From patchwork Fri Feb 10 13:48:10 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Felix Moessbauer <felix.moessbauer@siemens.com>
X-Patchwork-Id: 13135835
Return-Path: <ncaidin@linuxfoundation.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 26AE2C636CD
	for <webhook@archiver.kernel.org>; Fri, 10 Feb 2023 13:58:06 +0000 (UTC)
Received: from mta-64-227.siemens.flowmailer.net
 (mta-64-227.siemens.flowmailer.net [185.136.64.227])
 by mx.groups.io with SMTP id smtpd.web11.14837.1676036914460925767
 for <cip-dev@lists.cip-project.org>;
 Fri, 10 Feb 2023 05:48:35 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1
 header.b=EC9frDDz;
 spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.227,
 mailfrom:
 fm-72506-20230210134832b3e171b512917edb1d-sbchjz@rts-flowmailer.siemens.com)
Received: by mta-64-227.siemens.flowmailer.net with ESMTPSA id
 20230210134832b3e171b512917edb1d
        for <cip-dev@lists.cip-project.org>;
        Fri, 10 Feb 2023 14:48:32 +0100
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=felix.moessbauer@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To;
 bh=4/kDUXu/3oHRiaaFFSxG6ppJQPmO1zJWp1pjRSL0Q5Q=;
 b=EC9frDDzu4gbG+3zBaHYkRcBu9VocKoLeOo6B1oBruxHfvX8/kEHSB15jjEZIAxPtGQWq9
 rC9un8vpLpuEXxafenfmaSp7eIW0s7HJmhp9EUxqoJAhR10dRwLXYeKclyg7mVkz1eZGNdlI
 uXSuzwYvZq95EbJUOCBXtIeSme20k=;
From: Felix Moessbauer <felix.moessbauer@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: adriaan.schmidt@siemens.com,
	jan.kiszka@siemens.com,
	quirin.gylstorff@siemens.com,
	Felix Moessbauer <felix.moessbauer@siemens.com>
Subject: [isar-cip-core][PATCH v3 1/5] register image classes via layer.conf
Date: Fri, 10 Feb 2023 13:48:10 +0000
Message-Id: <20230210134814.732118-2-felix.moessbauer@siemens.com>
In-Reply-To: <20230210134814.732118-1-felix.moessbauer@siemens.com>
References: <20230210134814.732118-1-felix.moessbauer@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-72506:519-21489:flowmailer
List-Id: <cip-dev.lists.cip-project.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <cip-dev@lists.cip-project.org>; Fri, 10 Feb 2023 13:58:06 -0000
X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10665

This patch registers the provided image classes via the bblayer.conf
file. By that, no manual additions of these classes via kas is required
and erronous implementations are detected early (e.g. mandatory inputs
without defaults).

Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com>
---
 conf/layer.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/conf/layer.conf b/conf/layer.conf
index 0c5fd39..2c888b2 100644
--- a/conf/layer.conf
+++ b/conf/layer.conf
@@ -22,3 +22,5 @@ LAYERSERIES_COMPAT_cip-core = "next"
 
 LAYERDIR_cip-core = "${LAYERDIR}"
 LAYERDIR_cip-core[vardepvalue] = "isar-cip-core"
+
+IMAGE_CLASSES += "squashfs verity swupdate"

From patchwork Fri Feb 10 13:48:11 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Felix Moessbauer <felix.moessbauer@siemens.com>
X-Patchwork-Id: 13135840
Return-Path: <ncaidin@linuxfoundation.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id F11CDC636CD
	for <webhook@archiver.kernel.org>; Fri, 10 Feb 2023 13:58:15 +0000 (UTC)
Received: from mta-64-226.siemens.flowmailer.net
 (mta-64-226.siemens.flowmailer.net [185.136.64.226])
 by mx.groups.io with SMTP id smtpd.web11.14838.1676036916979110896
 for <cip-dev@lists.cip-project.org>;
 Fri, 10 Feb 2023 05:48:37 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1
 header.b=KZBELdrn;
 spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.226,
 mailfrom:
 fm-72506-202302101348355f7bf51faac5f51473-puvzy0@rts-flowmailer.siemens.com)
Received: by mta-64-226.siemens.flowmailer.net with ESMTPSA id
 202302101348355f7bf51faac5f51473
        for <cip-dev@lists.cip-project.org>;
        Fri, 10 Feb 2023 14:48:35 +0100
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=felix.moessbauer@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To;
 bh=Aavh7/mmqE/sNusnhf3z/887CC8HwTKAfuTr+je97zU=;
 b=KZBELdrnL6amwL2eXQvHjmvObtZzC25W4pTBKaiegI6DCUEJrbRJ0ztAQNxGnL4urWqDSc
 6BzS2wYudoGKKXHHH+5idnzwpgZelW+JWLj2cf6B8oUJ70Ki0797skqJPVIh3U/rRAcWrLws
 XL687qEsuOCGDMKe3Fr7bIALTkUT4=;
From: Felix Moessbauer <felix.moessbauer@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: adriaan.schmidt@siemens.com,
	jan.kiszka@siemens.com,
	quirin.gylstorff@siemens.com,
	Felix Moessbauer <felix.moessbauer@siemens.com>
Subject: [isar-cip-core][PATCH v3 2/5] refactor: use imagetypes for swu
 generation
Date: Fri, 10 Feb 2023 13:48:11 +0000
Message-Id: <20230210134814.732118-3-felix.moessbauer@siemens.com>
In-Reply-To: <20230210134814.732118-1-felix.moessbauer@siemens.com>
References: <20230210134814.732118-1-felix.moessbauer@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-72506:519-21489:flowmailer
List-Id: <cip-dev.lists.cip-project.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <cip-dev@lists.cip-project.org>; Fri, 10 Feb 2023 13:58:15 -0000
X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10666

This patch reworks the implementation of the swupdate type.
All generic aspects are moved from the swupdate.inc file into the
swupdate class and made conditional on the swu type.
The sw-description file is now referenced using the image-type
infrastructure, which avoids manual additions to FILESEXTRAPATHS and
accidental overwrites of SRC_URI. The templating logic is moved into the
generic one provided by imagetypes.

Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com>
---
 classes/swupdate.bbclass         | 21 ++++++++++++---------
 kas/opt/swupdate.yml             |  5 +----
 recipes-core/images/swupdate.inc | 14 --------------
 3 files changed, 13 insertions(+), 27 deletions(-)

diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass
index 5eb4936..e5bac53 100644
--- a/classes/swupdate.bbclass
+++ b/classes/swupdate.bbclass
@@ -8,23 +8,28 @@
 #  Quirin Gylstorff <quirin.gylstorff@siemens.com>
 #
 # SPDX-License-Identifier: MIT
+ROOTFS_PARTITION_NAME ?= "${IMAGE_FULLNAME}.wic.p4.gz"
 
 SWU_IMAGE_FILE ?= "${DEPLOY_DIR_IMAGE}/${PN}-${DISTRO}-${MACHINE}.swu"
 SWU_DESCRIPTION_FILE ?= "sw-description"
-SWU_ADDITIONAL_FILES ?= ""
+SWU_ADDITIONAL_FILES ?= "linux.efi ${ROOTFS_PARTITION_NAME}"
 SWU_SIGNED ?= ""
 SWU_SIGNATURE_EXT ?= "sig"
 SWU_SIGNATURE_TYPE ?= "rsa"
 
 BUILDCHROOT_IMAGE_FILE ?= "${PP_DEPLOY}/${@os.path.basename(d.getVar('SWU_IMAGE_FILE'))}"
 
-IMAGER_INSTALL += "cpio"
-IMAGER_INSTALL += "${@'openssl' if bb.utils.to_boolean(d.getVar('SWU_SIGNED')) else ''}"
+IMAGE_TYPEDEP:wic += "squashfs"
+IMAGE_TYPEDEP:swu = "wic"
+IMAGER_INSTALL:swu += "cpio ${@'openssl' if bb.utils.to_boolean(d.getVar('SWU_SIGNED')) else ''}"
 
-do_swupdate_binary[stamp-extra-info] = "${DISTRO}-${MACHINE}"
-do_swupdate_binary[cleandirs] += "${WORKDIR}/swu"
-do_swupdate_binary[network] = "${TASK_USE_SUDO}"
-do_swupdate_binary() {
+IMAGE_SRC_URI:swu = "file://${SWU_DESCRIPTION_FILE}.tmpl"
+IMAGE_TEMPLATE_FILES:swu = "${SWU_DESCRIPTION_FILE}.tmpl"
+IMAGE_TEMPLATE_VARS:swu = "ROOTFS_PARTITION_NAME TARGET_IMAGE_UUID ABROOTFS_PART_UUID_A ABROOTFS_PART_UUID_B"
+
+do_image_swu[stamp-extra-info] = "${DISTRO}-${MACHINE}"
+do_image_swu[cleandirs] += "${WORKDIR}/swu"
+IMAGE_CMD:swu() {
     rm -f '${SWU_IMAGE_FILE}'
     cp '${WORKDIR}/${SWU_DESCRIPTION_FILE}' '${WORKDIR}/swu/${SWU_DESCRIPTION_FILE}'
 
@@ -91,5 +96,3 @@ do_swupdate_binary() {
            fi
         done | cpio -ovL -H crc > "${BUILDCHROOT_IMAGE_FILE}"'
 }
-
-addtask swupdate_binary before do_build after do_deploy do_copy_boot_files do_install_imager_deps do_transform_template
diff --git a/kas/opt/swupdate.yml b/kas/opt/swupdate.yml
index ae5e3a1..80cd86e 100644
--- a/kas/opt/swupdate.yml
+++ b/kas/opt/swupdate.yml
@@ -19,11 +19,8 @@ local_conf_header:
     CIP_IMAGE_OPTIONS:append = " swupdate.inc"
 
   wic-swu: |
-    IMAGE_CLASSES += "squashfs"
-    IMAGE_TYPEDEP:wic += "squashfs"
-    IMAGE_FSTYPES = "wic"
+    IMAGE_FSTYPES += "swu"
     WKS_FILE ?= "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks.in"
     INITRAMFS_INSTALL:append = " initramfs-squashfs-hook"
-    WIC_DEPLOY_PARTITIONS = "1"
     ABROOTFS_PART_UUID_A ?= "fedcba98-7654-3210-cafe-5e0710000001"
     ABROOTFS_PART_UUID_B ?= "fedcba98-7654-3210-cafe-5e0710000002"
diff --git a/recipes-core/images/swupdate.inc b/recipes-core/images/swupdate.inc
index ee893dd..20ed600 100644
--- a/recipes-core/images/swupdate.inc
+++ b/recipes-core/images/swupdate.inc
@@ -16,20 +16,6 @@ inherit read-only-rootfs
 IMAGE_INSTALL += " swupdate"
 IMAGE_INSTALL += " swupdate-handler-roundrobin"
 
-ROOTFS_PARTITION_NAME = "${IMAGE_FULLNAME}.wic.p4.gz"
-
-FILESEXTRAPATHS:prepend := "${THISDIR}/files:"
-
-SRC_URI += "file://sw-description.tmpl"
-TEMPLATE_FILES += "sw-description.tmpl"
-
-do_transform_template[vardeps] += "TARGET_IMAGE_UUID"
-addtask do_transform_template before do_swupdate_binary after do_generate_image_uuid
-
-TEMPLATE_VARS += "ROOTFS_PARTITION_NAME TARGET_IMAGE_UUID ABROOTFS_PART_UUID_A ABROOTFS_PART_UUID_B"
-
-SWU_ADDITIONAL_FILES += "linux.efi ${ROOTFS_PARTITION_NAME}"
-
 python() {
     for u in ['A', 'B']:
         if not d.getVar('ABROOTFS_PART_UUID_' + u):

From patchwork Fri Feb 10 13:48:12 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Felix Moessbauer <felix.moessbauer@siemens.com>
X-Patchwork-Id: 13135839
Return-Path: <ncaidin@linuxfoundation.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id F2714C636D7
	for <webhook@archiver.kernel.org>; Fri, 10 Feb 2023 13:58:15 +0000 (UTC)
Received: from mta-64-228.siemens.flowmailer.net
 (mta-64-228.siemens.flowmailer.net [185.136.64.228])
 by mx.groups.io with SMTP id smtpd.web10.15147.1676036933217909273
 for <cip-dev@lists.cip-project.org>;
 Fri, 10 Feb 2023 05:48:53 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1
 header.b=obgU3T0p;
 spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.228,
 mailfrom:
 fm-72506-20230210134851436712c82c60eeaff0-5yyhi_@rts-flowmailer.siemens.com)
Received: by mta-64-228.siemens.flowmailer.net with ESMTPSA id
 20230210134851436712c82c60eeaff0
        for <cip-dev@lists.cip-project.org>;
        Fri, 10 Feb 2023 14:48:51 +0100
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=felix.moessbauer@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To;
 bh=bUwZQ0u37YnrtPMlS9qxLdz1O9FrmtsvhNSsMzvVk0o=;
 b=obgU3T0pnPMMrT9wwW+GetgVIId8BEvUvprS2ho7YZAqojza7zROECTpSRVEAair93d+qM
 zfljXeMDtxC+Q//eAEHEbHy2tek+Ee0S18ogAdwVMrkIkn/IvA8AiguY8go2UsCy6o/G2zyN
 yLeVNNNEcHiPs+EXLXQg7n/KJ92VA=;
From: Felix Moessbauer <felix.moessbauer@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: adriaan.schmidt@siemens.com,
	jan.kiszka@siemens.com,
	quirin.gylstorff@siemens.com,
	Felix Moessbauer <felix.moessbauer@siemens.com>
Subject: [isar-cip-core][PATCH v3 3/5] swu: directly image from squashfs
 rootfs
Date: Fri, 10 Feb 2023 13:48:12 +0000
Message-Id: <20230210134814.732118-4-felix.moessbauer@siemens.com>
In-Reply-To: <20230210134814.732118-1-felix.moessbauer@siemens.com>
References: <20230210134814.732118-1-felix.moessbauer@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-72506:519-21489:flowmailer
List-Id: <cip-dev.lists.cip-project.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <cip-dev@lists.cip-project.org>; Fri, 10 Feb 2023 13:58:15 -0000
X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10667

This patch reworks the generation of the swu file. Instead of using the
rootfs partition created by wic, we directly use the squashfs rootfs as
default. By that, we do not have to deploy the WIC partitions and also
always select the correct rootfs independent of the partition number.
This is especially relevant for embedded boards, where the first
partitions contain the u-boot-spl and firmware.

For use-cases with other fs formats (like verity), we support to
overwrite the SWU_ROOTFS_NAME and SWU_ROOTFS_TYPE.

Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com>
---
 classes/swupdate.bbclass             | 8 +++++---
 kas/opt/ebg-secure-boot-snakeoil.yml | 1 +
 kas/opt/swupdate.yml                 | 1 +
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass
index e5bac53..1c93296 100644
--- a/classes/swupdate.bbclass
+++ b/classes/swupdate.bbclass
@@ -6,9 +6,12 @@
 # Authors:
 #  Christian Storm <christian.storm@siemens.com>
 #  Quirin Gylstorff <quirin.gylstorff@siemens.com>
+#  Felix Moessbauer <felix.moessbauer@siemens.com>
 #
 # SPDX-License-Identifier: MIT
-ROOTFS_PARTITION_NAME ?= "${IMAGE_FULLNAME}.wic.p4.gz"
+SWU_ROOTFS_TYPE ?= "squashfs"
+SWU_ROOTFS_NAME ?= "${IMAGE_FULLNAME}"
+ROOTFS_PARTITION_NAME ?= "${SWU_ROOTFS_NAME}.${SWU_ROOTFS_TYPE}.gz"
 
 SWU_IMAGE_FILE ?= "${DEPLOY_DIR_IMAGE}/${PN}-${DISTRO}-${MACHINE}.swu"
 SWU_DESCRIPTION_FILE ?= "sw-description"
@@ -19,8 +22,7 @@ SWU_SIGNATURE_TYPE ?= "rsa"
 
 BUILDCHROOT_IMAGE_FILE ?= "${PP_DEPLOY}/${@os.path.basename(d.getVar('SWU_IMAGE_FILE'))}"
 
-IMAGE_TYPEDEP:wic += "squashfs"
-IMAGE_TYPEDEP:swu = "wic"
+IMAGE_TYPEDEP:swu = "wic ${SWU_ROOTFS_TYPE}.gz"
 IMAGER_INSTALL:swu += "cpio ${@'openssl' if bb.utils.to_boolean(d.getVar('SWU_SIGNED')) else ''}"
 
 IMAGE_SRC_URI:swu = "file://${SWU_DESCRIPTION_FILE}.tmpl"
diff --git a/kas/opt/ebg-secure-boot-snakeoil.yml b/kas/opt/ebg-secure-boot-snakeoil.yml
index a182a67..8f2b7bb 100644
--- a/kas/opt/ebg-secure-boot-snakeoil.yml
+++ b/kas/opt/ebg-secure-boot-snakeoil.yml
@@ -19,6 +19,7 @@ local_conf_header:
     IMAGE_CLASSES += "verity"
     IMAGE_FSTYPES = "wic"
     IMAGE_TYPEDEP:wic += "verity"
+    SWU_ROOTFS_TYPE = "verity"
     WKS_FILE = "${MACHINE}-efibootguard-secureboot.wks.in"
     INITRAMFS_INSTALL:append = " initramfs-verity-hook"
     # abrootfs cannot be installed together with verity
diff --git a/kas/opt/swupdate.yml b/kas/opt/swupdate.yml
index 80cd86e..236b3c4 100644
--- a/kas/opt/swupdate.yml
+++ b/kas/opt/swupdate.yml
@@ -19,6 +19,7 @@ local_conf_header:
     CIP_IMAGE_OPTIONS:append = " swupdate.inc"
 
   wic-swu: |
+    IMAGE_TYPEDEP:wic += "squashfs"
     IMAGE_FSTYPES += "swu"
     WKS_FILE ?= "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks.in"
     INITRAMFS_INSTALL:append = " initramfs-squashfs-hook"

From patchwork Fri Feb 10 13:48:13 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Felix Moessbauer <felix.moessbauer@siemens.com>
X-Patchwork-Id: 13135838
Return-Path: <ncaidin@linuxfoundation.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id F1205C636D4
	for <webhook@archiver.kernel.org>; Fri, 10 Feb 2023 13:58:15 +0000 (UTC)
Received: from mta-64-228.siemens.flowmailer.net
 (mta-64-228.siemens.flowmailer.net [185.136.64.228])
 by mx.groups.io with SMTP id smtpd.web10.15147.1676036933217909273
 for <cip-dev@lists.cip-project.org>;
 Fri, 10 Feb 2023 05:48:54 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1
 header.b=BEsLfCGT;
 spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.228,
 mailfrom:
 fm-72506-202302101348532a6336890e16afcd08-jvohaz@rts-flowmailer.siemens.com)
Received: by mta-64-228.siemens.flowmailer.net with ESMTPSA id
 202302101348532a6336890e16afcd08
        for <cip-dev@lists.cip-project.org>;
        Fri, 10 Feb 2023 14:48:53 +0100
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=felix.moessbauer@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To;
 bh=x74jNJeua2DPt7NWaAcLMzEwiPgfPLgEtcPreJPaXjY=;
 b=BEsLfCGTOAQpyreAJakp3cBbK4qPX8xplxOjEv/qjHBruCSktJQaXMKO9zMZiExKbcvtm1
 aK1/AB5XxirkxDAmmYU+fhQ4zNI7vfVTKwS9Ulcel+K2WwAHOFPzCEuS94sVTfUtcpFYiL1Z
 sOqU6yrhU97Lzuir+ug7BEGvZNJXQ=;
From: Felix Moessbauer <felix.moessbauer@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: adriaan.schmidt@siemens.com,
	jan.kiszka@siemens.com,
	quirin.gylstorff@siemens.com,
	Felix Moessbauer <felix.moessbauer@siemens.com>
Subject: [isar-cip-core][PATCH v3 4/5] swupdate: only check partition uuids on
 swupdate
Date: Fri, 10 Feb 2023 13:48:13 +0000
Message-Id: <20230210134814.732118-5-felix.moessbauer@siemens.com>
In-Reply-To: <20230210134814.732118-1-felix.moessbauer@siemens.com>
References: <20230210134814.732118-1-felix.moessbauer@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-72506:519-21489:flowmailer
List-Id: <cip-dev.lists.cip-project.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <cip-dev@lists.cip-project.org>; Fri, 10 Feb 2023 13:58:15 -0000
X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10668

This patch moves the partition uuid check into a task to only execute
the logic in case an swu image is built. Previously this was checked at
parse time, leading to errors when not setting these variables and
building an image without swupdate support from an layer that also
provides images with swupdate support.

Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com>
---
 classes/swupdate.bbclass         | 8 ++++++++
 recipes-core/images/swupdate.inc | 6 ------
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass
index 1c93296..8cf012d 100644
--- a/classes/swupdate.bbclass
+++ b/classes/swupdate.bbclass
@@ -98,3 +98,11 @@ IMAGE_CMD:swu() {
            fi
         done | cpio -ovL -H crc > "${BUILDCHROOT_IMAGE_FILE}"'
 }
+
+python do_check_swu_partition_uuids() {
+    for u in ['A', 'B']:
+        if not d.getVar('ABROOTFS_PART_UUID_' + u):
+            bb.fatal('ABROOTFS_PART_UUID_' + u + ' not set')
+}
+
+addtask check_swu_partition_uuids before do_image_swu
diff --git a/recipes-core/images/swupdate.inc b/recipes-core/images/swupdate.inc
index 20ed600..3ec7767 100644
--- a/recipes-core/images/swupdate.inc
+++ b/recipes-core/images/swupdate.inc
@@ -15,9 +15,3 @@ inherit read-only-rootfs
 
 IMAGE_INSTALL += " swupdate"
 IMAGE_INSTALL += " swupdate-handler-roundrobin"
-
-python() {
-    for u in ['A', 'B']:
-        if not d.getVar('ABROOTFS_PART_UUID_' + u):
-            bb.fatal('ABROOTFS_PART_UUID_' + u + ' not set')
-}

From patchwork Fri Feb 10 13:48:14 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Felix Moessbauer <felix.moessbauer@siemens.com>
X-Patchwork-Id: 13135836
Return-Path: <ncaidin@linuxfoundation.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 276BDC636D4
	for <webhook@archiver.kernel.org>; Fri, 10 Feb 2023 13:58:06 +0000 (UTC)
Received: from mta-64-227.siemens.flowmailer.net
 (mta-64-227.siemens.flowmailer.net [185.136.64.227])
 by mx.groups.io with SMTP id smtpd.web10.15149.1676036938116396938
 for <cip-dev@lists.cip-project.org>;
 Fri, 10 Feb 2023 05:48:58 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=felix.moessbauer@siemens.com header.s=fm1
 header.b=TLeygOrY;
 spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.227,
 mailfrom:
 fm-72506-20230210134856c65e4cad2c0723ece7-zc0qq_@rts-flowmailer.siemens.com)
Received: by mta-64-227.siemens.flowmailer.net with ESMTPSA id
 20230210134856c65e4cad2c0723ece7
        for <cip-dev@lists.cip-project.org>;
        Fri, 10 Feb 2023 14:48:56 +0100
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1;
 d=siemens.com; i=felix.moessbauer@siemens.com;
 h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:Cc:References:In-Reply-To;
 bh=b/PI5KraOKL/V/kVevtMIU0uGf7oSI2Y0Uqp1L8cek0=;
 b=TLeygOrYL3ybfOSrdp/7GSGwfzHj4ffU5mMupaGJpdRGI3ZCWBK7q7t1DUeofyYhMiks84
 7A6CTekD5umjaNZbaCJPzKr7MuSdRltd1RnGkhv8F80sq+5LAgIYcXicUzLhyEw+Hn4hjDYe
 lTH+EZ8E1qmaLrFxoxweunb7YmQuA=;
From: Felix Moessbauer <felix.moessbauer@siemens.com>
To: cip-dev@lists.cip-project.org
Cc: adriaan.schmidt@siemens.com,
	jan.kiszka@siemens.com,
	quirin.gylstorff@siemens.com,
	Felix Moessbauer <felix.moessbauer@siemens.com>
Subject: [isar-cip-core][PATCH v3 5/5] refactor verity image creation
Date: Fri, 10 Feb 2023 13:48:14 +0000
Message-Id: <20230210134814.732118-6-felix.moessbauer@siemens.com>
In-Reply-To: <20230210134814.732118-1-felix.moessbauer@siemens.com>
References: <20230210134814.732118-1-felix.moessbauer@siemens.com>
MIME-Version: 1.0
X-Flowmailer-Platform: Siemens
Feedback-ID: 519:519-72506:519-21489:flowmailer
List-Id: <cip-dev.lists.cip-project.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <cip-dev@lists.cip-project.org>; Fri, 10 Feb 2023 13:58:06 -0000
X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/10663

This patch simplifies the integration of verity with swupdate.
We now directly copy the generated verity image into the swu file,
instead of going via wic. This solves the issue with leading partitions,
shifting the partition layout and resulting in a wrong partition in the
swu file. Further, we cleanup some duplicated variables.

Signed-off-by: Felix Moessbauer <felix.moessbauer@siemens.com>
---
 classes/verity.bbclass               | 7 +------
 kas/opt/ebg-secure-boot-snakeoil.yml | 1 -
 2 files changed, 1 insertion(+), 7 deletions(-)

diff --git a/classes/verity.bbclass b/classes/verity.bbclass
index 154b9e1..747a7ae 100644
--- a/classes/verity.bbclass
+++ b/classes/verity.bbclass
@@ -9,21 +9,16 @@
 # SPDX-License-Identifier: MIT
 #
 
-VERITY_IMAGE_TYPE ?= "squashfs"
-
-inherit ${VERITY_IMAGE_TYPE}
-
 IMAGE_TYPEDEP:verity = "${VERITY_IMAGE_TYPE}"
 IMAGER_INSTALL:verity += "cryptsetup"
 
+VERITY_IMAGE_TYPE ?= "squashfs"
 VERITY_INPUT_IMAGE ?= "${IMAGE_FULLNAME}.${VERITY_IMAGE_TYPE}"
 VERITY_OUTPUT_IMAGE ?= "${IMAGE_FULLNAME}.verity"
 VERITY_IMAGE_METADATA = "${VERITY_OUTPUT_IMAGE}.metadata"
 VERITY_HASH_BLOCK_SIZE ?= "1024"
 VERITY_DATA_BLOCK_SIZE ?= "1024"
 
-IMAGER_INSTALL += "cryptsetup"
-
 create_verity_env_file() {
 
     local ENV="${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.verity.env"
diff --git a/kas/opt/ebg-secure-boot-snakeoil.yml b/kas/opt/ebg-secure-boot-snakeoil.yml
index 8f2b7bb..3d0e3c9 100644
--- a/kas/opt/ebg-secure-boot-snakeoil.yml
+++ b/kas/opt/ebg-secure-boot-snakeoil.yml
@@ -16,7 +16,6 @@ header:
 
 local_conf_header:
   secure-boot-image: |
-    IMAGE_CLASSES += "verity"
     IMAGE_FSTYPES = "wic"
     IMAGE_TYPEDEP:wic += "verity"
     SWU_ROOTFS_TYPE = "verity"