Note

The Funtoo Linux project has transitioned to "Hobby Mode" and this wiki is now read-only.

Funtoo Linux Installation on Chromebook Pixel 2015

From Funtoo
Revision as of 22:29, March 5, 2016 by Nethawk (talk | contribs)
Jump to navigation Jump to search

Introduction

This article is a collection of thoughts, knowledge and procedures discovered while installing Funtoo linux on the Google Chromebook Pixel 2015. It is aimed to provide a concise explanation as well as a walkthrough of the components and steps required. However it will not go into the details of the applications or technologies, leaving that to external documentation.

   Note

This is an ongoing effort, e.g Under Construction

   Note

While installing this machine I first wanted to just wipe everything and install Funtoo, but decided to dual boot at first to see how it behaves, identify possible optimizations etc., before wiping the rest of the ChromeOS installation. That being said, it might be worth noting that I did remove the firmware protection and set the flags as described in #Setting seaBIOS as default boot option before setting out on actually installing anything. So verification of certain parts of this article is required.

   Important

Do anything described here or in the linked articles at your own risk, you may damage or otherwise make your device unusable and might need to contact Google for support. Be sure to read this article and all linked articles carefully, and only proceed to do something when you are sure you know what it does.

Developer Mode

Putting the Chromebook in developer mode is a requirement. Also get accustomed to opening the shell and gaining root privileges. Note that changes to ChromeOS's root filesystem are not required for this, so no need to disable root filesystem verification.

Crouton

It was suggested that crouton is a viable alternative to installing a separate Linux distribution. The advantage is that it's simple and requires no partitioning. The downside are that your are limited in distribution choice.

Dual Booting vs. Funtoo only

There are some differences in how to install the system for either dual booting with ChromeOS or removing it. Most notably, it is reported that if the "Signed boot verification" is enabled and ChromeOS is replaced with a different system, "...then your system might become corrupted on empty battery, resetting dev_boot_usb dev_boot_legacy to their default values, forcing you to recover Chrome OS..."[ Arch linux wiki ].

To avoid this, you can either Dual Boot or #Setting seaBIOS as default boot option and install Funtoo only. Another way would be to extract the kernel from ChromeOS and use that.

   Note

I already disabled "Signed boot verification", so someone needs to try this without touching the firmware to confirm that dual boot works with unsigned kernels.

Preparing for Installation

To prepare an additional or alternative operating system we will need to do some common setup, like enabling usb and legacy boot and preparing the installation media, but it is also highly recommended to make a full #Backup of the system before beginning .

Enabling USB boot

To enable usb boot run the following on ChromeOS as root:

root # crossystem dev_boot_usb=1 dev_boot_legacy=1

Preparing and testing the installation media

Installation can occur from pretty much any linux live environment, however for this article we'll be using system rescue cd. In order to make sure you can boot to the live environment, reboot your device and press ctrl+d at the white screen just before ChromeOS boots. You should now be greeted by the SeaBIOS boot system from where you can boot your live environment. Please note that you might have to play with the resolution options, especially for early boot print messages. What works for me in that case is to set vga=340 as parameter.

Backup

After booting a live environment like system rescue cd and mounting a large enough USB key (stock machines require about 2.0GB) you can take a full backup with:

root # dd if=/dev/sda | gzip > /mnt/usb_key/chromebook_pixel_2015_dd_backup.gzip

Setting SeaBIOS as default boot option

   Important

This step is only required for removing ChromeOS and installing funtoo on the whole drive. The steps in this section are all done in ChromeOS not the installation medium environment.

   Warning

This may damage your system, do at your own risk. You have been warned. Follow the steps on Developer Information from Chromium to remove the firmware write protection]. After this is done, do not reassemble the Chromebook. Turn it around, put it on a non-conductive, clean, clutter free surface and follow the steps below.

The first thing we need to do is disable the software write protection. Open a root shell and run flashrom --wp-status which will output something similar to:

flashrom v0.9.4  : 1d2f41b : Nov 12 2015 16:39:03 UTC on Linux 3.14.0 (x86_64), built with libpci 3.1.10, GCC 4.9.x-google 20150123 (prerelease), little endian
WP: status: 0x0080
WP: status.srp0: 1
WP: status.srp1: 0
WP: write protect is enabled.
WP: write protect range: start=0x00000000, len=0x00000000

To disable it run flashrom --wp-disable and double check if the command was successful with flashrom --wp-status.

Now it's time to set the GBB Flags, enter /usr/share/vboot/bin, from there run set_gbb_flags.sh -h which will produce an output similar to the following:

root # ./set_gbb_flags -h
Changes ChromeOS Firmware GBB Flags value.

  Usage: /usr/share/vboot/bin/set_gbb_flags.sh [option_flags] GBB_FLAGS_VALUE
  
  Defined flags (some values may be not supported by all systems):

  GBB_FLAG_DEV_SCREEN_SHORT_DELAY            0x00000001
  GBB_FLAG_LOAD_OPTION_ROMS                  0x00000002
  GBB_FLAG_ENABLE_ALTERNATE_OS               0x00000004
  GBB_FLAG_FORCE_DEV_SWITCH_ON               0x00000008
  GBB_FLAG_FORCE_DEV_BOOT_USB                0x00000010
  GBB_FLAG_DISABLE_FW_ROLLBACK_CHECK         0x00000020
  GBB_FLAG_ENTER_TRIGGERS_TONORM             0x00000040
  GBB_FLAG_FORCE_DEV_BOOT_LEGACY             0x00000080
  GBB_FLAG_FAFT_KEY_OVERIDE                  0x00000100
  GBB_FLAG_DISABLE_EC_SOFTWARE_SYNC          0x00000200
  GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY           0x00000400
  GBB_FLAG_DISABLE_PD_SOFTWARE_SYNC          0x00000800
  GBB_FLAG_DISABLE_LID_SHUTDOWN              0x00001000
  GBB_FLAG_FORCE_DEV_BOOT_FASTBOOT_FULL_CAP  0x00002000
  GBB_FLAG_ENABLE_SERIAL                     0x00004000

  To get a developer-friendly device, try 0x11 (short_delay + boot_usb).
  For factory-related tests (always DEV), try 0x39.
  For early development (disable EC/PD software sync), try 0xa39.

flags:
  -d,--[no]debug:  Provide debug messages (default: false)
  -f,--file:  Path to firmware image. Default to system firmware. (default: '')
  --[no]check_wp:  Check write protection states first. (default: true)
  -h,--[no]help:  show this help (default: false)

The options we are interested in are:

GBB_FLAG_DEV_SCREEN_SHORT_DELAY 0x00000001
GBB_FLAG_FORCE_DEV_SWITCH_ON 0x00000008
GBB_FLAG_FORCE_DEV_BOOT_LEGACY 0x00000080
GBB_FLAG_DEFAULT_DEV_BOOT_LEGACY 0x00000400

These options will set your device to boot to SeaBIOS by default. If we put these together we get 489, so the command we need to run becomes ./set_gbb_flags.sh 0x489. Note that ChromeOS is still available, but now the booting is reversed ( e.g. ctrl+d on the white screen is now ChromeOS).

Once this is complete, re-enable the write protection with flashrom --wp-enable. Check if it still turns on, boots to SeaBIOS by default and to ChromeOS via ctrl+d. Finally turn the device completely off shutdown -h now. Proceed to putting the write protection back into place and reassemble the device.

Preparing the hard drive

There are two distinct ways in which you can prepare the hard drive, either for dual booting purpouses or for installing Funtoo only. The later option should be easier, but will require you to #Setting SeaBIOS as default boot option. In both scenarios your data on the ChromeOS's State drive will be lost. This is the local data, not the one synced with Google's cloud system. Nonetheless it is recommended to make a backup of the files you hold dear at this point.

Preparing for Dual-Boot

Chrome OS has a distinct partition layout that it depends on. For more information on the specifics of the ChromeOS boot and partition layout visit the Chromium documentation. Fortunately there is a partition that is unused for now (as described in the drive partition documentation on Chromium.org). The KERN-C and ROOT-C partitions are "Minimal-size partition for future third kernel. There are rare cases where a third partition could help us avoid recovery mode (AU in progress + random corruption on boot partition + system crash). We decided it's not worth the space in V1, but that may change". The space for our new Funtoo installation will come from the STATE drive of ChromeOS (" User's browsing history, downloads, cache, etc. Encrypted per-user."), which means we'll shrink this partition and allocate the newly gained space to KERN-C and ROOT-C. While it will be explained how to do this manually, you can use the chromeShrinkState script to simplify this process. Simply put this script onto a USB key or into /home/chronos/user for now.

It is recommended to fully shutdown the chromebook and restart it at this point. Do not login to ChromeOS, press ctrl+alt+f2 at the login prompt to be taken to VT2, and login as the "chronos" user and run sudo to gain root privileges. Turn off powerd to stop the display timing out, the ui and cryptohomed to stop processed from using the state partition:

root # initctl stop ui
root # initctl stop  cryptohomed
root # initctl stop powerd

Check where /dev/sda1 is mounted with:

root # mount | grep /dev/sda1
/dev/sda1 on /mnt/stateful_partition type ext4 (rw,nosuid,nodev,noexec,relatime,commit=600,data=ordered)
/dev/sda1 on /home type ext4 (rw,nosuid,nodev,noexec,relatime,commit=600,data=ordered)
/dev/sda1 on /usr/local type ext4 (rw,nodev,relatime,commit=600,data=ordered)

Check if anything is using these mounts:

root # lsof | grep /home
root # lsof | grep /home
root # lsof | grep /usr/local

Preparing for Funtoo only