summaryrefslogtreecommitdiff
path: root/.root
diff options
context:
space:
mode:
Diffstat (limited to '.root')
-rw-r--r--.root/etc/cmdline.d/look.conf1
-rw-r--r--.root/etc/cmdline.d/root.conf1
-rw-r--r--.root/etc/cmdline.d/virt.conf1
-rwxr-xr-x.root/etc/initcpio/post/uki-sbsign15
-rw-r--r--.root/etc/mkinitcpio.d/linux-lts.preset17
-rw-r--r--.root/etc/mkinitcpio.d/linux.preset17
-rw-r--r--.root/etc/pacman.d/hooks/uki.hook16
7 files changed, 68 insertions, 0 deletions
diff --git a/.root/etc/cmdline.d/look.conf b/.root/etc/cmdline.d/look.conf
new file mode 100644
index 0000000..4c1901f
--- /dev/null
+++ b/.root/etc/cmdline.d/look.conf
@@ -0,0 +1 @@
+loglevel=0 text bgrt_disable
diff --git a/.root/etc/cmdline.d/root.conf b/.root/etc/cmdline.d/root.conf
new file mode 100644
index 0000000..9c0248e
--- /dev/null
+++ b/.root/etc/cmdline.d/root.conf
@@ -0,0 +1 @@
+cryptdevice=UUID=c2ac4d90-704e-4f64-a699-4cf69d40bd0b:root:discard root=/dev/mapper/root rw
diff --git a/.root/etc/cmdline.d/virt.conf b/.root/etc/cmdline.d/virt.conf
new file mode 100644
index 0000000..9b754f7
--- /dev/null
+++ b/.root/etc/cmdline.d/virt.conf
@@ -0,0 +1 @@
+amd_iommu=on
diff --git a/.root/etc/initcpio/post/uki-sbsign b/.root/etc/initcpio/post/uki-sbsign
new file mode 100755
index 0000000..eb34cd4
--- /dev/null
+++ b/.root/etc/initcpio/post/uki-sbsign
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+uki="$3"
+[[ -n "$uki" ]] || exit 0
+
+keypairs=(/usr/share/secureboot/keys/db/db.key /usr/share/secureboot/keys/db/db.pem)
+
+for (( i=0; i<${#keypairs[@]}; i+=2 )); do
+ key="${keypairs[$i]}"
+ cert="${keypairs[(( i + 1))]}"
+ if ! sbverify --cert "$cert" "$uki" &>/dev/null; then
+ sbsign --key "$key" --cert "$cert" --output "$uki" "$uki"
+ fi
+done
+
diff --git a/.root/etc/mkinitcpio.d/linux-lts.preset b/.root/etc/mkinitcpio.d/linux-lts.preset
new file mode 100644
index 0000000..a55ad38
--- /dev/null
+++ b/.root/etc/mkinitcpio.d/linux-lts.preset
@@ -0,0 +1,17 @@
+# mkinitcpio preset file for the 'linux-lts' package
+
+#ALL_config="/etc/mkinitcpio.conf"
+ALL_kver="/boot/vmlinuz-linux-lts"
+ALL_microcode=(/boot/*-ucode.img)
+
+PRESETS=('default' 'fallback')
+
+#default_config="/etc/mkinitcpio.conf"
+#default_image="/boot/initramfs-linux-lts.img"
+default_uki="/boot/efi/EFI/Linux/arch-linux-lts.efi"
+#default_options="--splash /usr/share/systemd/bootctl/splash-arch.bmp"
+
+#fallback_config="/etc/mkinitcpio.conf"
+#fallback_image="/boot/initramfs-linux-lts-fallback.img"
+fallback_uki="/boot/efi/EFI/Linux/arch-linux-lts-fallback.efi"
+fallback_options="-S autodetect"
diff --git a/.root/etc/mkinitcpio.d/linux.preset b/.root/etc/mkinitcpio.d/linux.preset
new file mode 100644
index 0000000..3c28a52
--- /dev/null
+++ b/.root/etc/mkinitcpio.d/linux.preset
@@ -0,0 +1,17 @@
+# mkinitcpio preset file for the 'linux' package
+
+#ALL_config="/etc/mkinitcpio.conf"
+ALL_kver="/boot/vmlinuz-linux"
+ALL_microcode=(/boot/*-ucode.img)
+
+PRESETS=('default' 'fallback')
+
+#default_config="/etc/mkinitcpio.conf"
+#default_image="/boot/initramfs-linux.img"
+default_uki="/boot/efi/EFI/Linux/arch-linux.efi"
+#default_options="--splash /usr/share/systemd/bootctl/splash-arch.bmp"
+
+#fallback_config="/etc/mkinitcpio.conf"
+#fallback_image="/boot/initramfs-linux-fallback.img"
+fallback_uki="/boot/efi/EFI/Linux/arch-linux-fallback.efi"
+fallback_options="-S autodetect"
diff --git a/.root/etc/pacman.d/hooks/uki.hook b/.root/etc/pacman.d/hooks/uki.hook
new file mode 100644
index 0000000..3ca2bf8
--- /dev/null
+++ b/.root/etc/pacman.d/hooks/uki.hook
@@ -0,0 +1,16 @@
+[Trigger]
+Operation=Install
+Operation=Upgrade
+Operation=Remove
+Type=Package
+Target=amd-ucode
+Target=linux
+Target=linux-lts
+
+[Action]
+Description=Update Kernel and Microcode in initramfs
+Depends=mkinitcpio
+When=PostTransaction
+NeedsTargets
+Exec=/bin/sh -c 'while read -r trg; do case $trg in linux) exit 0; esac; done; /usr/bin/mkinitcpio -P'
+
generated by cgit v1.2.3-freya (git 2.51.0) at 2025-09-23 03:29:36 +0000