_bin.efi
+var abloader []byte
+
func main() {
// Fill in the image parameters based on flags.
var (
@@ -92,6 +97,8 @@
panic(err)
}
+ cfg.ABLoader = bytes.NewReader(abloader)
+
// Write the parametrized OS image.
if _, err := osimage.Create(&cfg); err != nil {
log.Fatalf("while creating a Metropolis OS image: %v", err)