Message ID | 20220524145757.1704927-1-Quirin.Gylstorff@siemens.com (mailing list archive) |
---|---|
State | Handled Elsewhere |
Headers | show |
Series | [isar-cip-core] efibootguard-efi: Use correct search path for the efibinary | expand |
On 24.05.22 16:57, Quirin Gylstorff wrote: > From: Quirin Gylstorff <quirin.gylstorff@siemens.com> > > This fixes the build error: > ``` > ERROR: _exec_cmd: cp /usr/share/efibootguard/efibootguardx64.efi /tmp/tmp.1Y4utA1zC2/sentron-product-sentron-sentron.wic/tmp.wic.ampnawp6/bootx64.efi returned '1' instead of 0 > output: cp: cannot stat '/usr/share/efibootguard/efibootguardx64.efi': No such file or directory > ``` > > Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> > --- > scripts/lib/wic/plugins/source/efibootguard-efi.py | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/scripts/lib/wic/plugins/source/efibootguard-efi.py b/scripts/lib/wic/plugins/source/efibootguard-efi.py > index e1411cb..a01e484 100644 > --- a/scripts/lib/wic/plugins/source/efibootguard-efi.py > +++ b/scripts/lib/wic/plugins/source/efibootguard-efi.py > @@ -59,8 +59,10 @@ class EfibootguardEFIPlugin(SourcePlugin): > } > > distro_arch = get_bitbake_var("DISTRO_ARCH") > - bootloader = "/usr/share/efibootguard/efibootguard{}.efi".format( > - distro_to_efi_arch[distro_arch]) > + rootfs_path = rootfs_dir.get('ROOTFS_DIR') > + bootloader = "{rootfs_path}/usr/share/efibootguard/efibootguard{efiarch}.efi".format( > + rootfs_path=rootfs_path, > + efiarch=distro_to_efi_arch[distro_arch]) > part_rootfs_dir = "%s/disk/%s.%s" % (cr_workdir, > part.label, > part.lineno) Makes sense in first sight - but why did it work so far? Or did I miss to test one of the two cases (signed/unsigned)? Did you test both? Jan
On 5/24/22 17:07, Jan Kiszka wrote: > On 24.05.22 16:57, Quirin Gylstorff wrote: >> From: Quirin Gylstorff <quirin.gylstorff@siemens.com> >> >> This fixes the build error: >> ``` >> ERROR: _exec_cmd: cp /usr/share/efibootguard/efibootguardx64.efi /tmp/tmp.1Y4utA1zC2/sentron-product-sentron-sentron.wic/tmp.wic.ampnawp6/bootx64.efi returned '1' instead of 0 >> output: cp: cannot stat '/usr/share/efibootguard/efibootguardx64.efi': No such file or directory >> ``` >> >> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> >> --- >> scripts/lib/wic/plugins/source/efibootguard-efi.py | 6 ++++-- >> 1 file changed, 4 insertions(+), 2 deletions(-) >> >> diff --git a/scripts/lib/wic/plugins/source/efibootguard-efi.py b/scripts/lib/wic/plugins/source/efibootguard-efi.py >> index e1411cb..a01e484 100644 >> --- a/scripts/lib/wic/plugins/source/efibootguard-efi.py >> +++ b/scripts/lib/wic/plugins/source/efibootguard-efi.py >> @@ -59,8 +59,10 @@ class EfibootguardEFIPlugin(SourcePlugin): >> } >> >> distro_arch = get_bitbake_var("DISTRO_ARCH") >> - bootloader = "/usr/share/efibootguard/efibootguard{}.efi".format( >> - distro_to_efi_arch[distro_arch]) >> + rootfs_path = rootfs_dir.get('ROOTFS_DIR') >> + bootloader = "{rootfs_path}/usr/share/efibootguard/efibootguard{efiarch}.efi".format( >> + rootfs_path=rootfs_path, >> + efiarch=distro_to_efi_arch[distro_arch]) >> part_rootfs_dir = "%s/disk/%s.%s" % (cr_workdir, >> part.label, >> part.lineno) > > Makes sense in first sight - but why did it work so far? Or did I miss > to test one of the two cases (signed/unsigned)? Did you test both? > > Jan > I am still try to find the reason why it work in isar-cip-core. The error occured in a downstream project. Quirin
On 5/24/22 17:23, Quirin Gylstorff via lists.cip-project.org wrote: > > > On 5/24/22 17:07, Jan Kiszka wrote: >> On 24.05.22 16:57, Quirin Gylstorff wrote: >>> From: Quirin Gylstorff <quirin.gylstorff@siemens.com> >>> >>> This fixes the build error: >>> ``` >>> ERROR: _exec_cmd: cp /usr/share/efibootguard/efibootguardx64.efi >>> /tmp/tmp.1Y4utA1zC2/sentron-product-sentron-sentron.wic/tmp.wic.ampnawp6/bootx64.efi >>> returned '1' instead of 0 >>> output: cp: cannot stat >>> '/usr/share/efibootguard/efibootguardx64.efi': No such file or directory >>> ``` >>> >>> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> >>> --- >>> scripts/lib/wic/plugins/source/efibootguard-efi.py | 6 ++++-- >>> 1 file changed, 4 insertions(+), 2 deletions(-) >>> >>> diff --git a/scripts/lib/wic/plugins/source/efibootguard-efi.py >>> b/scripts/lib/wic/plugins/source/efibootguard-efi.py >>> index e1411cb..a01e484 100644 >>> --- a/scripts/lib/wic/plugins/source/efibootguard-efi.py >>> +++ b/scripts/lib/wic/plugins/source/efibootguard-efi.py >>> @@ -59,8 +59,10 @@ class EfibootguardEFIPlugin(SourcePlugin): >>> } >>> distro_arch = get_bitbake_var("DISTRO_ARCH") >>> - bootloader = >>> "/usr/share/efibootguard/efibootguard{}.efi".format( >>> - distro_to_efi_arch[distro_arch]) >>> + rootfs_path = rootfs_dir.get('ROOTFS_DIR') >>> + bootloader = >>> "{rootfs_path}/usr/share/efibootguard/efibootguard{efiarch}.efi".format( >>> + rootfs_path=rootfs_path, >>> + efiarch=distro_to_efi_arch[distro_arch]) >>> part_rootfs_dir = "%s/disk/%s.%s" % (cr_workdir, >>> part.label, >>> part.lineno) >> >> Makes sense in first sight - but why did it work so far? Or did I miss >> to test one of the two cases (signed/unsigned)? Did you test both? >> >> Jan >> > I am still try to find the reason why it work in isar-cip-core. The > error occured in a downstream project. In isar-cip-core the error never occured as we install `efibootguard` as a dependency for wic[1]. efibootguard-boot uses the same logic[2] to access the kernel stub. We should decide which is the correct way. I would prefer that we take both stubs from the buildchroot. [1]: https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/master/kas/opt/efibootguard.yml#L24 [2]: https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/master/scripts/lib/wic/plugins/source/efibootguard-boot.py#L190 Quirin
On 24.05.22 17:38, Gylstorff Quirin wrote: > > > On 5/24/22 17:23, Quirin Gylstorff via lists.cip-project.org wrote: >> >> >> On 5/24/22 17:07, Jan Kiszka wrote: >>> On 24.05.22 16:57, Quirin Gylstorff wrote: >>>> From: Quirin Gylstorff <quirin.gylstorff@siemens.com> >>>> >>>> This fixes the build error: >>>> ``` >>>> ERROR: _exec_cmd: cp /usr/share/efibootguard/efibootguardx64.efi >>>> /tmp/tmp.1Y4utA1zC2/sentron-product-sentron-sentron.wic/tmp.wic.ampnawp6/bootx64.efi >>>> returned '1' instead of 0 >>>> output: cp: cannot stat >>>> '/usr/share/efibootguard/efibootguardx64.efi': No such file or >>>> directory >>>> ``` >>>> >>>> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> >>>> --- >>>> scripts/lib/wic/plugins/source/efibootguard-efi.py | 6 ++++-- >>>> 1 file changed, 4 insertions(+), 2 deletions(-) >>>> >>>> diff --git a/scripts/lib/wic/plugins/source/efibootguard-efi.py >>>> b/scripts/lib/wic/plugins/source/efibootguard-efi.py >>>> index e1411cb..a01e484 100644 >>>> --- a/scripts/lib/wic/plugins/source/efibootguard-efi.py >>>> +++ b/scripts/lib/wic/plugins/source/efibootguard-efi.py >>>> @@ -59,8 +59,10 @@ class EfibootguardEFIPlugin(SourcePlugin): >>>> } >>>> distro_arch = get_bitbake_var("DISTRO_ARCH") >>>> - bootloader = >>>> "/usr/share/efibootguard/efibootguard{}.efi".format( >>>> - distro_to_efi_arch[distro_arch]) >>>> + rootfs_path = rootfs_dir.get('ROOTFS_DIR') >>>> + bootloader = >>>> "{rootfs_path}/usr/share/efibootguard/efibootguard{efiarch}.efi".format( >>>> >>>> + rootfs_path=rootfs_path, >>>> + efiarch=distro_to_efi_arch[distro_arch]) >>>> part_rootfs_dir = "%s/disk/%s.%s" % (cr_workdir, >>>> part.label, >>>> part.lineno) >>> >>> Makes sense in first sight - but why did it work so far? Or did I miss >>> to test one of the two cases (signed/unsigned)? Did you test both? >>> >>> Jan >>> >> I am still try to find the reason why it work in isar-cip-core. The >> error occured in a downstream project. > > In isar-cip-core the error never occured as we install `efibootguard` > as a dependency for wic[1]. > > efibootguard-boot uses the same logic[2] to access the kernel stub. > > > We should decide which is the correct way. I would prefer that we take > both stubs from the buildchroot. > Yes, the preferred source for bootloader artifacts should be the buildchroot and NOT that target image. We are currently installing more on the target as practically needed. If that should ever change, things shouldn't break here at plugin level. Jan > [1]: > https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/master/kas/opt/efibootguard.yml#L24 > > [2]: > https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/master/scripts/lib/wic/plugins/source/efibootguard-boot.py#L190 > > Quirin
On 5/24/22 17:50, Jan Kiszka wrote: > On 24.05.22 17:38, Gylstorff Quirin wrote: >> >> >> On 5/24/22 17:23, Quirin Gylstorff via lists.cip-project.org wrote: >>> >>> >>> On 5/24/22 17:07, Jan Kiszka wrote: >>>> On 24.05.22 16:57, Quirin Gylstorff wrote: >>>>> From: Quirin Gylstorff <quirin.gylstorff@siemens.com> >>>>> >>>>> This fixes the build error: >>>>> ``` >>>>> ERROR: _exec_cmd: cp /usr/share/efibootguard/efibootguardx64.efi >>>>> /tmp/tmp.1Y4utA1zC2/sentron-product-sentron-sentron.wic/tmp.wic.ampnawp6/bootx64.efi >>>>> returned '1' instead of 0 >>>>> output: cp: cannot stat >>>>> '/usr/share/efibootguard/efibootguardx64.efi': No such file or >>>>> directory >>>>> ``` >>>>> >>>>> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> >>>>> --- >>>>> scripts/lib/wic/plugins/source/efibootguard-efi.py | 6 ++++-- >>>>> 1 file changed, 4 insertions(+), 2 deletions(-) >>>>> >>>>> diff --git a/scripts/lib/wic/plugins/source/efibootguard-efi.py >>>>> b/scripts/lib/wic/plugins/source/efibootguard-efi.py >>>>> index e1411cb..a01e484 100644 >>>>> --- a/scripts/lib/wic/plugins/source/efibootguard-efi.py >>>>> +++ b/scripts/lib/wic/plugins/source/efibootguard-efi.py >>>>> @@ -59,8 +59,10 @@ class EfibootguardEFIPlugin(SourcePlugin): >>>>> } >>>>> distro_arch = get_bitbake_var("DISTRO_ARCH") >>>>> - bootloader = >>>>> "/usr/share/efibootguard/efibootguard{}.efi".format( >>>>> - distro_to_efi_arch[distro_arch]) >>>>> + rootfs_path = rootfs_dir.get('ROOTFS_DIR') >>>>> + bootloader = >>>>> "{rootfs_path}/usr/share/efibootguard/efibootguard{efiarch}.efi".format( >>>>> >>>>> + rootfs_path=rootfs_path, >>>>> + efiarch=distro_to_efi_arch[distro_arch]) >>>>> part_rootfs_dir = "%s/disk/%s.%s" % (cr_workdir, >>>>> part.label, >>>>> part.lineno) >>>> >>>> Makes sense in first sight - but why did it work so far? Or did I miss >>>> to test one of the two cases (signed/unsigned)? Did you test both? >>>> >>>> Jan >>>> >>> I am still try to find the reason why it work in isar-cip-core. The >>> error occured in a downstream project. >> >> In isar-cip-core the error never occured as we install `efibootguard` >> as a dependency for wic[1]. >> >> efibootguard-boot uses the same logic[2] to access the kernel stub. >> >> >> We should decide which is the correct way. I would prefer that we take >> both stubs from the buildchroot. >> > > Yes, the preferred source for bootloader artifacts should be the > buildchroot and NOT that target image. We are currently installing more > on the target as practically needed. If that should ever change, things > shouldn't break here at plugin level. > > Jan > >> [1]: >> https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/master/kas/opt/efibootguard.yml#L24 >> >> [2]: >> https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/master/scripts/lib/wic/plugins/source/efibootguard-boot.py#L190 >> >> Quirin > Should we move or reuse the files from salsa[3]? There the binaries are part of the dev package[4]. [3]: https://salsa.debian.org/debian/efibootguard/ [4]: https://salsa.debian.org/debian/efibootguard/-/blob/master/debian/libebgenv-dev.install Quirin
On 24.05.22 18:03, Gylstorff Quirin wrote: > > > On 5/24/22 17:50, Jan Kiszka wrote: >> On 24.05.22 17:38, Gylstorff Quirin wrote: >>> >>> >>> On 5/24/22 17:23, Quirin Gylstorff via lists.cip-project.org wrote: >>>> >>>> >>>> On 5/24/22 17:07, Jan Kiszka wrote: >>>>> On 24.05.22 16:57, Quirin Gylstorff wrote: >>>>>> From: Quirin Gylstorff <quirin.gylstorff@siemens.com> >>>>>> >>>>>> This fixes the build error: >>>>>> ``` >>>>>> ERROR: _exec_cmd: cp /usr/share/efibootguard/efibootguardx64.efi >>>>>> /tmp/tmp.1Y4utA1zC2/sentron-product-sentron-sentron.wic/tmp.wic.ampnawp6/bootx64.efi >>>>>> >>>>>> returned '1' instead of 0 >>>>>> output: cp: cannot stat >>>>>> '/usr/share/efibootguard/efibootguardx64.efi': No such file or >>>>>> directory >>>>>> ``` >>>>>> >>>>>> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com> >>>>>> --- >>>>>> scripts/lib/wic/plugins/source/efibootguard-efi.py | 6 ++++-- >>>>>> 1 file changed, 4 insertions(+), 2 deletions(-) >>>>>> >>>>>> diff --git a/scripts/lib/wic/plugins/source/efibootguard-efi.py >>>>>> b/scripts/lib/wic/plugins/source/efibootguard-efi.py >>>>>> index e1411cb..a01e484 100644 >>>>>> --- a/scripts/lib/wic/plugins/source/efibootguard-efi.py >>>>>> +++ b/scripts/lib/wic/plugins/source/efibootguard-efi.py >>>>>> @@ -59,8 +59,10 @@ class EfibootguardEFIPlugin(SourcePlugin): >>>>>> } >>>>>> distro_arch = get_bitbake_var("DISTRO_ARCH") >>>>>> - bootloader = >>>>>> "/usr/share/efibootguard/efibootguard{}.efi".format( >>>>>> - distro_to_efi_arch[distro_arch]) >>>>>> + rootfs_path = rootfs_dir.get('ROOTFS_DIR') >>>>>> + bootloader = >>>>>> "{rootfs_path}/usr/share/efibootguard/efibootguard{efiarch}.efi".format( >>>>>> >>>>>> >>>>>> + rootfs_path=rootfs_path, >>>>>> + efiarch=distro_to_efi_arch[distro_arch]) >>>>>> part_rootfs_dir = "%s/disk/%s.%s" % (cr_workdir, >>>>>> part.label, >>>>>> part.lineno) >>>>> >>>>> Makes sense in first sight - but why did it work so far? Or did I miss >>>>> to test one of the two cases (signed/unsigned)? Did you test both? >>>>> >>>>> Jan >>>>> >>>> I am still try to find the reason why it work in isar-cip-core. The >>>> error occured in a downstream project. >>> >>> In isar-cip-core the error never occured as we install `efibootguard` >>> as a dependency for wic[1]. >>> >>> efibootguard-boot uses the same logic[2] to access the kernel stub. >>> >>> >>> We should decide which is the correct way. I would prefer that we take >>> both stubs from the buildchroot. >>> >> >> Yes, the preferred source for bootloader artifacts should be the >> buildchroot and NOT that target image. We are currently installing more >> on the target as practically needed. If that should ever change, things >> shouldn't break here at plugin level. >> >> Jan >> >>> [1]: >>> https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/master/kas/opt/efibootguard.yml#L24 >>> >>> >>> [2]: >>> https://gitlab.com/cip-project/cip-core/isar-cip-core/-/blob/master/scripts/lib/wic/plugins/source/efibootguard-boot.py#L190 >>> >>> >>> Quirin >> > > > Should we move or reuse the files from salsa[3]? There the binaries are > part of the dev package[4]. > I don't think sticking the bootloader into the dev package is correct or in line with other bootloaders (grub-dev? system-dev?). The main ebg package should contain the bootloader, and if we want to split the tools from it, that should go into a separate package. Jan
diff --git a/scripts/lib/wic/plugins/source/efibootguard-efi.py b/scripts/lib/wic/plugins/source/efibootguard-efi.py index e1411cb..a01e484 100644 --- a/scripts/lib/wic/plugins/source/efibootguard-efi.py +++ b/scripts/lib/wic/plugins/source/efibootguard-efi.py @@ -59,8 +59,10 @@ class EfibootguardEFIPlugin(SourcePlugin): } distro_arch = get_bitbake_var("DISTRO_ARCH") - bootloader = "/usr/share/efibootguard/efibootguard{}.efi".format( - distro_to_efi_arch[distro_arch]) + rootfs_path = rootfs_dir.get('ROOTFS_DIR') + bootloader = "{rootfs_path}/usr/share/efibootguard/efibootguard{efiarch}.efi".format( + rootfs_path=rootfs_path, + efiarch=distro_to_efi_arch[distro_arch]) part_rootfs_dir = "%s/disk/%s.%s" % (cr_workdir, part.label, part.lineno)