From patchwork Mon Jul 11 19:40:52 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jan Kiszka <jan.kiszka@siemens.com>
X-Patchwork-Id: 12914178
Return-Path: <jan.kiszka@siemens.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C1932CCA485
	for <webhook@archiver.kernel.org>; Mon, 11 Jul 2022 19:41:04 +0000 (UTC)
Received: from mta-64-228.siemens.flowmailer.net
 (mta-64-228.siemens.flowmailer.net [185.136.64.228])
 by mx.groups.io with SMTP id smtpd.web10.185.1657568462101678157
 for <cip-dev@lists.cip-project.org>;
 Mon, 11 Jul 2022 12:41:02 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=Cf3LJXvF;
 spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.228,
 mailfrom:
 fm-294854-20220711194059ab44f7f1a1d53bb797-9ckxkl@rts-flowmailer.siemens.com)
Received: by mta-64-228.siemens.flowmailer.net with ESMTPSA id
 20220711194059ab44f7f1a1d53bb797
        for <cip-dev@lists.cip-project.org>;
        Mon, 11 Jul 2022 21:40:59 +0200
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=jan.kiszka@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To;
 bh=bANYapUr7al37NScZ2xmo6ZgKKM+V9iQn3Iz074S0Ic=;
 b=Cf3LJXvFfioG5u/TLcGPbOa2zGEvd9cmzxVZHFrCpK7nxJPrVdIQWOfi3HwTvsO9Hdy8DQ
 +ie10WM1cp38ziBwW26DV3U5PbHbugeUSTH03DB4Ce9LxianTXMLOa8PsDOQFUUjGoNrurDW
 O4wDC8Y410yEv1pkBkgodcmuzizhg=;
From: Jan Kiszka <jan.kiszka@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: Christian Storm <christian.storm@siemens.com>,
	Quirin Gylstorff <quirin.gylstorff@siemens.com>
Subject: [isar-cip-core][PATCH 1/7] linux-cip: Update cip-kernel-config
 revision
Date: Mon, 11 Jul 2022 21:40:52 +0200
Message-Id: 
 <a79b741d3b14c0d3bdef713676c7b3bd1e861d11.1657568458.git.jan.kiszka@siemens.com>
In-Reply-To: <cover.1657568458.git.jan.kiszka@siemens.com>
References: <cover.1657568458.git.jan.kiszka@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-294854:519-21489:flowmailer
List-Id: <cip-dev.lists.cip-project.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <cip-dev@lists.cip-project.org>; Mon, 11 Jul 2022 19:41:04 -0000
X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/8742

From: Jan Kiszka <jan.kiszka@siemens.com>

Needed to use qemu-arm with UEFI secure boot / swupdate and also for
qemu-arm on 4.4 kernels

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 recipes-kernel/linux/linux-cip-common.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/recipes-kernel/linux/linux-cip-common.inc b/recipes-kernel/linux/linux-cip-common.inc
index c12a60f..b612efa 100644
--- a/recipes-kernel/linux/linux-cip-common.inc
+++ b/recipes-kernel/linux/linux-cip-common.inc
@@ -25,6 +25,6 @@ SRC_URI_append = " ${@ "git://gitlab.com/cip-project/cip-kernel/cip-kernel-confi
 
 SRC_URI_append_bbb = "file://${KERNEL_DEFCONFIG}"
 
-SRCREV_cip-kernel-config ?= "a8d04df6595344091eee2b242c3a0f5e108f966c"
+SRCREV_cip-kernel-config ?= "6509d11f52b7df71b8b2228c1bccd7913e4a33b8"
 
 S = "${WORKDIR}/linux-cip-${PV}"

From patchwork Mon Jul 11 19:40:53 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jan Kiszka <jan.kiszka@siemens.com>
X-Patchwork-Id: 12914174
Return-Path: <jan.kiszka@siemens.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A6AB4C3F2D4
	for <webhook@archiver.kernel.org>; Mon, 11 Jul 2022 19:41:04 +0000 (UTC)
Received: from mta-64-226.siemens.flowmailer.net
 (mta-64-226.siemens.flowmailer.net [185.136.64.226])
 by mx.groups.io with SMTP id smtpd.web09.158.1657568462358557290
 for <cip-dev@lists.cip-project.org>;
 Mon, 11 Jul 2022 12:41:02 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=E/RHcv72;
 spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.226,
 mailfrom:
 fm-294854-202207111941001e9cf057363a2d90f8-2ii7qp@rts-flowmailer.siemens.com)
Received: by mta-64-226.siemens.flowmailer.net with ESMTPSA id
 202207111941001e9cf057363a2d90f8
        for <cip-dev@lists.cip-project.org>;
        Mon, 11 Jul 2022 21:41:00 +0200
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=jan.kiszka@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To;
 bh=polFVpu3zLUceiWsvVzYwuK2YTntasdySnNYZBiX1DI=;
 b=E/RHcv72UgKlK1GB/Hq9G9NkeRX0fTdwm3X/6M5V7dkpRhL0sYiN/wk90qkAOXAm7fbzaF
 hlEBYPzWYIlKypgj38b/3BVl+lb287PQtqacW0AKYKV6/ekp+2sBzJpOgCIc00YSaiIlgbtA
 ss0+wnOL3aL3t2YDbLmx+LMw+7jA8=;
From: Jan Kiszka <jan.kiszka@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: Christian Storm <christian.storm@siemens.com>,
	Quirin Gylstorff <quirin.gylstorff@siemens.com>
Subject: [isar-cip-core][PATCH 2/7] efibootguard: Do not rely on mcopy to
 perform recursive copies
Date: Mon, 11 Jul 2022 21:40:53 +0200
Message-Id: 
 <f08b660fa76e52b3c91b8e308281690e0af2e86b.1657568458.git.jan.kiszka@siemens.com>
In-Reply-To: <cover.1657568458.git.jan.kiszka@siemens.com>
References: <cover.1657568458.git.jan.kiszka@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-294854:519-21489:flowmailer
List-Id: <cip-dev.lists.cip-project.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <cip-dev@lists.cip-project.org>; Mon, 11 Jul 2022 19:41:04 -0000
X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/8741

From: Jan Kiszka <jan.kiszka@siemens.com>

This is broken for old buster on ARM (or over qemu-user for ARM).

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 scripts/lib/wic/plugins/source/efibootguard-efi.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/scripts/lib/wic/plugins/source/efibootguard-efi.py b/scripts/lib/wic/plugins/source/efibootguard-efi.py
index e1411cb..140b734 100644
--- a/scripts/lib/wic/plugins/source/efibootguard-efi.py
+++ b/scripts/lib/wic/plugins/source/efibootguard-efi.py
@@ -98,7 +98,11 @@ class EfibootguardEFIPlugin(SourcePlugin):
             (part.label.upper(), efi_part_image, blocks)
         exec_cmd(dosfs_cmd)
 
-        mcopy_cmd = "mcopy -v -i %s -s %s/* ::/" % \
+        # mtools for buster have problems with resursive mcopy.
+        # Therefore, create the target dir via mmd first.
+        mmd_cmd = "mmd -i %s ::/EFI ::/EFI/BOOT" % (efi_part_image)
+        exec_cmd(mmd_cmd, True)
+        mcopy_cmd = "mcopy -v -i %s -s %s/EFI/BOOT/* ::/EFI/BOOT" % \
             (efi_part_image, part_rootfs_dir)
         exec_cmd(mcopy_cmd, True)
 

From patchwork Mon Jul 11 19:40:54 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jan Kiszka <jan.kiszka@siemens.com>
X-Patchwork-Id: 12914175
Return-Path: <jan.kiszka@siemens.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A4591CCA47B
	for <webhook@archiver.kernel.org>; Mon, 11 Jul 2022 19:41:04 +0000 (UTC)
Received: from mta-65-226.siemens.flowmailer.net
 (mta-65-226.siemens.flowmailer.net [185.136.65.226])
 by mx.groups.io with SMTP id smtpd.web12.184.1657568462866071667
 for <cip-dev@lists.cip-project.org>;
 Mon, 11 Jul 2022 12:41:03 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=OHUaNdtW;
 spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.226,
 mailfrom:
 fm-294854-202207111941000f06b00d5c9191c6b6-4omhgn@rts-flowmailer.siemens.com)
Received: by mta-65-226.siemens.flowmailer.net with ESMTPSA id
 202207111941000f06b00d5c9191c6b6
        for <cip-dev@lists.cip-project.org>;
        Mon, 11 Jul 2022 21:41:00 +0200
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=jan.kiszka@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To;
 bh=+0qdV1irPjEJgpg18P2NJykefnMTsMaA4R7E193Z0fE=;
 b=OHUaNdtWN7fJ19Z+WDtUG1TUDfmWZGZ7aqUlNQa4hHGDUZD6ulXpPUU8N+Poeo+NpI100Y
 AxO9ip2sW6eRI6Nnlq5y8hI4fb/UCGk5t6zDJBKYdir5i9oR3TYK/KcZ+wKKoR/0lLD1TFf2
 WAIif2ks+6w4TOFpgVbesXH42JHfU=;
From: Jan Kiszka <jan.kiszka@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: Christian Storm <christian.storm@siemens.com>,
	Quirin Gylstorff <quirin.gylstorff@siemens.com>
Subject: [isar-cip-core][PATCH 3/7] efibootguard: Update to release 0.12
Date: Mon, 11 Jul 2022 21:40:54 +0200
Message-Id: 
 <4e7ea3e468760b19ab3a48faf8acae1a0849a41c.1657568458.git.jan.kiszka@siemens.com>
In-Reply-To: <cover.1657568458.git.jan.kiszka@siemens.com>
References: <cover.1657568458.git.jan.kiszka@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-294854:519-21489:flowmailer
List-Id: <cip-dev.lists.cip-project.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <cip-dev@lists.cip-project.org>; Mon, 11 Jul 2022 19:41:04 -0000
X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/8744

From: Jan Kiszka <jan.kiszka@siemens.com>

Allows to drop our patch. And it's the precondition to add ARM support.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 ...bootguard_0.11.bb => efibootguard_0.12.bb} |  5 ++--
 ...efile-Drop-nostdinc-for-EFI-binaries.patch | 28 -------------------
 2 files changed, 2 insertions(+), 31 deletions(-)
 rename recipes-bsp/efibootguard/{efibootguard_0.11.bb => efibootguard_0.12.bb} (85%)
 delete mode 100644 recipes-bsp/efibootguard/files/0001-Makefile-Drop-nostdinc-for-EFI-binaries.patch

diff --git a/recipes-bsp/efibootguard/efibootguard_0.11.bb b/recipes-bsp/efibootguard/efibootguard_0.12.bb
similarity index 85%
rename from recipes-bsp/efibootguard/efibootguard_0.11.bb
rename to recipes-bsp/efibootguard/efibootguard_0.12.bb
index ef6cd9c..88dc2ed 100644
--- a/recipes-bsp/efibootguard/efibootguard_0.11.bb
+++ b/recipes-bsp/efibootguard/efibootguard_0.12.bb
@@ -19,15 +19,14 @@ MAINTAINER = "Jan Kiszka <jan.kiszka@siemens.com>"
 SRC_URI = " \
     https://github.com/siemens/efibootguard/archive/refs/tags/v${PV}.tar.gz;downloadfilename=efitbootguard-v${PV}.tar.gz \
     file://debian \
-    file://0001-Makefile-Drop-nostdinc-for-EFI-binaries.patch \
     "
-SRC_URI[sha256sum] = "12bd84ff63a34bef56e489b48d4f97955aa4d864eeff9ea2dea1d24a286d8ebe"
+SRC_URI[sha256sum] = "fd670f7a60a605c68ed411a9ab83ac680fbc9a9b5a8fd7b417c049f6cba5b6dc"
 
 PROVIDES = "${PN}"
 PROVIDES += "${PN}-dev"
 
 DEPENDS = "python3-shtab"
-BUILD_DEB_DEPENDS = "dh-exec,gnu-efi,libpci-dev,check,pkg-config,python3-shtab"
+BUILD_DEB_DEPENDS = "dh-exec,autoconf-archive,gnu-efi,libpci-dev,check,pkg-config,python3-shtab"
 BUILD_DEB_DEPENDS_append_amd64 = ",libc6-dev-i386"
 BUILD_DEB_DEPENDS_append_i386 = ",libc6-dev-i386"
 
diff --git a/recipes-bsp/efibootguard/files/0001-Makefile-Drop-nostdinc-for-EFI-binaries.patch b/recipes-bsp/efibootguard/files/0001-Makefile-Drop-nostdinc-for-EFI-binaries.patch
deleted file mode 100644
index 8cc1654..0000000
--- a/recipes-bsp/efibootguard/files/0001-Makefile-Drop-nostdinc-for-EFI-binaries.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From daf4cb61bec56dac628be83b95a7072c184eabcd Mon Sep 17 00:00:00 2001
-From: Jan Kiszka <jan.kiszka@siemens.com>
-Date: Wed, 4 May 2022 11:52:53 +0200
-Subject: [PATCH] Makefile: Drop -nostdinc for EFI binaries
-
-Not needed, also systemd-boot does not use it, and it actually triggers
-a build failure on Debian 10, possibly on other distros as well.
-
-Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
----
- Makefile.am | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/Makefile.am b/Makefile.am
-index f0daa15..7398b85 100644
---- a/Makefile.am
-+++ b/Makefile.am
-@@ -191,7 +191,6 @@ efi_cflags = \
- 	-Wall \
- 	-Wextra \
- 	-std=gnu99 \
--	-nostdinc \
- 	-ggdb -O0 \
- 	-fpic \
- 	-fshort-wchar \
--- 
-2.34.1
-

From patchwork Mon Jul 11 19:40:55 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jan Kiszka <jan.kiszka@siemens.com>
X-Patchwork-Id: 12914176
Return-Path: <jan.kiszka@siemens.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 976ACC433EF
	for <webhook@archiver.kernel.org>; Mon, 11 Jul 2022 19:41:04 +0000 (UTC)
Received: from mta-65-225.siemens.flowmailer.net
 (mta-65-225.siemens.flowmailer.net [185.136.65.225])
 by mx.groups.io with SMTP id smtpd.web09.159.1657568462960130908
 for <cip-dev@lists.cip-project.org>;
 Mon, 11 Jul 2022 12:41:03 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=bHE60Wd5;
 spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.225,
 mailfrom:
 fm-294854-20220711194100175e825e80f349cc38-xrqhug@rts-flowmailer.siemens.com)
Received: by mta-65-225.siemens.flowmailer.net with ESMTPSA id
 20220711194100175e825e80f349cc38
        for <cip-dev@lists.cip-project.org>;
        Mon, 11 Jul 2022 21:41:01 +0200
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=jan.kiszka@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To;
 bh=uA4R1JbI+t41l9E6UMJKC3Zl+Uh6CDKCRPRPKckg33U=;
 b=bHE60Wd5P4q9RUZRES2Ksx9dJp2oB43+9BHNz3wgtyxPHXyouSaOj/SeaoOMYmazGqjNkd
 SLiFjXbmy++6FjKuEd7HWIP/JQqaur9JDRbvRROLjzSVeHhiqS+2OuL/8EBfnyE0PF3zl+jD
 uWRFQqMuwqgAeKq5f4gqd73mBqRwM=;
From: Jan Kiszka <jan.kiszka@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: Christian Storm <christian.storm@siemens.com>,
	Quirin Gylstorff <quirin.gylstorff@siemens.com>
Subject: [isar-cip-core][PATCH 4/7] u-boot-qemu-arm64: Update to 2022.07
Date: Mon, 11 Jul 2022 21:40:55 +0200
Message-Id: 
 <e1a5f23cc2ba70d7cca4d59534126b890a432e49.1657568458.git.jan.kiszka@siemens.com>
In-Reply-To: <cover.1657568458.git.jan.kiszka@siemens.com>
References: <cover.1657568458.git.jan.kiszka@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-294854:519-21489:flowmailer
List-Id: <cip-dev.lists.cip-project.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <cip-dev@lists.cip-project.org>; Mon, 11 Jul 2022 19:41:04 -0000
X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/8745

From: Jan Kiszka <jan.kiszka@siemens.com>

This is required because of a critical fix in that release to actually
validate hashes of UEFI signatures. And it allows to drop our patch.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 ...-rtc_mktime-and-mktime64-Y2038-ready.patch | 107 ------------------
 ...022.04.bb => u-boot-qemu-arm64_2022.07.bb} |   3 +-
 2 files changed, 1 insertion(+), 109 deletions(-)
 delete mode 100644 recipes-bsp/u-boot/files/0001-lib-date-Make-rtc_mktime-and-mktime64-Y2038-ready.patch
 rename recipes-bsp/u-boot/{u-boot-qemu-arm64_2022.04.bb => u-boot-qemu-arm64_2022.07.bb} (87%)

diff --git a/recipes-bsp/u-boot/files/0001-lib-date-Make-rtc_mktime-and-mktime64-Y2038-ready.patch b/recipes-bsp/u-boot/files/0001-lib-date-Make-rtc_mktime-and-mktime64-Y2038-ready.patch
deleted file mode 100644
index b2ff705..0000000
--- a/recipes-bsp/u-boot/files/0001-lib-date-Make-rtc_mktime-and-mktime64-Y2038-ready.patch
+++ /dev/null
@@ -1,107 +0,0 @@
-From 8b990a06685678abd8dbc8be86c27bf3e94e3694 Mon Sep 17 00:00:00 2001
-From: Jan Kiszka <jan.kiszka@siemens.com>
-Date: Sun, 24 Apr 2022 11:24:54 +0200
-Subject: [PATCH] lib/date: Make rtc_mktime and mktime64 Y2038-ready
-
-We currently overflow due to wrong types used internally in rtc_mktime,
-on all platforms, and we return a too small type on 32-bit.
-
-One consumer that directly benefits from this is mktime64. Many others
-may still store the result in a wrong type.
-
-While at it, drop the redundant cast of mon in rtc_mktime (obsoleted by
-714209832db1).
-
-Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
----
- include/linux/time.h |  3 ---
- include/rtc.h        |  8 +++++---
- lib/date.c           | 13 +++++--------
- 3 files changed, 10 insertions(+), 14 deletions(-)
-
-diff --git a/include/linux/time.h b/include/linux/time.h
-index 702dd276aea..14ff5b6f481 100644
---- a/include/linux/time.h
-+++ b/include/linux/time.h
-@@ -152,9 +152,6 @@ _DEFUN (ctime_r, (tim_p, result),
-     return asctime_r (localtime_r (tim_p, &tm), result);
- }
- 
--/* for compatibility with linux code */
--typedef __s64 time64_t;
--
- #ifdef CONFIG_LIB_DATE
- time64_t mktime64(const unsigned int year, const unsigned int mon,
- 		  const unsigned int day, const unsigned int hour,
-diff --git a/include/rtc.h b/include/rtc.h
-index 6c7fcadd488..10104e3bf5a 100644
---- a/include/rtc.h
-+++ b/include/rtc.h
-@@ -16,6 +16,8 @@
- #include <bcd.h>
- #include <rtc_def.h>
- 
-+typedef int64_t time64_t;
-+
- #ifdef CONFIG_DM_RTC
- 
- struct udevice;
-@@ -301,7 +303,7 @@ int rtc_calc_weekday(struct rtc_time *time);
- void rtc_to_tm(u64 time_t, struct rtc_time *time);
- 
- /**
-- * rtc_mktime() - Convert a broken-out time into a time_t value
-+ * rtc_mktime() - Convert a broken-out time into a time64_t value
-  *
-  * The following fields need to be valid for this function to work:
-  *	tm_sec, tm_min, tm_hour, tm_mday, tm_mon, tm_year
-@@ -309,9 +311,9 @@ void rtc_to_tm(u64 time_t, struct rtc_time *time);
-  * Note that tm_wday and tm_yday are ignored.
-  *
-  * @time:	Broken-out time to convert
-- * Return: corresponding time_t value, seconds since 1970-01-01 00:00:00
-+ * Return: corresponding time64_t value, seconds since 1970-01-01 00:00:00
-  */
--unsigned long rtc_mktime(const struct rtc_time *time);
-+time64_t rtc_mktime(const struct rtc_time *time);
- 
- /**
-  * rtc_month_days() - The number of days in the month
-diff --git a/lib/date.c b/lib/date.c
-index c589d9ed3a2..e3d22459cd0 100644
---- a/lib/date.c
-+++ b/lib/date.c
-@@ -71,19 +71,16 @@ int rtc_calc_weekday(struct rtc_time *tm)
-  * -year / 100 + year / 400 terms, and add 10.]
-  *
-  * This algorithm was first published by Gauss (I think).
-- *
-- * WARNING: this function will overflow on 2106-02-07 06:28:16 on
-- * machines where long is 32-bit! (However, as time_t is signed, we
-- * will already get problems at other places on 2038-01-19 03:14:08)
-  */
--unsigned long rtc_mktime(const struct rtc_time *tm)
-+time64_t rtc_mktime(const struct rtc_time *tm)
- {
- 	int mon = tm->tm_mon;
- 	int year = tm->tm_year;
--	int days, hours;
-+	unsigned long days;
-+	time64_t hours;
- 
- 	mon -= 2;
--	if (0 >= (int)mon) {	/* 1..12 -> 11, 12, 1..10 */
-+	if (0 >= mon) {		/* 1..12 -> 11, 12, 1..10 */
- 		mon += 12;	/* Puts Feb last since it has leap day */
- 		year -= 1;
- 	}
-@@ -109,5 +106,5 @@ time64_t mktime64(const unsigned int year, const unsigned int mon,
- 	time.tm_min = min;
- 	time.tm_sec = sec;
- 
--	return (time64_t)rtc_mktime((const struct rtc_time *)&time);
-+	return rtc_mktime((const struct rtc_time *)&time);
- }
--- 
-2.34.1
-
diff --git a/recipes-bsp/u-boot/u-boot-qemu-arm64_2022.04.bb b/recipes-bsp/u-boot/u-boot-qemu-arm64_2022.07.bb
similarity index 87%
rename from recipes-bsp/u-boot/u-boot-qemu-arm64_2022.04.bb
rename to recipes-bsp/u-boot/u-boot-qemu-arm64_2022.07.bb
index b026dd6..465be40 100644
--- a/recipes-bsp/u-boot/u-boot-qemu-arm64_2022.04.bb
+++ b/recipes-bsp/u-boot/u-boot-qemu-arm64_2022.07.bb
@@ -13,9 +13,8 @@ require recipes-bsp/u-boot/u-boot-custom.inc
 
 SRC_URI += " \
     https://ftp.denx.de/pub/u-boot/u-boot-${PV}.tar.bz2 \
-    file://0001-lib-date-Make-rtc_mktime-and-mktime64-Y2038-ready.patch \
     file://rules.tmpl;subdir=debian"
-SRC_URI[sha256sum] = "68e065413926778e276ec3abd28bb32fa82abaa4a6898d570c1f48fbdb08bcd0"
+SRC_URI[sha256sum] = "92b08eb49c24da14c1adbf70a71ae8f37cc53eeb4230e859ad8b6733d13dcf5e"
 
 SRC_URI_append_secureboot = " \
     file://secure-boot.cfg"

From patchwork Mon Jul 11 19:40:56 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jan Kiszka <jan.kiszka@siemens.com>
X-Patchwork-Id: 12914177
Return-Path: <jan.kiszka@siemens.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 9B1FFCCA47F
	for <webhook@archiver.kernel.org>; Mon, 11 Jul 2022 19:41:04 +0000 (UTC)
Received: from mta-65-227.siemens.flowmailer.net
 (mta-65-227.siemens.flowmailer.net [185.136.65.227])
 by mx.groups.io with SMTP id smtpd.web09.160.1657568463588509440
 for <cip-dev@lists.cip-project.org>;
 Mon, 11 Jul 2022 12:41:03 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=fJQPBHb4;
 spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.227,
 mailfrom:
 fm-294854-20220711194101a14ceb0411e207ce9b-t9jug7@rts-flowmailer.siemens.com)
Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id
 20220711194101a14ceb0411e207ce9b
        for <cip-dev@lists.cip-project.org>;
        Mon, 11 Jul 2022 21:41:01 +0200
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=jan.kiszka@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To;
 bh=elbvcE88yGAzM5Hn8kyzuysrcw5KBYloMANcfyq70MQ=;
 b=fJQPBHb4q6XdZT5dcNsVpXunrQ0JIWpfpjJVb7KZvZRIaYrkzAMbNL1KVjsiqdyEOGvKbZ
 aTsKS+z3yXFXTl0zz8JaeaKMVKiDseNK2Gvgh5JNPBLkju+4tgu2udkVdZguLyu2trmcCfug
 iovT86rDjmDBt+xdu/AgW/YnGhEwE=;
From: Jan Kiszka <jan.kiszka@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: Christian Storm <christian.storm@siemens.com>,
	Quirin Gylstorff <quirin.gylstorff@siemens.com>
Subject: [isar-cip-core][PATCH 5/7] u-boot-qemu-arm64: Generalize the recipe
Date: Mon, 11 Jul 2022 21:40:56 +0200
Message-Id: 
 <ed13b6ac3366afe604dc801fdca9ab8395075fe4.1657568458.git.jan.kiszka@siemens.com>
In-Reply-To: <cover.1657568458.git.jan.kiszka@siemens.com>
References: <cover.1657568458.git.jan.kiszka@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-294854:519-21489:flowmailer
List-Id: <cip-dev.lists.cip-project.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <cip-dev@lists.cip-project.org>; Mon, 11 Jul 2022 19:41:04 -0000
X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/8746

From: Jan Kiszka <jan.kiszka@siemens.com>

This will allow to reuse it for 32-bit ARM.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 conf/machine/qemu-arm64.conf                  |  2 ++
 recipes-bsp/u-boot/files/secure-boot.cfg      |  6 ----
 recipes-bsp/u-boot/files/secure-boot.cfg.tmpl |  6 ++++
 .../u-boot/u-boot-qemu-arm64_2022.07.bb       | 33 ++-----------------
 ...rm64_2022.07.bb => u-boot-qemu-common.inc} |  8 +++--
 5 files changed, 15 insertions(+), 40 deletions(-)
 delete mode 100644 recipes-bsp/u-boot/files/secure-boot.cfg
 create mode 100644 recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
 copy recipes-bsp/u-boot/{u-boot-qemu-arm64_2022.07.bb => u-boot-qemu-common.inc} (84%)

diff --git a/conf/machine/qemu-arm64.conf b/conf/machine/qemu-arm64.conf
index b5c1e1c..7f42369 100644
--- a/conf/machine/qemu-arm64.conf
+++ b/conf/machine/qemu-arm64.conf
@@ -14,3 +14,5 @@ KERNEL_DEFCONFIG ?= "cip-kernel-config/${KERNEL_DEFCONFIG_VERSION}/arm64/qemu_ar
 
 # for SWUpdate setups: watchdog is configured in U-Boot
 WDOG_TIMEOUT = "0"
+
+PREFERRED_PROVIDER_u-boot-${MACHINE} = "u-boot-qemu-arm64"
diff --git a/recipes-bsp/u-boot/files/secure-boot.cfg b/recipes-bsp/u-boot/files/secure-boot.cfg
deleted file mode 100644
index a1b9931..0000000
--- a/recipes-bsp/u-boot/files/secure-boot.cfg
+++ /dev/null
@@ -1,6 +0,0 @@
-### Secure boot config
-CONFIG_BOOTDELAY=-2
-CONFIG_USE_BOOTCOMMAND=y
-CONFIG_BOOTCOMMAND="setenv scan_dev_for_boot 'if test -e ${devtype} ${devnum}:${distro_bootpart} efi/boot/bootaa64.efi; then load ${devtype} ${devnum}:${distro_bootpart} ${kernel_addr_r} efi/boot/bootaa64.efi; bootefi ${kernel_addr_r} ${fdtcontroladdr}; fi'; run distro_bootcmd; echo 'EFI Boot failed!'; sleep 1000; reset"
-CONFIG_EFI_VARIABLES_PRESEED=y
-CONFIG_EFI_SECURE_BOOT=y
diff --git a/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
new file mode 100644
index 0000000..956dcbf
--- /dev/null
+++ b/recipes-bsp/u-boot/files/secure-boot.cfg.tmpl
@@ -0,0 +1,6 @@
+### Secure boot config
+CONFIG_BOOTDELAY=-2
+CONFIG_USE_BOOTCOMMAND=y
+CONFIG_BOOTCOMMAND="setenv scan_dev_for_boot 'if test -e ${devtype} ${devnum}:${distro_bootpart} efi/boot/boot${EFI_ARCH}.efi; then load ${devtype} ${devnum}:${distro_bootpart} ${kernel_addr_r} efi/boot/boot${EFI_ARCH}.efi; bootefi ${kernel_addr_r} ${fdtcontroladdr}; fi'; run distro_bootcmd; echo 'EFI Boot failed!'; sleep 1000; reset"
+CONFIG_EFI_VARIABLES_PRESEED=y
+CONFIG_EFI_SECURE_BOOT=y
diff --git a/recipes-bsp/u-boot/u-boot-qemu-arm64_2022.07.bb b/recipes-bsp/u-boot/u-boot-qemu-arm64_2022.07.bb
index 465be40..29ca0a5 100644
--- a/recipes-bsp/u-boot/u-boot-qemu-arm64_2022.07.bb
+++ b/recipes-bsp/u-boot/u-boot-qemu-arm64_2022.07.bb
@@ -9,37 +9,8 @@
 # SPDX-License-Identifier: MIT
 #
 
-require recipes-bsp/u-boot/u-boot-custom.inc
-
-SRC_URI += " \
-    https://ftp.denx.de/pub/u-boot/u-boot-${PV}.tar.bz2 \
-    file://rules.tmpl;subdir=debian"
-SRC_URI[sha256sum] = "92b08eb49c24da14c1adbf70a71ae8f37cc53eeb4230e859ad8b6733d13dcf5e"
-
-SRC_URI_append_secureboot = " \
-    file://secure-boot.cfg"
-
-S = "${WORKDIR}/u-boot-${PV}"
-
-DEBIAN_BUILD_DEPENDS += ", libssl-dev:native, libssl-dev:arm64"
-
-DEBIAN_BUILD_DEPENDS_append_secureboot = ", \
-    openssl, pesign, secure-boot-secrets, python3-openssl:native"
-DEPENDS_append_secureboot = " secure-boot-secrets"
+require u-boot-qemu-common.inc
 
 U_BOOT_CONFIG = "qemu_arm64_defconfig"
-U_BOOT_BIN = "u-boot.bin"
-
-do_prepare_build_append_secureboot() {
-    sed -ni '/### Secure boot config/q;p' ${S}/configs/${U_BOOT_CONFIG}
-    cat ${WORKDIR}/secure-boot.cfg >> ${S}/configs/${U_BOOT_CONFIG}
-}
-
-do_deploy[dirs] = "${DEPLOY_DIR_IMAGE}"
-do_deploy() {
-    dpkg --fsys-tarfile "${WORKDIR}/u-boot-${MACHINE}_${PV}_${DISTRO_ARCH}.deb" | \
-        tar xOf - "./usr/lib/u-boot/${MACHINE}/${U_BOOT_BIN}" \
-        > "${DEPLOY_DIR_IMAGE}/firmware.bin"
-}
 
-addtask deploy after do_dpkg_build before do_deploy_deb
+EFI_ARCH = "aa64"
diff --git a/recipes-bsp/u-boot/u-boot-qemu-arm64_2022.07.bb b/recipes-bsp/u-boot/u-boot-qemu-common.inc
similarity index 84%
copy from recipes-bsp/u-boot/u-boot-qemu-arm64_2022.07.bb
copy to recipes-bsp/u-boot/u-boot-qemu-common.inc
index 465be40..2bb9ac0 100644
--- a/recipes-bsp/u-boot/u-boot-qemu-arm64_2022.07.bb
+++ b/recipes-bsp/u-boot/u-boot-qemu-common.inc
@@ -17,19 +17,21 @@ SRC_URI += " \
 SRC_URI[sha256sum] = "92b08eb49c24da14c1adbf70a71ae8f37cc53eeb4230e859ad8b6733d13dcf5e"
 
 SRC_URI_append_secureboot = " \
-    file://secure-boot.cfg"
+    file://secure-boot.cfg.tmpl"
 
 S = "${WORKDIR}/u-boot-${PV}"
 
-DEBIAN_BUILD_DEPENDS += ", libssl-dev:native, libssl-dev:arm64"
+DEBIAN_BUILD_DEPENDS += ", libssl-dev:native, libssl-dev:${DISTRO_ARCH}"
 
 DEBIAN_BUILD_DEPENDS_append_secureboot = ", \
     openssl, pesign, secure-boot-secrets, python3-openssl:native"
 DEPENDS_append_secureboot = " secure-boot-secrets"
 
-U_BOOT_CONFIG = "qemu_arm64_defconfig"
 U_BOOT_BIN = "u-boot.bin"
 
+TEMPLATE_FILES_append_secureboot = " secure-boot.cfg.tmpl"
+TEMPLATE_VARS_append_secureboot = " EFI_ARCH"
+
 do_prepare_build_append_secureboot() {
     sed -ni '/### Secure boot config/q;p' ${S}/configs/${U_BOOT_CONFIG}
     cat ${WORKDIR}/secure-boot.cfg >> ${S}/configs/${U_BOOT_CONFIG}

From patchwork Mon Jul 11 19:40:57 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jan Kiszka <jan.kiszka@siemens.com>
X-Patchwork-Id: 12914180
Return-Path: <jan.kiszka@siemens.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 805AECCA47B
	for <webhook@archiver.kernel.org>; Mon, 11 Jul 2022 19:41:14 +0000 (UTC)
Received: from mta-64-225.siemens.flowmailer.net
 (mta-64-225.siemens.flowmailer.net [185.136.64.225])
 by mx.groups.io with SMTP id smtpd.web12.185.1657568463681145185
 for <cip-dev@lists.cip-project.org>;
 Mon, 11 Jul 2022 12:41:04 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=TY2FudSW;
 spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.225,
 mailfrom:
 fm-294854-20220711194101f52c61cab064878828-vgmbuy@rts-flowmailer.siemens.com)
Received: by mta-64-225.siemens.flowmailer.net with ESMTPSA id
 20220711194101f52c61cab064878828
        for <cip-dev@lists.cip-project.org>;
        Mon, 11 Jul 2022 21:41:01 +0200
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=jan.kiszka@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To;
 bh=z7PxAyTK342FeBJU1yXMy+m0/VEiZXzReKKK8jAGlcI=;
 b=TY2FudSW7sbB048gOhYhWQvgitN+aeE1SRHszPQbh3WDZUqnYn/cxw/UDlBwnbEpOxfdRB
 3G+/CrWwu11fMB6uIAvYdpXb6A5A8oIqdqOqfRCd3dsnLlGhV73Bvln6gNUBMfsOlCgUHQwv
 ZCdC16DJHvy6XqMhqowaX/5GPYejo=;
From: Jan Kiszka <jan.kiszka@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: Christian Storm <christian.storm@siemens.com>,
	Quirin Gylstorff <quirin.gylstorff@siemens.com>
Subject: [isar-cip-core][PATCH 6/7] Add support for ARM-based swupdate/secure
 boot image
Date: Mon, 11 Jul 2022 21:40:57 +0200
Message-Id: 
 <4fe9685bb385cd4eea3c0c1a699d0575aebd8411.1657568458.git.jan.kiszka@siemens.com>
In-Reply-To: <cover.1657568458.git.jan.kiszka@siemens.com>
References: <cover.1657568458.git.jan.kiszka@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-294854:519-21489:flowmailer
List-Id: <cip-dev.lists.cip-project.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <cip-dev@lists.cip-project.org>; Mon, 11 Jul 2022 19:41:14 -0000
X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/8747

From: Jan Kiszka <jan.kiszka@siemens.com>

Everything is now lined up so that enabling this almost trivial,
reusing what is there for qemu-arm64.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 Kconfig                                          |  4 ++--
 conf/machine/qemu-arm.conf                       |  5 +++++
 kas/opt/efibootguard.yml                         |  1 +
 recipes-bsp/u-boot/u-boot-qemu-arm_2022.07.bb    | 16 ++++++++++++++++
 .../lib/wic/plugins/source/efibootguard-boot.py  |  1 +
 .../lib/wic/plugins/source/efibootguard-efi.py   |  1 +
 start-qemu.sh                                    |  4 ++--
 wic/qemu-arm-efibootguard-secureboot.wks.in      |  1 +
 wic/qemu-arm-efibootguard.wks.in                 |  1 +
 9 files changed, 30 insertions(+), 4 deletions(-)
 create mode 100644 recipes-bsp/u-boot/u-boot-qemu-arm_2022.07.bb
 create mode 120000 wic/qemu-arm-efibootguard-secureboot.wks.in
 create mode 120000 wic/qemu-arm-efibootguard.wks.in

diff --git a/Kconfig b/Kconfig
index 9c89008..c63000b 100644
--- a/Kconfig
+++ b/Kconfig
@@ -132,11 +132,11 @@ if IMAGE_FLASH && !KERNEL_4_4 && !KERNEL_4_19
 
 config IMAGE_SWUPDATE
 	bool "SWUpdate support for root partition"
-	depends on TARGET_QEMU_AMD64 || TARGET_SIMATIC_IPC227E || TARGET_QEMU_ARM64
+	depends on TARGET_QEMU_AMD64 || TARGET_SIMATIC_IPC227E || TARGET_QEMU_ARM64 || TARGET_QEMU_ARM
 
 config IMAGE_SECURE_BOOT
 	bool "Secure boot support"
-	depends on TARGET_QEMU_AMD64 || TARGET_QEMU_ARM64
+	depends on TARGET_QEMU_AMD64 || TARGET_QEMU_ARM64 || TARGET_QEMU_ARM
 	select IMAGE_SWUPDATE
 
 config KAS_INCLUDE_SWUPDATE_SECBOOT
diff --git a/conf/machine/qemu-arm.conf b/conf/machine/qemu-arm.conf
index 1937c4c..aa3a6b4 100644
--- a/conf/machine/qemu-arm.conf
+++ b/conf/machine/qemu-arm.conf
@@ -12,3 +12,8 @@ DISTRO_ARCH = "armhf"
 IMAGE_FSTYPES ?= "ext4"
 USE_CIP_KERNEL_CONFIG = "1"
 KERNEL_DEFCONFIG ?= "cip-kernel-config/${KERNEL_DEFCONFIG_VERSION}/arm/qemu_arm_defconfig"
+
+# for SWUpdate setups: watchdog is configured in U-Boot
+WDOG_TIMEOUT = "0"
+
+PREFERRED_PROVIDER_u-boot-${MACHINE} = "u-boot-qemu-arm"
diff --git a/kas/opt/efibootguard.yml b/kas/opt/efibootguard.yml
index 4282932..cee9c78 100644
--- a/kas/opt/efibootguard.yml
+++ b/kas/opt/efibootguard.yml
@@ -36,3 +36,4 @@ local_conf_header:
     DISTRO_APT_PREFERENCES_append_qemu-amd64_buster = " conf/distro/preferences.ovmf-snakeoil.conf"
     # Add U-Boot for qemu
     IMAGER_BUILD_DEPS_append_qemu-arm64 += "u-boot-qemu-arm64"
+    IMAGER_BUILD_DEPS_append_qemu-arm += "u-boot-qemu-arm"
diff --git a/recipes-bsp/u-boot/u-boot-qemu-arm_2022.07.bb b/recipes-bsp/u-boot/u-boot-qemu-arm_2022.07.bb
new file mode 100644
index 0000000..cdad19a
--- /dev/null
+++ b/recipes-bsp/u-boot/u-boot-qemu-arm_2022.07.bb
@@ -0,0 +1,16 @@
+#
+# CIP Core, generic profile
+#
+# Copyright (c) Siemens AG, 2022
+#
+# Authors:
+#  Jan Kiszka <jan.kiszka@siemens.com>
+#
+# SPDX-License-Identifier: MIT
+#
+
+require u-boot-qemu-common.inc
+
+U_BOOT_CONFIG = "qemu_arm_defconfig"
+
+EFI_ARCH = "arm"
diff --git a/scripts/lib/wic/plugins/source/efibootguard-boot.py b/scripts/lib/wic/plugins/source/efibootguard-boot.py
index 4b7fa8d..f9b232b 100644
--- a/scripts/lib/wic/plugins/source/efibootguard-boot.py
+++ b/scripts/lib/wic/plugins/source/efibootguard-boot.py
@@ -184,6 +184,7 @@ class EfibootguardBootPlugin(SourcePlugin):
         distro_to_efi_arch = {
             "amd64": "x64",
             "arm64": "aa64",
+            "armhf": "arm",
             "i386": "ia32"
         }
         rootfs_path = rootfs_dir.get('ROOTFS_DIR')
diff --git a/scripts/lib/wic/plugins/source/efibootguard-efi.py b/scripts/lib/wic/plugins/source/efibootguard-efi.py
index 140b734..a754ee1 100644
--- a/scripts/lib/wic/plugins/source/efibootguard-efi.py
+++ b/scripts/lib/wic/plugins/source/efibootguard-efi.py
@@ -55,6 +55,7 @@ class EfibootguardEFIPlugin(SourcePlugin):
         distro_to_efi_arch = {
             "amd64": "x64",
             "arm64": "aa64",
+            "armhf": "arm",
             "i386": "ia32"
         }
 
diff --git a/start-qemu.sh b/start-qemu.sh
index f7ca87f..bcc7a51 100755
--- a/start-qemu.sh
+++ b/start-qemu.sh
@@ -145,8 +145,8 @@ if [ -n "${SECURE_BOOT}${SWUPDATE_BOOT}" ]; then
 					${QEMU_COMMON_OPTIONS} "$@"
 			fi
 			;;
-		arm64|aarch64)
-			u_boot_bin=${FIRMWARE_BIN:-./build/tmp/deploy/images/qemu-arm64/firmware.bin}
+		arm64|aarch64|arm|armhf)
+			u_boot_bin=${FIRMWARE_BIN:-./build/tmp/deploy/images/qemu-${QEMU_ARCH}/firmware.bin}
 
 			${QEMU_PATH}${QEMU} \
 				-drive file=${IMAGE_PREFIX}.wic,discard=unmap,if=none,id=disk,format=raw \
diff --git a/wic/qemu-arm-efibootguard-secureboot.wks.in b/wic/qemu-arm-efibootguard-secureboot.wks.in
new file mode 120000
index 0000000..c6ac32f
--- /dev/null
+++ b/wic/qemu-arm-efibootguard-secureboot.wks.in
@@ -0,0 +1 @@
+qemu-arm64-efibootguard-secureboot.wks.in
\ No newline at end of file
diff --git a/wic/qemu-arm-efibootguard.wks.in b/wic/qemu-arm-efibootguard.wks.in
new file mode 120000
index 0000000..9cb5f0e
--- /dev/null
+++ b/wic/qemu-arm-efibootguard.wks.in
@@ -0,0 +1 @@
+qemu-arm64-efibootguard.wks.in
\ No newline at end of file

From patchwork Mon Jul 11 19:40:58 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Jan Kiszka <jan.kiszka@siemens.com>
X-Patchwork-Id: 12914179
Return-Path: <jan.kiszka@siemens.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 7BE86C43334
	for <webhook@archiver.kernel.org>; Mon, 11 Jul 2022 19:41:14 +0000 (UTC)
Received: from mta-64-227.siemens.flowmailer.net
 (mta-64-227.siemens.flowmailer.net [185.136.64.227])
 by mx.groups.io with SMTP id smtpd.web08.192.1657568464017967853
 for <cip-dev@lists.cip-project.org>;
 Mon, 11 Jul 2022 12:41:04 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=jDR99aWD;
 spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.227,
 mailfrom:
 fm-294854-202207111941012c5caba7b36ffd1325-fluh3e@rts-flowmailer.siemens.com)
Received: by mta-64-227.siemens.flowmailer.net with ESMTPSA id
 202207111941012c5caba7b36ffd1325
        for <cip-dev@lists.cip-project.org>;
        Mon, 11 Jul 2022 21:41:02 +0200
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=jan.kiszka@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To;
 bh=DWDDXqFy8dDMpjCypxWPbIITxBBTeSgEFuE99wDPLG8=;
 b=jDR99aWDL3mF2vfIlgf5GzgeBQznq6/neK7w02BV8jNGYw4ixImp5RKywTXWHK/bydJhS2
 iQt5i7H31D90AxPy3PukwgVN2TjzPtlFYZE+an8MlodZiIs1OIjE3HFc0jr7vLJgu//R1nq9
 9tWSmLKm4vFOuaib9x3W2S1UC3NwQ=;
From: Jan Kiszka <jan.kiszka@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: Christian Storm <christian.storm@siemens.com>,
	Quirin Gylstorff <quirin.gylstorff@siemens.com>
Subject: [isar-cip-core][PATCH 7/7] ci: Add qemu-arm target for secure boot
 with swupdate
Date: Mon, 11 Jul 2022 21:40:58 +0200
Message-Id: 
 <2c394ce6d2a572171347696befa2378f72499e52.1657568458.git.jan.kiszka@siemens.com>
In-Reply-To: <cover.1657568458.git.jan.kiszka@siemens.com>
References: <cover.1657568458.git.jan.kiszka@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-294854:519-21489:flowmailer
List-Id: <cip-dev.lists.cip-project.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <cip-dev@lists.cip-project.org>; Mon, 11 Jul 2022 19:41:14 -0000
X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/8748

From: Jan Kiszka <jan.kiszka@siemens.com>

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 .gitlab-ci.yml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index b1a4dc0..3d39d1f 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -230,6 +230,18 @@ build:qemu-arm64-secure-boot:
     targz: disable
     deploy: disable
 
+# secure boot images arm
+build:qemu-arm-secure-boot:
+  extends:
+    - .build_base
+  variables:
+    target: qemu-arm
+    extension: ebg-secure-boot-snakeoil
+    use_rt: disable
+    wic_targz: disable
+    targz: disable
+    deploy: disable
+
 # buster images
 build:simatic-ipc227e-buster:
   extends: