From patchwork Mon Dec 11 12:19:19 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gylstorff Quirin X-Patchwork-Id: 13487166 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 54A54C46CC5 for ; Mon, 11 Dec 2023 12:25:43 +0000 (UTC) Received: from mta-64-226.siemens.flowmailer.net (mta-64-226.siemens.flowmailer.net [185.136.64.226]) by mx.groups.io with SMTP id smtpd.web11.7069.1702297533273695063 for ; Mon, 11 Dec 2023 04:25:34 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=Quirin.Gylstorff@siemens.com header.s=fm1 header.b=b2/hiBKc; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.226, mailfrom: fm-51332-202312111225300e2348524158dc46c9-7tnyqp@rts-flowmailer.siemens.com) Received: by mta-64-226.siemens.flowmailer.net with ESMTPSA id 202312111225300e2348524158dc46c9 for ; Mon, 11 Dec 2023 13:25:30 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=Quirin.Gylstorff@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:References:In-Reply-To; bh=A3Gqt6yo23cHtLqklleCefNpTohs2KpADsdxYX/jHY8=; b=b2/hiBKcmjm/fwSCfkB7HBOJ80J6VcANVuuN6clGEY0CB4pRDBxoltsw0dzyfwhCIz1UJU f+lMmbJ3nMiYhc3p1vhX+v9/6uhoFMOg6K3wP2rgZfOWpqcQNjGhENvP748SdGZWzkj84Zdw vhqM2H22YzlnPadbetOAJ/aupb5vg=; From: Quirin Gylstorff To: jan.kiszka@siemens.com, felix.moessbauer@siemens.com, cip-dev@lists.cip-project.org Subject: [cip-dec][isar-cip-core][RFC v2 1/3] efibootguard-efi.py: copy signed ebg binary to DEPLOY_DIR Date: Mon, 11 Dec 2023 13:19:19 +0100 Message-ID: <20231211122528.486786-2-Quirin.Gylstorff@siemens.com> In-Reply-To: <20231211122528.486786-1-Quirin.Gylstorff@siemens.com> References: <20231211122528.486786-1-Quirin.Gylstorff@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-51332:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 11 Dec 2023 12:25:43 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/14020 From: Quirin Gylstorff This allows to add the signed ebg binary to a swu file for updating the bootloader. Signed-off-by: Quirin Gylstorff --- scripts/lib/wic/plugins/source/efibootguard-efi.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/scripts/lib/wic/plugins/source/efibootguard-efi.py b/scripts/lib/wic/plugins/source/efibootguard-efi.py index 86a22e0..f40b706 100644 --- a/scripts/lib/wic/plugins/source/efibootguard-efi.py +++ b/scripts/lib/wic/plugins/source/efibootguard-efi.py @@ -68,6 +68,12 @@ class EfibootguardEFIPlugin(SourcePlugin): "riscv64": "riscv64-linux-gnu", } + deploy_dir = get_bitbake_var("DEPLOY_DIR_IMAGE") + if not deploy_dir: + msger.error("DEPLOY_DIR_IMAGE not set, exiting\n") + exit(1) + creator.deploy_dir = deploy_dir + distro_arch = get_bitbake_var("DISTRO_ARCH") bootloader = "/usr/lib/{libpath}/efibootguard/efibootguard{efiarch}.efi".format( libpath=distro_to_lib_arch[distro_arch], @@ -90,6 +96,13 @@ class EfibootguardEFIPlugin(SourcePlugin): part_rootfs_dir, name) exec_cmd(cp_cmd, True) + msger.debug("copy {signed_bootloader} to deploy") + cp_to_deploy_cmd = "cp %s/%s %s/%s" % (cr_workdir, + signed_bootloader, + deploy_dir, + name) + exec_cmd(cp_to_deploy_cmd, True) + du_cmd = "du --apparent-size -ks %s" % part_rootfs_dir blocks = int(exec_cmd(du_cmd).split()[0]) From patchwork Mon Dec 11 12:19:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gylstorff Quirin X-Patchwork-Id: 13487167 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5EF2FC46CA3 for ; Mon, 11 Dec 2023 12:25:43 +0000 (UTC) Received: from mta-64-227.siemens.flowmailer.net (mta-64-227.siemens.flowmailer.net [185.136.64.227]) by mx.groups.io with SMTP id smtpd.web11.7067.1702297533062429793 for ; Mon, 11 Dec 2023 04:25:34 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=Quirin.Gylstorff@siemens.com header.s=fm1 header.b=CPgWY/J2; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.227, mailfrom: fm-51332-20231211122530dbe127542ad8420c6d-ssauts@rts-flowmailer.siemens.com) Received: by mta-64-227.siemens.flowmailer.net with ESMTPSA id 20231211122530dbe127542ad8420c6d for ; Mon, 11 Dec 2023 13:25:30 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=Quirin.Gylstorff@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:References:In-Reply-To; bh=RczFvt+kYeoan1amViGxKYD6TnWnXVS+GRjeHbRz9rY=; b=CPgWY/J2kTaj/JfKYWx9maKEV5F0O89t0wk885QmjhmV9LLgwxSxWKiD6QiLsxrT6Nfa16 t+6eKQAv7nyZvlEDCFb0CnCJ0fqLGivYbOyPwA/hM1dy8RQTKYg29D82wGT2J1uRB3Tz0+nl psk5W+vxXDp34+RQf1Lmo8k7PDWGc=; From: Quirin Gylstorff To: jan.kiszka@siemens.com, felix.moessbauer@siemens.com, cip-dev@lists.cip-project.org Subject: [cip-dec][isar-cip-core][RFC v2 2/3] swupdate.bbclass: Add SWU_EXTEND_SW_DESCRIPTION Date: Mon, 11 Dec 2023 13:19:20 +0100 Message-ID: <20231211122528.486786-3-Quirin.Gylstorff@siemens.com> In-Reply-To: <20231211122528.486786-1-Quirin.Gylstorff@siemens.com> References: <20231211122528.486786-1-Quirin.Gylstorff@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-51332:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 11 Dec 2023 12:25:43 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/14021 From: Quirin Gylstorff The elements of the new variable are called as functions. This allows the user to extend the sw-description file with new template variables and new entries. Signed-off-by: Quirin Gylstorff --- classes/swupdate.bbclass | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass index 117f9fe..0e95e3c 100644 --- a/classes/swupdate.bbclass +++ b/classes/swupdate.bbclass @@ -22,6 +22,7 @@ SWU_NAME ?= "cip software update" # space separated list of supported hw. Leave empty to leave out SWU_HW_COMPAT ?= "" + SWU_IMAGE_FILE ?= "${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.swu" SWU_DESCRIPTION_FILE ?= "sw-description" SWU_ADDITIONAL_FILES ?= "linux.efi ${SWU_ROOTFS_PARTITION_NAME}" @@ -53,6 +54,16 @@ IMAGE_TEMPLATE_VARS:swu = " \ addtask do_transform_template after do_generate_image_uuid python(){ + cmds = d.getVar("SWU_EXTEND_SW_DESCRIPTION") + if cmds is None or not cmds.strip(): + return + cmds = cmds.split() + for cmd in cmds: + bb.build.exec_func(cmd, d) +} + +SWU_EXTEND_SW_DESCRIPTION += "add_swu_hw_compat" +python add_swu_hw_compat(){ # create SWU_HW_COMPAT_NODE based on list of supported hw hw_compat = d.getVar('SWU_HW_COMPAT') if hw_compat: @@ -61,7 +72,10 @@ python(){ 'hardware-compatibility: [ ' + hw_entries +' ];') else: d.setVar('SWU_HW_COMPAT_NODE', '') +} +SWU_EXTEND_SW_DESCRIPTION += "add_swu_compression" +python add_swu_compression(){ # create SWU_COMPRESSION_NODE node if compression is enabled calgo = d.getVar('SWU_COMPRESSION_TYPE') if calgo: From patchwork Mon Dec 11 12:19:21 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gylstorff Quirin X-Patchwork-Id: 13487168 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5E3BFC10F07 for ; Mon, 11 Dec 2023 12:25:43 +0000 (UTC) Received: from mta-64-228.siemens.flowmailer.net (mta-64-228.siemens.flowmailer.net [185.136.64.228]) by mx.groups.io with SMTP id smtpd.web11.7068.1702297533120424445 for ; Mon, 11 Dec 2023 04:25:34 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=Quirin.Gylstorff@siemens.com header.s=fm1 header.b=awYI7JSD; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.228, mailfrom: fm-51332-20231211122531deebe63c878270ab53-v8wqmw@rts-flowmailer.siemens.com) Received: by mta-64-228.siemens.flowmailer.net with ESMTPSA id 20231211122531deebe63c878270ab53 for ; Mon, 11 Dec 2023 13:25:31 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=Quirin.Gylstorff@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:References:In-Reply-To; bh=CG+wQxEZZGmazjRSmbE70vfkTKnlr75B9+GiYk4cUxM=; b=awYI7JSDvySs1Rr6dszIkZjJJS1ebYfyOJH0tDXTR3bpYJ0wJ84v8egHipFDZIFKE6uJA6 GOXjZc8rvVO8g/nHi/EWMdOS6inmrIHPy0hA6dHZqkSuNYULAlLbHscVgXpcBNBK66+/Y7rh xhAy37Q3IPBPUsk4mTFqYXhpJpC7Q=; From: Quirin Gylstorff To: jan.kiszka@siemens.com, felix.moessbauer@siemens.com, cip-dev@lists.cip-project.org Subject: [cip-dec][isar-cip-core][RFC v2 3/3] swupdate: Extend sw-description to update efibootguard Date: Mon, 11 Dec 2023 13:19:21 +0100 Message-ID: <20231211122528.486786-4-Quirin.Gylstorff@siemens.com> In-Reply-To: <20231211122528.486786-1-Quirin.Gylstorff@siemens.com> References: <20231211122528.486786-1-Quirin.Gylstorff@siemens.com> MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-51332:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Mon, 11 Dec 2023 12:25:43 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/14019 From: Quirin Gylstorff If the variable `SWU_EBG_UPDATE` is set to `1` an additional file element is added to the sw-description to replace the ebg. Use python as newlines are part of the sw-description syntax an therefore cannot be hold in a bitbake variable, see note in[1]. IMPORTANT: Even if the property 'atomic-install' is set FAT does not support atomic writes or renames so a powercut can still corrupt the system[1]. [1]: https://docs.yoctoproject.org/bitbake/2.2/bitbake-user-manual/bitbake-user-manual-metadata.html#line-joining [2]: https://lore.kernel.org/linux-fsdevel/20191022105413.pj6i3ydetnfgnkzh@pali/ Signed-off-by: Quirin Gylstorff --- classes/swupdate.bbclass | 35 +++++++++++++++++++-- recipes-core/images/swu/sw-description.tmpl | 2 +- 2 files changed, 34 insertions(+), 3 deletions(-) diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass index 0e95e3c..99a4c6f 100644 --- a/classes/swupdate.bbclass +++ b/classes/swupdate.bbclass @@ -21,7 +21,8 @@ SWU_VERSION ?= "0.2" SWU_NAME ?= "cip software update" # space separated list of supported hw. Leave empty to leave out SWU_HW_COMPAT ?= "" - +SWU_EBG_UPDATE ?= "" +SWU_EFI_BOOT_DEVICE ?= "/dev/disk/by-uuid/4321-DCBA" SWU_IMAGE_FILE ?= "${DEPLOY_DIR_IMAGE}/${IMAGE_FULLNAME}.swu" SWU_DESCRIPTION_FILE ?= "sw-description" @@ -48,7 +49,9 @@ IMAGE_TEMPLATE_VARS:swu = " \ SWU_HW_COMPAT_NODE \ SWU_COMPRESSION_NODE \ SWU_VERSION \ - SWU_NAME" + SWU_NAME \ + SWU_FILE_NODES \ + " # TARGET_IMAGE_UUID needs to be generated before completing the template addtask do_transform_template after do_generate_image_uuid @@ -84,6 +87,34 @@ python add_swu_compression(){ d.setVar('SWU_COMPRESSION_NODE', '') } +SWU_EXTEND_SW_DESCRIPTION += "${@ 'add_ebg_update' if d.getVar('SWU_EBG_UPDATE') == '1' else ''}" +python add_ebg_update(){ + distro_arch = d.getVar('DISTRO_ARCH') + distro_to_efi_arch = { + "amd64": "x64", + "arm64": "aa64", + "armhf": "arm", + "i386": "ia32", + "riscv64": "riscv64" + } + efi_boot_loader_file = "boot{}.efi".format(distro_to_efi_arch[distro_arch]) + efi_boot_device = d.getVar('SWU_EFI_BOOT_DEVICE') + swu_ebg_update_node = f""", + {{ + filename = "{efi_boot_loader_file}"; + path = "EFI/BOOT/{efi_boot_loader_file}"; + device = "{efi_boot_device}"; + filesystem = "vfat"; + sha256 = "{efi_boot_loader_file}-sha256"; + properties: {{ + atomic-install = true; + }}; + }} + """ + d.appendVar('SWU_FILE_NODES', swu_ebg_update_node) + d.appendVar('SWU_ADDITIONAL_FILES', " " + efi_boot_loader_file) +} + # convert between swupdate compressor name and imagetype extension def get_swu_compression_type(d): diff --git a/recipes-core/images/swu/sw-description.tmpl b/recipes-core/images/swu/sw-description.tmpl index 6b53a3c..c52372c 100644 --- a/recipes-core/images/swu/sw-description.tmpl +++ b/recipes-core/images/swu/sw-description.tmpl @@ -34,5 +34,5 @@ software = subtype = "kernel"; }; sha256 = "linux.efi-sha256"; - }); + }${SWU_FILE_NODES}); }