1. 屏蔽grub的資訊
Gentoo上amd64 grub的版本是0.97-r12,需要修改源碼來屏蔽螢幕列印。
- 建立本地overlay:/usr/local/portage/xxx-overlay,新增內容:PORTDIR_OVERLAY="/usr/local/portage/xxx-overlay"到/etc/make.conf
- 在本地overlay目錄下建立:sys-boot-xxx/grub,將grub-0.97-r12.ebuild(來自gentoo官方portage樹)和metadata.xml拷貝到這裡
- 修改ebuild,因為我們要加入自己的patch,所以在
EPATCH_SUFFIX="patch" epatch "${WORKDIR}"/patch
這句的後面添加:
epatch "${FILESDIR}/<your patch filename>.patch"
- 在本地overlay目錄下建立files目錄,將我們的patch檔案放進去,這裡我的patch檔案是(消除了所有正常情況下的輸出):
diff -u -d -r grub-0.97.bak/stage1/stage1.S grub-0.97/stage1/stage1.S--- grub-0.97.bak/stage1/stage1.S 2012-12-21 19:13:16.864283386 +0800+++ grub-0.97/stage1/stage1.S 2012-12-21 19:41:52.792201571 +0800@@ -151,7 +151,7 @@ pushw %dx /* print a notification message on the screen */- MSG(notification_string)+ /* MSG(notification_string) */ /* do not probe LBA if the drive is a floppy */ testb $STAGE1_BIOS_HD_FLAG, %dldiff -u -d -r grub-0.97.bak/stage2/boot.c grub-0.97/stage2/boot.c--- grub-0.97.bak/stage2/boot.c 2012-12-21 19:13:16.855282243 +0800+++ grub-0.97/stage2/boot.c 2012-12-21 19:15:08.341435413 +0800@@ -280,8 +280,8 @@ errnum = ERR_WONT_FIT; else {- grub_printf (" [Linux-%s, setup=0x%x, size=0x%x]\n",- (big_linux ? "bzImage" : "zImage"), data_len, text_len);+ /* grub_printf (" [Linux-%s, setup=0x%x, size=0x%x]\n",+ (big_linux ? "bzImage" : "zImage"), data_len, text_len); */ /* Video mode selection support. What a mess! */ /* NOTE: Even the word "mess" is not still enough todiff -u -d -r grub-0.97.bak/stage2/cmdline.c grub-0.97/stage2/cmdline.c--- grub-0.97.bak/stage2/cmdline.c 2012-12-21 19:13:16.861283005 +0800+++ grub-0.97/stage2/cmdline.c 2012-12-21 19:14:47.768836881 +0800@@ -232,12 +232,12 @@ builtin = find_command (heap); if (! builtin) {- grub_printf ("%s\n", old_entry);+ /* grub_printf ("%s\n", old_entry); */ continue; } - if (! (builtin->flags & BUILTIN_NO_ECHO))- grub_printf ("%s\n", old_entry);+ /* if (! (builtin->flags & BUILTIN_NO_ECHO))+ grub_printf ("%s\n", old_entry); */ /* If BUILTIN cannot be run in the command-line, skip it. */ if (! (builtin->flags & BUILTIN_CMDLINE))diff -u -d -r grub-0.97.bak/stage2/disk_io.c grub-0.97/stage2/disk_io.c--- grub-0.97.bak/stage2/disk_io.c 2012-12-21 19:13:16.858282624 +0800+++ grub-0.97/stage2/disk_io.c 2012-12-21 19:22:50.732885018 +0800@@ -1351,7 +1351,7 @@ { if (! do_completion) {- printf (" Filesystem type ");+ /* printf (" Filesystem type "); if (fsys_type != NUM_FSYS) printf ("is %s, ", fsys_table[fsys_type].name);@@ -1361,7 +1361,8 @@ if (current_partition == 0xFFFFFF) printf ("using whole disk\n"); else- printf ("partition type 0x%x\n", current_slice & 0xFF);+ printf ("partition type 0x%x\n", current_slice & 0xFF); */+ return; } } #endif /* STAGE1_5 */diff -u -d -r grub-0.97.bak/stage2/stage1_5.c grub-0.97/stage2/stage1_5.c--- grub-0.97.bak/stage2/stage1_5.c 2012-12-21 19:13:16.862283132 +0800+++ grub-0.97/stage2/stage1_5.c 2012-12-21 19:24:14.499534514 +0800@@ -30,7 +30,7 @@ void cmain (void) {- grub_printf ("\n\nGRUB loading, please wait...\n");+ /* grub_printf ("\n\nGRUB loading, please wait...\n"); */ /* * Here load the true second-stage boot-loader.diff -u -d -r grub-0.97.bak/stage2/stage2.c grub-0.97/stage2/stage2.c--- grub-0.97.bak/stage2/stage2.c 2012-12-21 19:13:16.857282497 +0800+++ grub-0.97/stage2/stage2.c 2012-12-21 20:02:25.576707562 +0800@@ -288,8 +288,8 @@ grub_timeout--; /* Print a message. */- grub_printf ("\rPress `ESC' to enter the menu... %d ",- grub_timeout);+ /* grub_printf ("\rPress `ESC' to enter the menu... %d ",+ grub_timeout); */ } } }@@ -730,11 +730,11 @@ while (1) {- if (config_entries)+ /* if (config_entries) printf (" Booting \'%s\'\n\n", get_entry (menu_entries, first_entry + entryno, 0)); else- printf (" Booting command-list\n\n");+ printf (" Booting command-list\n\n"); */ if (! cur_entry) cur_entry = get_entry (config_entries, first_entry + entryno, 1);diff -u -d -r grub-0.97.bak/stage2/start.S grub-0.97/stage2/start.S--- grub-0.97.bak/stage2/start.S 2012-12-21 19:13:16.857282497 +0800+++ grub-0.97/stage2/start.S 2012-12-21 20:18:41.119650361 +0800@@ -67,7 +67,7 @@ /* print a notification message on the screen */ pushw %si- MSG(notification_string)+ /* MSG(notification_string) */ popw %si /* this sets up for the first run through "bootloop" */@@ -293,7 +293,7 @@ /* restore addressing regs and print a dot with correct DS (MSG modifies SI, which is saved, and unused AX and BX) */ popw %ds- MSG(notification_step)+ /* MSG(notification_step) */ popa /* check if finished with this dataset */@@ -310,7 +310,7 @@ bootit: /* print a newline */- MSG(notification_done)+ /* MSG(notification_done) */ popw %dx /* this makes sure %dl is our "boot" drive */ #ifdef STAGE1_5 ljmp $0, $0x2200
- ebuild grub-0.97-r12.ebuild manifest
- 前面我們建立的grub包所屬的category是sys-boot-xxx,這是為了區別系統的sys-boot/grub,方便emerge我們自己的grub。為了讓這個category能被emerge認識,為此,在我們的overlay根目錄(/usr/local/portage/xxx-overlay)下建立目錄profiles,然後繼續在profiles下建立檔案categories,在其中輸入內容:sys-boot-xxx
- emerge -C sys-boot/grub
- emerge -avt sys-boot-xxx/grub,這裡注意觀察我們的patch是否被apply了(官方grub本身就有很多patch會打,所以注意觀察我們的,是最後一個打的。我們製作這個patch時,其實也是在官方grub+官方patch的基礎上製作出來的,否則patch是打不上的)。
- grub編譯安裝完成了,運行:grub --no-floppy,然後:root (hd0,0) -> setup (hd0) -> quit
- 編輯/boot/grub/grub.conf,加入一行:hiddenmenu,這樣grub的menu就不會出現了。如果只是將timeout設成0的話,還是有一個閃動的畫面,所以這裡禁止了menu。
- Done. 可以重啟試一下。
2. 屏蔽kernel和Linux啟動資訊(init開始執行之後產生的資訊)
這相對就簡單很多了。網上有說添加kernel command option:console=/dev/null或者console=/dev/ttyS0,但是這樣還有一小部分資訊無法屏蔽,比如一開始的Uncompressing kernel...。所以我的做法是直接關掉所有的console,也就是VGA console(x86架構)和framebuffer console,make menuconfig輕鬆搞定。需要注意首先要enable CONFIG_EXPERT,否則VGA console是預設enable並且無法更改的。
Done. 現在除了BIOS資訊,其他就什麼資訊都沒有了。
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
