From patchwork Fri Feb 10 06:44:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 13135737 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 64E2CC636D3 for ; Fri, 10 Feb 2023 12:07:55 +0000 (UTC) Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net [185.136.65.227]) by mx.groups.io with SMTP id smtpd.web11.8328.1676011518799783138 for ; Thu, 09 Feb 2023 22:45:19 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1 header.b=p9CJsKVl; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.227, mailfrom: fm-72506-20230210064516998f51cabfc03677d6-isc1z3@rts-flowmailer.siemens.com) Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 20230210064516998f51cabfc03677d6 for ; Fri, 10 Feb 2023 07:45:17 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=4/kDUXu/3oHRiaaFFSxG6ppJQPmO1zJWp1pjRSL0Q5Q=; b=p9CJsKVlmcDQcF+8b3NsrP1U0W8b5ZbhdaFE4cyW+YM6IbXciST9Db+phFNNB44JykyQw7 uN2LUmwbn3I8WK/KOhPpYTiI7wxg8GekFRZc4yLpymXgpHUNN4oOchPavY8vgK92ri/MtVQK iPJKyupfcY8AsiwApPnb9PzIDX/fU=; From: Felix Moessbauer To: cip-dev@lists.cip-project.org Cc: adriaan.schmidt@siemens.com, jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [isar-cip-core][PATCH v2 1/5] register image classes via layer.conf Date: Fri, 10 Feb 2023 06:44:59 +0000 Message-Id: <20230210064503.706699-2-felix.moessbauer@siemens.com> In-Reply-To: <20230210064503.706699-1-felix.moessbauer@siemens.com> References: <20230210064503.706699-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 10 Feb 2023 12:07:55 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10657 This patch registers the provided image classes via the bblayer.conf file. By that, no manual additions of these classes via kas is required and erronous implementations are detected early (e.g. mandatory inputs without defaults). Signed-off-by: Felix Moessbauer --- conf/layer.conf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/conf/layer.conf b/conf/layer.conf index 0c5fd39..2c888b2 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -22,3 +22,5 @@ LAYERSERIES_COMPAT_cip-core = "next" LAYERDIR_cip-core = "${LAYERDIR}" LAYERDIR_cip-core[vardepvalue] = "isar-cip-core" + +IMAGE_CLASSES += "squashfs verity swupdate" From patchwork Fri Feb 10 06:45:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 13135740 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 66FC5C636CD for ; Fri, 10 Feb 2023 12:08:05 +0000 (UTC) Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net [185.136.65.227]) by mx.groups.io with SMTP id smtpd.web11.8328.1676011518799783138 for ; Thu, 09 Feb 2023 22:45:20 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1 header.b=SRzgviW4; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.227, mailfrom: fm-72506-2023021006451929873228b0f1578292-yi7ccc@rts-flowmailer.siemens.com) Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 2023021006451929873228b0f1578292 for ; Fri, 10 Feb 2023 07:45:19 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=upnjyhFouXaYSsSQK3qmNpX4jgwIyYFiMdHjrHYnlgk=; b=SRzgviW4C6YPHWnISfeyl4U7llgPSNdMP/jeTzRF+fBr8gEM7TvO9/8gqoOWo3DZz1Kzy4 j6lz9Jur2vTjUxHxJWo40BEFvjeDAzV1oOPqQXKQTuvB6AB6KYZVxshQPREXTLucGYFldzet r5cJnrtH0bn0i1NsP6uPlH1ic9+Tw=; From: Felix Moessbauer To: cip-dev@lists.cip-project.org Cc: adriaan.schmidt@siemens.com, jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [isar-cip-core][PATCH v2 2/5] refactor: use imagetypes for swu generation Date: Fri, 10 Feb 2023 06:45:00 +0000 Message-Id: <20230210064503.706699-3-felix.moessbauer@siemens.com> In-Reply-To: <20230210064503.706699-1-felix.moessbauer@siemens.com> References: <20230210064503.706699-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 10 Feb 2023 12:08:05 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10658 This patch reworks the implementation of the swupdate type. All generic aspects are moved from the swupdate.inc file into the swupdate class and made conditional on the swu type. The sw-description file is now referenced using the image-type infrastructure, which avoids manual additions to FILESEXTRAPATHS and accidental overwrites of SRC_URI. The templating logic is moved into the generic one provided by imagetypes. Signed-off-by: Felix Moessbauer --- classes/swupdate.bbclass | 22 +++++++++++++--------- kas/opt/swupdate.yml | 5 +---- recipes-core/images/swupdate.inc | 14 -------------- 3 files changed, 14 insertions(+), 27 deletions(-) diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass index 5eb4936..2e32729 100644 --- a/classes/swupdate.bbclass +++ b/classes/swupdate.bbclass @@ -8,23 +8,29 @@ # Quirin Gylstorff # # SPDX-License-Identifier: MIT +ROOTFS_PARTITION_NAME ?= "${IMAGE_FULLNAME}.wic.p4.gz" SWU_IMAGE_FILE ?= "${DEPLOY_DIR_IMAGE}/${PN}-${DISTRO}-${MACHINE}.swu" SWU_DESCRIPTION_FILE ?= "sw-description" -SWU_ADDITIONAL_FILES ?= "" +SWU_ADDITIONAL_FILES ?= "linux.efi ${ROOTFS_PARTITION_NAME}" SWU_SIGNED ?= "" SWU_SIGNATURE_EXT ?= "sig" SWU_SIGNATURE_TYPE ?= "rsa" BUILDCHROOT_IMAGE_FILE ?= "${PP_DEPLOY}/${@os.path.basename(d.getVar('SWU_IMAGE_FILE'))}" -IMAGER_INSTALL += "cpio" -IMAGER_INSTALL += "${@'openssl' if bb.utils.to_boolean(d.getVar('SWU_SIGNED')) else ''}" +IMAGE_TYPEDEP:wic += "squashfs" +IMAGE_TYPEDEP:swu = "wic" +IMAGER_INSTALL:swu += "cpio ${@'openssl' if bb.utils.to_boolean(d.getVar('SWU_SIGNED')) else ''}" -do_swupdate_binary[stamp-extra-info] = "${DISTRO}-${MACHINE}" -do_swupdate_binary[cleandirs] += "${WORKDIR}/swu" -do_swupdate_binary[network] = "${TASK_USE_SUDO}" -do_swupdate_binary() { +IMAGE_SRC_URI:swu = "file://${SWU_DESCRIPTION_FILE}.tmpl" +IMAGE_TEMPLATE_FILES:swu = "${SWU_DESCRIPTION_FILE}.tmpl" +IMAGE_TEMPLATE_VARS:swu = "ROOTFS_PARTITION_NAME TARGET_IMAGE_UUID ABROOTFS_PART_UUID_A ABROOTFS_PART_UUID_B" + +do_image_swu[stamp-extra-info] = "${DISTRO}-${MACHINE}" +do_image_swu[cleandirs] += "${WORKDIR}/swu" +IMAGE_CMD:swu[depends] = "${PN}:do_transform_template" +IMAGE_CMD:swu() { rm -f '${SWU_IMAGE_FILE}' cp '${WORKDIR}/${SWU_DESCRIPTION_FILE}' '${WORKDIR}/swu/${SWU_DESCRIPTION_FILE}' @@ -91,5 +97,3 @@ do_swupdate_binary() { fi done | cpio -ovL -H crc > "${BUILDCHROOT_IMAGE_FILE}"' } - -addtask swupdate_binary before do_build after do_deploy do_copy_boot_files do_install_imager_deps do_transform_template diff --git a/kas/opt/swupdate.yml b/kas/opt/swupdate.yml index ae5e3a1..80cd86e 100644 --- a/kas/opt/swupdate.yml +++ b/kas/opt/swupdate.yml @@ -19,11 +19,8 @@ local_conf_header: CIP_IMAGE_OPTIONS:append = " swupdate.inc" wic-swu: | - IMAGE_CLASSES += "squashfs" - IMAGE_TYPEDEP:wic += "squashfs" - IMAGE_FSTYPES = "wic" + IMAGE_FSTYPES += "swu" WKS_FILE ?= "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks.in" INITRAMFS_INSTALL:append = " initramfs-squashfs-hook" - WIC_DEPLOY_PARTITIONS = "1" ABROOTFS_PART_UUID_A ?= "fedcba98-7654-3210-cafe-5e0710000001" ABROOTFS_PART_UUID_B ?= "fedcba98-7654-3210-cafe-5e0710000002" diff --git a/recipes-core/images/swupdate.inc b/recipes-core/images/swupdate.inc index ee893dd..20ed600 100644 --- a/recipes-core/images/swupdate.inc +++ b/recipes-core/images/swupdate.inc @@ -16,20 +16,6 @@ inherit read-only-rootfs IMAGE_INSTALL += " swupdate" IMAGE_INSTALL += " swupdate-handler-roundrobin" -ROOTFS_PARTITION_NAME = "${IMAGE_FULLNAME}.wic.p4.gz" - -FILESEXTRAPATHS:prepend := "${THISDIR}/files:" - -SRC_URI += "file://sw-description.tmpl" -TEMPLATE_FILES += "sw-description.tmpl" - -do_transform_template[vardeps] += "TARGET_IMAGE_UUID" -addtask do_transform_template before do_swupdate_binary after do_generate_image_uuid - -TEMPLATE_VARS += "ROOTFS_PARTITION_NAME TARGET_IMAGE_UUID ABROOTFS_PART_UUID_A ABROOTFS_PART_UUID_B" - -SWU_ADDITIONAL_FILES += "linux.efi ${ROOTFS_PARTITION_NAME}" - python() { for u in ['A', 'B']: if not d.getVar('ABROOTFS_PART_UUID_' + u): From patchwork Fri Feb 10 06:45:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 13135739 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 66CC1C05027 for ; Fri, 10 Feb 2023 12:08:05 +0000 (UTC) Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net [185.136.65.227]) by mx.groups.io with SMTP id smtpd.web11.8329.1676011535027447630 for ; Thu, 09 Feb 2023 22:45:35 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1 header.b=ILy+boEI; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.227, mailfrom: fm-72506-202302100645324da877be33b8363c34-vn02bz@rts-flowmailer.siemens.com) Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 202302100645324da877be33b8363c34 for ; Fri, 10 Feb 2023 07:45:32 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=LeeiQtll3oEQGwJHVLOz9uRWe11i+3HkaFehtzyxHMY=; b=ILy+boEIKL4nPCXOLha4KSm8XrlHLNQckEFHRuRbai8RAkbnv079NZ30PKBLNYGcAWsh6m vTWuJP9V7kX+RWij9ydFwaOMuTaEJDz4pwY6sauMQ9ACM2aF8kSL10Vb6/K+VhBl73mfFh0F RuvI3k+//v5NK3J046tC0r2JNSThk=; From: Felix Moessbauer To: cip-dev@lists.cip-project.org Cc: adriaan.schmidt@siemens.com, jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [isar-cip-core][PATCH v2 3/5] swu: directly image from squashfs rootfs Date: Fri, 10 Feb 2023 06:45:01 +0000 Message-Id: <20230210064503.706699-4-felix.moessbauer@siemens.com> In-Reply-To: <20230210064503.706699-1-felix.moessbauer@siemens.com> References: <20230210064503.706699-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 10 Feb 2023 12:08:05 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10659 This patch reworks the generation of the swu file. Instead of using the rootfs partition created by wic, we directly use the squashfs rootfs as default. By that, we do not have to deploy the WIC partitions and also always select the correct rootfs independent of the partition number. This is especially relevant for embedded boards, where the first partitions contain the u-boot-spl and firmware. For use-cases with other fs formats (like verity), we support to overwrite the SWU_ROOTFS_NAME and SWU_ROOTFS_TYPE. Signed-off-by: Felix Moessbauer --- classes/swupdate.bbclass | 8 +++++--- kas/opt/ebg-secure-boot-snakeoil.yml | 1 + kas/opt/swupdate.yml | 1 + 3 files changed, 7 insertions(+), 3 deletions(-) diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass index 2e32729..451dee6 100644 --- a/classes/swupdate.bbclass +++ b/classes/swupdate.bbclass @@ -6,9 +6,12 @@ # Authors: # Christian Storm # Quirin Gylstorff +# Felix Moessbauer # # SPDX-License-Identifier: MIT -ROOTFS_PARTITION_NAME ?= "${IMAGE_FULLNAME}.wic.p4.gz" +SWU_ROOTFS_TYPE ?= "squashfs" +SWU_ROOTFS_NAME ?= "${IMAGE_FULLNAME}" +ROOTFS_PARTITION_NAME ?= "${SWU_ROOTFS_NAME}.${SWU_ROOTFS_TYPE}.gz" SWU_IMAGE_FILE ?= "${DEPLOY_DIR_IMAGE}/${PN}-${DISTRO}-${MACHINE}.swu" SWU_DESCRIPTION_FILE ?= "sw-description" @@ -19,8 +22,7 @@ SWU_SIGNATURE_TYPE ?= "rsa" BUILDCHROOT_IMAGE_FILE ?= "${PP_DEPLOY}/${@os.path.basename(d.getVar('SWU_IMAGE_FILE'))}" -IMAGE_TYPEDEP:wic += "squashfs" -IMAGE_TYPEDEP:swu = "wic" +IMAGE_TYPEDEP:swu = "wic ${SWU_ROOTFS_TYPE}.gz" IMAGER_INSTALL:swu += "cpio ${@'openssl' if bb.utils.to_boolean(d.getVar('SWU_SIGNED')) else ''}" IMAGE_SRC_URI:swu = "file://${SWU_DESCRIPTION_FILE}.tmpl" diff --git a/kas/opt/ebg-secure-boot-snakeoil.yml b/kas/opt/ebg-secure-boot-snakeoil.yml index a182a67..8f2b7bb 100644 --- a/kas/opt/ebg-secure-boot-snakeoil.yml +++ b/kas/opt/ebg-secure-boot-snakeoil.yml @@ -19,6 +19,7 @@ local_conf_header: IMAGE_CLASSES += "verity" IMAGE_FSTYPES = "wic" IMAGE_TYPEDEP:wic += "verity" + SWU_ROOTFS_TYPE = "verity" WKS_FILE = "${MACHINE}-efibootguard-secureboot.wks.in" INITRAMFS_INSTALL:append = " initramfs-verity-hook" # abrootfs cannot be installed together with verity diff --git a/kas/opt/swupdate.yml b/kas/opt/swupdate.yml index 80cd86e..236b3c4 100644 --- a/kas/opt/swupdate.yml +++ b/kas/opt/swupdate.yml @@ -19,6 +19,7 @@ local_conf_header: CIP_IMAGE_OPTIONS:append = " swupdate.inc" wic-swu: | + IMAGE_TYPEDEP:wic += "squashfs" IMAGE_FSTYPES += "swu" WKS_FILE ?= "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks.in" INITRAMFS_INSTALL:append = " initramfs-squashfs-hook" From patchwork Fri Feb 10 06:45:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 13135741 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5FED6C636CD for ; Fri, 10 Feb 2023 12:08:15 +0000 (UTC) Received: from mta-64-227.siemens.flowmailer.net (mta-64-227.siemens.flowmailer.net [185.136.64.227]) by mx.groups.io with SMTP id smtpd.web11.8330.1676011537591896575 for ; Thu, 09 Feb 2023 22:45:37 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1 header.b=DmC2Glpc; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.227, mailfrom: fm-72506-2023021006453578e2d3cceb2f7719a8-v554pv@rts-flowmailer.siemens.com) Received: by mta-64-227.siemens.flowmailer.net with ESMTPSA id 2023021006453578e2d3cceb2f7719a8 for ; Fri, 10 Feb 2023 07:45:35 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=tRS8UefPwOXp1o9uqnB6B1v6Zxcqc/IJy/1vXcoWJUs=; b=DmC2Glpc7oxeRNUD9IDJ11uQrd5TK4OdmHIGUZ6FIFGElYaDqjmIfn9ezKfifMLYtDgt1k F/M06eaq5TSIeIz6hNjVp7gNXtRV521/CjEnf8rSh99MsP5UVJJ7CWBAEMVA9w1kyXAxMmck x+auWYgiXjpI0y5ypmoyDG+TYnXGU=; From: Felix Moessbauer To: cip-dev@lists.cip-project.org Cc: adriaan.schmidt@siemens.com, jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [isar-cip-core][PATCH v2 4/5] swupdate: only check partition uuids on swupdate Date: Fri, 10 Feb 2023 06:45:02 +0000 Message-Id: <20230210064503.706699-5-felix.moessbauer@siemens.com> In-Reply-To: <20230210064503.706699-1-felix.moessbauer@siemens.com> References: <20230210064503.706699-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 10 Feb 2023 12:08:15 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10660 This patch moves the partition uuid check into a task to only execute the logic in case an swu image is built. Previously this was checked at parse time, leading to errors when not setting these variables and building an image without swupdate support from an layer that also provides images with swupdate support. Signed-off-by: Felix Moessbauer --- classes/swupdate.bbclass | 8 ++++++++ recipes-core/images/swupdate.inc | 6 ------ 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass index 451dee6..6e117bd 100644 --- a/classes/swupdate.bbclass +++ b/classes/swupdate.bbclass @@ -99,3 +99,11 @@ IMAGE_CMD:swu() { fi done | cpio -ovL -H crc > "${BUILDCHROOT_IMAGE_FILE}"' } + +python do_check_swu_partition_uuids() { + for u in ['A', 'B']: + if not d.getVar('ABROOTFS_PART_UUID_' + u): + bb.fatal('ABROOTFS_PART_UUID_' + u + ' not set') +} + +addtask check_swu_partition_uuids before do_image_swu diff --git a/recipes-core/images/swupdate.inc b/recipes-core/images/swupdate.inc index 20ed600..3ec7767 100644 --- a/recipes-core/images/swupdate.inc +++ b/recipes-core/images/swupdate.inc @@ -15,9 +15,3 @@ inherit read-only-rootfs IMAGE_INSTALL += " swupdate" IMAGE_INSTALL += " swupdate-handler-roundrobin" - -python() { - for u in ['A', 'B']: - if not d.getVar('ABROOTFS_PART_UUID_' + u): - bb.fatal('ABROOTFS_PART_UUID_' + u + ' not set') -} From patchwork Fri Feb 10 06:45:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Felix Moessbauer X-Patchwork-Id: 13135742 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 64725C6379F for ; Fri, 10 Feb 2023 12:08:15 +0000 (UTC) Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net [185.136.65.227]) by mx.groups.io with SMTP id smtpd.web10.8430.1676011539504705810 for ; Thu, 09 Feb 2023 22:45:40 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1 header.b=B6QXB9tP; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.227, mailfrom: fm-72506-2023021006453721f61a2ec5c830cf18-b0hbsi@rts-flowmailer.siemens.com) Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 2023021006453721f61a2ec5c830cf18 for ; Fri, 10 Feb 2023 07:45:37 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=felix.moessbauer@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To; bh=b/PI5KraOKL/V/kVevtMIU0uGf7oSI2Y0Uqp1L8cek0=; b=B6QXB9tPmoJE7pFQy6H67C/TMgVKcC2cbI9XQMFPThGOkA2/imAn+fydWtFCO1Cb5Ww8Pp z9Dueca8QCV/vD4GBjFbsfs5xBmVDeJj+bnvtvwWbGfVvc1Pg3jO/eoCyz63JTWZ0GRj16j1 TSLD9dGPa/WFy8iICYsgim0wvO/U0=; From: Felix Moessbauer To: cip-dev@lists.cip-project.org Cc: adriaan.schmidt@siemens.com, jan.kiszka@siemens.com, quirin.gylstorff@siemens.com, Felix Moessbauer Subject: [isar-cip-core][PATCH v2 5/5] refactor verity image creation Date: Fri, 10 Feb 2023 06:45:03 +0000 Message-Id: <20230210064503.706699-6-felix.moessbauer@siemens.com> In-Reply-To: <20230210064503.706699-1-felix.moessbauer@siemens.com> References: <20230210064503.706699-1-felix.moessbauer@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-72506:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Fri, 10 Feb 2023 12:08:15 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10661 This patch simplifies the integration of verity with swupdate. We now directly copy the generated verity image into the swu file, instead of going via wic. This solves the issue with leading partitions, shifting the partition layout and resulting in a wrong partition in the swu file. Further, we cleanup some duplicated variables. Signed-off-by: Felix Moessbauer --- classes/verity.bbclass | 7 +------ kas/opt/ebg-secure-boot-snakeoil.yml | 1 - 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/classes/verity.bbclass b/classes/verity.bbclass index 154b9e1..747a7ae 100644 --- a/classes/verity.bbclass +++ b/classes/verity.bbclass @@ -9,21 +9,16 @@ # SPDX-License-Identifier: MIT # -VERITY_IMAGE_TYPE ?= "squashfs" - -inherit ${VERITY_IMAGE_TYPE} - IMAGE_TYPEDEP:verity = "${VERITY_IMAGE_TYPE}" IMAGER_INSTALL:verity += "cryptsetup" +VERITY_IMAGE_TYPE ?= "squashfs" VERITY_INPUT_IMAGE ?= "${IMAGE_FULLNAME}.${VERITY_IMAGE_TYPE}" VERITY_OUTPUT_IMAGE ?= "${IMAGE_FULLNAME}.verity" VERITY_IMAGE_METADATA = "${VERITY_OUTPUT_IMAGE}.metadata" VERITY_HASH_BLOCK_SIZE ?= "1024" VERITY_DATA_BLOCK_SIZE ?= "1024" -IMAGER_INSTALL += "cryptsetup" - create_verity_env_file() { local ENV="${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.verity.env" diff --git a/kas/opt/ebg-secure-boot-snakeoil.yml b/kas/opt/ebg-secure-boot-snakeoil.yml index 8f2b7bb..3d0e3c9 100644 --- a/kas/opt/ebg-secure-boot-snakeoil.yml +++ b/kas/opt/ebg-secure-boot-snakeoil.yml @@ -16,7 +16,6 @@ header: local_conf_header: secure-boot-image: | - IMAGE_CLASSES += "verity" IMAGE_FSTYPES = "wic" IMAGE_TYPEDEP:wic += "verity" SWU_ROOTFS_TYPE = "verity"