diff mbox series

[isar-cip-core,6/7] Add support for ARM-based swupdate/secure boot image

Message ID 4fe9685bb385cd4eea3c0c1a699d0575aebd8411.1657568458.git.jan.kiszka@siemens.com (mailing list archive)
State Handled Elsewhere
Headers show
Series SWUpdate/secure boot for ARM, related recipe updates | expand

Commit Message

Jan Kiszka July 11, 2022, 7:40 p.m. UTC 
From: Jan Kiszka <jan.kiszka@siemens.com>

Everything is now lined up so that enabling this almost trivial,
reusing what is there for qemu-arm64.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 Kconfig                                          |  4 ++--
 conf/machine/qemu-arm.conf                       |  5 +++++
 kas/opt/efibootguard.yml                         |  1 +
 recipes-bsp/u-boot/u-boot-qemu-arm_2022.07.bb    | 16 ++++++++++++++++
 .../lib/wic/plugins/source/efibootguard-boot.py  |  1 +
 .../lib/wic/plugins/source/efibootguard-efi.py   |  1 +
 start-qemu.sh                                    |  4 ++--
 wic/qemu-arm-efibootguard-secureboot.wks.in      |  1 +
 wic/qemu-arm-efibootguard.wks.in                 |  1 +
 9 files changed, 30 insertions(+), 4 deletions(-)
 create mode 100644 recipes-bsp/u-boot/u-boot-qemu-arm_2022.07.bb
 create mode 120000 wic/qemu-arm-efibootguard-secureboot.wks.in
 create mode 120000 wic/qemu-arm-efibootguard.wks.in
diff mbox series

Patch

diff --git a/Kconfig b/Kconfig
index 9c89008..c63000b 100644
--- a/Kconfig
+++ b/Kconfig
@@ -132,11 +132,11 @@  if IMAGE_FLASH && !KERNEL_4_4 && !KERNEL_4_19
 
 config IMAGE_SWUPDATE
 	bool "SWUpdate support for root partition"
-	depends on TARGET_QEMU_AMD64 || TARGET_SIMATIC_IPC227E || TARGET_QEMU_ARM64
+	depends on TARGET_QEMU_AMD64 || TARGET_SIMATIC_IPC227E || TARGET_QEMU_ARM64 || TARGET_QEMU_ARM
 
 config IMAGE_SECURE_BOOT
 	bool "Secure boot support"
-	depends on TARGET_QEMU_AMD64 || TARGET_QEMU_ARM64
+	depends on TARGET_QEMU_AMD64 || TARGET_QEMU_ARM64 || TARGET_QEMU_ARM
 	select IMAGE_SWUPDATE
 
 config KAS_INCLUDE_SWUPDATE_SECBOOT
diff --git a/conf/machine/qemu-arm.conf b/conf/machine/qemu-arm.conf
index 1937c4c..aa3a6b4 100644
--- a/conf/machine/qemu-arm.conf
+++ b/conf/machine/qemu-arm.conf
@@ -12,3 +12,8 @@  DISTRO_ARCH = "armhf"
 IMAGE_FSTYPES ?= "ext4"
 USE_CIP_KERNEL_CONFIG = "1"
 KERNEL_DEFCONFIG ?= "cip-kernel-config/${KERNEL_DEFCONFIG_VERSION}/arm/qemu_arm_defconfig"
+
+# for SWUpdate setups: watchdog is configured in U-Boot
+WDOG_TIMEOUT = "0"
+
+PREFERRED_PROVIDER_u-boot-${MACHINE} = "u-boot-qemu-arm"
diff --git a/kas/opt/efibootguard.yml b/kas/opt/efibootguard.yml
index 4282932..cee9c78 100644
--- a/kas/opt/efibootguard.yml
+++ b/kas/opt/efibootguard.yml
@@ -36,3 +36,4 @@  local_conf_header:
     DISTRO_APT_PREFERENCES_append_qemu-amd64_buster = " conf/distro/preferences.ovmf-snakeoil.conf"
     # Add U-Boot for qemu
     IMAGER_BUILD_DEPS_append_qemu-arm64 += "u-boot-qemu-arm64"
+    IMAGER_BUILD_DEPS_append_qemu-arm += "u-boot-qemu-arm"
diff --git a/recipes-bsp/u-boot/u-boot-qemu-arm_2022.07.bb b/recipes-bsp/u-boot/u-boot-qemu-arm_2022.07.bb
new file mode 100644
index 0000000..cdad19a
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-qemu-arm_2022.07.bb
@@ -0,0 +1,16 @@ 
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Siemens AG, 2022
+#
+# Authors:
+#  Jan Kiszka <jan.kiszka@siemens.com>
+#
+# SPDX-License-Identifier: MIT
+#
+
+require u-boot-qemu-common.inc
+
+U_BOOT_CONFIG = "qemu_arm_defconfig"
+
+EFI_ARCH = "arm"
diff --git a/scripts/lib/wic/plugins/source/efibootguard-boot.py b/scripts/lib/wic/plugins/source/efibootguard-boot.py
index 4b7fa8d..f9b232b 100644
--- a/scripts/lib/wic/plugins/source/efibootguard-boot.py
+++ b/scripts/lib/wic/plugins/source/efibootguard-boot.py
@@ -184,6 +184,7 @@  class EfibootguardBootPlugin(SourcePlugin):
         distro_to_efi_arch = {
             "amd64": "x64",
             "arm64": "aa64",
+            "armhf": "arm",
             "i386": "ia32"
         }
         rootfs_path = rootfs_dir.get('ROOTFS_DIR')
diff --git a/scripts/lib/wic/plugins/source/efibootguard-efi.py b/scripts/lib/wic/plugins/source/efibootguard-efi.py
index 140b734..a754ee1 100644
--- a/scripts/lib/wic/plugins/source/efibootguard-efi.py
+++ b/scripts/lib/wic/plugins/source/efibootguard-efi.py
@@ -55,6 +55,7 @@  class EfibootguardEFIPlugin(SourcePlugin):
         distro_to_efi_arch = {
             "amd64": "x64",
             "arm64": "aa64",
+            "armhf": "arm",
             "i386": "ia32"
         }
 
diff --git a/start-qemu.sh b/start-qemu.sh
index f7ca87f..bcc7a51 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -145,8 +145,8 @@  if [ -n "${SECURE_BOOT}${SWUPDATE_BOOT}" ]; then
 					${QEMU_COMMON_OPTIONS} "$@"
 			fi
 			;;
-		arm64|aarch64)
-			u_boot_bin=${FIRMWARE_BIN:-./build/tmp/deploy/images/qemu-arm64/firmware.bin}
+		arm64|aarch64|arm|armhf)
+			u_boot_bin=${FIRMWARE_BIN:-./build/tmp/deploy/images/qemu-${QEMU_ARCH}/firmware.bin}
 
 			${QEMU_PATH}${QEMU} \
 				-drive file=${IMAGE_PREFIX}.wic,discard=unmap,if=none,id=disk,format=raw \
diff --git a/wic/qemu-arm-efibootguard-secureboot.wks.in b/wic/qemu-arm-efibootguard-secureboot.wks.in
new file mode 120000
index 0000000..c6ac32f
--- /dev/null
+++ b/wic/qemu-arm-efibootguard-secureboot.wks.in
@@ -0,0 +1 @@ 
+qemu-arm64-efibootguard-secureboot.wks.in
\ No newline at end of file
diff --git a/wic/qemu-arm-efibootguard.wks.in b/wic/qemu-arm-efibootguard.wks.in
new file mode 120000
index 0000000..9cb5f0e
--- /dev/null
+++ b/wic/qemu-arm-efibootguard.wks.in
@@ -0,0 +1 @@ 
+qemu-arm64-efibootguard.wks.in
\ No newline at end of file