From patchwork Tue Nov 5 17:54:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kiszka X-Patchwork-Id: 13863287 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 130D9D3177A for ; Tue, 5 Nov 2024 17:54:44 +0000 (UTC) Received: from mta-64-227.siemens.flowmailer.net (mta-64-227.siemens.flowmailer.net [185.136.64.227]) by mx.groups.io with SMTP id smtpd.web10.26673.1730829277203322363 for ; Tue, 05 Nov 2024 09:54:38 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=BEYEOZt7; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.227, mailfrom: fm-294854-20241105175434443df98f44eff07b38-amva4m@rts-flowmailer.siemens.com) Received: by mta-64-227.siemens.flowmailer.net with ESMTPSA id 20241105175434443df98f44eff07b38 for ; Tue, 05 Nov 2024 18:54:34 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=jan.kiszka@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:References:In-Reply-To; bh=y+wQn2Z49zpMpksHHOpRRL6r5tdWj4PNXhC1RMS8VJg=; b=BEYEOZt77Ow3rWBmLvHctw9t66bOp2j7Ke9Uas4sECuli5tUvH6x3YXu54cBZ6yDkqKVww kXjkC+YSKybX/XgOjG/1DkeAz2uVabbQQKmF2soMe1ZspGfmSi2B9A0x23jL6Cd4DOF8tc6S SNdId18POZxSF7dpikummSsDNWapXtM/bXulRZzgwSeKjpuJ4Z4IFxjt1FYX+fsJdlSGqYbA 96Oly9zN2akvKsRJUKCFk01rJjzhCKynaD4rJ1QapFOA8xkt6cZV1HHiYD07W4VrDs2mElch Mcn5z3H4xjUDP7GKw5XgH5vz8QFv5KT7tPXp7PE62xqxFu8aBBEbUhRg==; From: Jan Kiszka To: cip-dev@lists.cip-project.org Subject: [isar-cip-core][PATCH v2 1/6] Make the read-only rootfs type configurable Date: Tue, 5 Nov 2024 18:54:28 +0100 Message-ID: <8a2854d31599d6e7ed29d68dc4a2a5945b403856.1730829273.git.jan.kiszka@siemens.com> In-Reply-To: References: MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-294854:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 05 Nov 2024 17:54:44 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/17178 From: Jan Kiszka We so far use squashfs here and will keep that as default. But there will be an option in the future to select EROFS as alternative. Prepare for that. Signed-off-by: Jan Kiszka --- classes/swupdate.bbclass | 3 ++- classes/verity.bbclass | 2 +- conf/distro/cip-core-common.inc | 4 +++- kas/opt/swupdate.yml | 8 ++++---- wic/bbb-efibootguard.wks.in | 2 +- wic/hihope-rzg2m-efibootguard.wks.in | 2 +- wic/qemu-arm64-efibootguard.wks.in | 2 +- wic/qemu-riscv64-efibootguard.wks.in | 2 +- wic/x86-uefi-efibootguard.wks.in | 2 +- 9 files changed, 15 insertions(+), 12 deletions(-) diff --git a/classes/swupdate.bbclass b/classes/swupdate.bbclass index 642fd795..5bf021ad 100644 --- a/classes/swupdate.bbclass +++ b/classes/swupdate.bbclass @@ -12,7 +12,7 @@ inherit template -SWU_ROOTFS_TYPE ?= "squashfs" +SWU_ROOTFS_TYPE ?= "${RO_ROOTFS_TYPE}" SWU_ROOTFS_NAME ?= "${IMAGE_FULLNAME}" # compression type as defined by swupdate (zlib or zstd). Set to empty string to disable compression SWU_COMPRESSION_TYPE ?= "zlib" @@ -55,6 +55,7 @@ IMAGE_SRC_URI:swu += "file://${SWU_DESCRIPITION_FILE_BOOTLOADER}.tmpl" IMAGE_TEMPLATE_FILES:swu = "${SWU_DESCRIPTION_FILE}.tmpl" IMAGE_TEMPLATE_FILES:swu += "${SWU_DESCRIPITION_FILE_BOOTLOADER}.tmpl" IMAGE_TEMPLATE_VARS:swu = " \ + RO_ROOTFS_TYPE \ SWU_ROOTFS_ARTIFACT_NAME \ TARGET_IMAGE_UUID \ ABROOTFS_PART_UUID_A \ diff --git a/classes/verity.bbclass b/classes/verity.bbclass index b3aa9732..231d1729 100644 --- a/classes/verity.bbclass +++ b/classes/verity.bbclass @@ -12,7 +12,7 @@ IMAGE_TYPEDEP:verity = "${VERITY_IMAGE_TYPE}" IMAGER_INSTALL:verity += "cryptsetup" -VERITY_IMAGE_TYPE ?= "squashfs" +VERITY_IMAGE_TYPE ?= "${RO_ROOTFS_TYPE}" VERITY_INPUT_IMAGE ?= "${IMAGE_FULLNAME}.${VERITY_IMAGE_TYPE}" VERITY_OUTPUT_IMAGE ?= "${IMAGE_FULLNAME}.verity" VERITY_IMAGE_METADATA = "${VERITY_OUTPUT_IMAGE}.metadata" diff --git a/conf/distro/cip-core-common.inc b/conf/distro/cip-core-common.inc index 4bd4b840..3323dd0b 100644 --- a/conf/distro/cip-core-common.inc +++ b/conf/distro/cip-core-common.inc @@ -1,7 +1,7 @@ # # CIP Core, generic profile # -# Copyright (c) Siemens AG, 2019-2023 +# Copyright (c) Siemens AG, 2019-2024 # # Authors: # Jan Kiszka @@ -15,6 +15,8 @@ WKS_FILE ?= "${MACHINE}.wks" CIP_IMAGE_OPTIONS ?= "" +RO_ROOTFS_TYPE ?= "squashfs" + IMAGER_BUILD_DEPS:append = " dosfstools-native" IMAGER_BUILD_DEPS:remove:buster = "dosfstools-native" diff --git a/kas/opt/swupdate.yml b/kas/opt/swupdate.yml index 73982000..837efa7d 100644 --- a/kas/opt/swupdate.yml +++ b/kas/opt/swupdate.yml @@ -1,7 +1,7 @@ # # CIP Core, generic profile # -# Copyright (c) Siemens AG, 2020 +# Copyright (c) Siemens AG, 2020-2024 # # Authors: # Quirin Gylstorff @@ -20,12 +20,12 @@ local_conf_header: OVERRIDES .= ":swupdate" wic-swu: | - IMAGE_TYPEDEP:wic += "squashfs" + IMAGE_TYPEDEP:wic += "${RO_ROOTFS_TYPE}" IMAGE_FSTYPES:append = " swu" - # squashfs is already compressed + # input is already compressed SWU_COMPRESSION_TYPE = "" WKS_FILE ?= "${MACHINE}-${SWUPDATE_BOOTLOADER}.wks.in" - INITRAMFS_INSTALL:append = " initramfs-squashfs-hook" + INITRAMFS_INSTALL:append = " initramfs-${RO_ROOTFS_TYPE}-hook" ABROOTFS_PART_UUID_A ?= "fedcba98-7654-3210-cafe-5e0710000001" ABROOTFS_PART_UUID_B ?= "fedcba98-7654-3210-cafe-5e0710000002" PREFERRED_PROVIDER_swupdate-certificates-key ??= "swupdate-certificates-key-snakeoil" diff --git a/wic/bbb-efibootguard.wks.in b/wic/bbb-efibootguard.wks.in index b5772c2d..e6c3e158 100644 --- a/wic/bbb-efibootguard.wks.in +++ b/wic/bbb-efibootguard.wks.in @@ -11,7 +11,7 @@ part --source rawcopy --sourceparams "file=/usr/lib/u-boot/bbb/u-boot.img" --no- include ebg-sysparts.inc -part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.squashfs" --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systema +part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.${RO_ROOTFS_TYPE}" --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systema part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systemb # home and var are extra partitions diff --git a/wic/hihope-rzg2m-efibootguard.wks.in b/wic/hihope-rzg2m-efibootguard.wks.in index 164e8a92..fb3f090a 100644 --- a/wic/hihope-rzg2m-efibootguard.wks.in +++ b/wic/hihope-rzg2m-efibootguard.wks.in @@ -3,7 +3,7 @@ include ebg-sysparts.inc -part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.squashfs" --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systema +part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.${RO_ROOTFS_TYPE}" --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systema part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systemb # home and var are extra partitions diff --git a/wic/qemu-arm64-efibootguard.wks.in b/wic/qemu-arm64-efibootguard.wks.in index 6f034208..17434d15 100644 --- a/wic/qemu-arm64-efibootguard.wks.in +++ b/wic/qemu-arm64-efibootguard.wks.in @@ -3,7 +3,7 @@ include ebg-sysparts.inc -part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.squashfs" --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systema +part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.${RO_ROOTFS_TYPE}" --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systema part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systemb # home and var are extra partitions diff --git a/wic/qemu-riscv64-efibootguard.wks.in b/wic/qemu-riscv64-efibootguard.wks.in index 1704dede..1a2291e3 100644 --- a/wic/qemu-riscv64-efibootguard.wks.in +++ b/wic/qemu-riscv64-efibootguard.wks.in @@ -3,7 +3,7 @@ include ebg-sysparts.inc -part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.squashfs" --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systema +part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.${RO_ROOTFS_TYPE}" --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systema part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systemb # home and var are extra partitions diff --git a/wic/x86-uefi-efibootguard.wks.in b/wic/x86-uefi-efibootguard.wks.in index a1cebc1e..9d344f8a 100644 --- a/wic/x86-uefi-efibootguard.wks.in +++ b/wic/x86-uefi-efibootguard.wks.in @@ -3,7 +3,7 @@ include ebg-sysparts.inc -part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.squashfs" --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systema +part --source rawcopy --sourceparams "file=${IMAGE_FULLNAME}.${RO_ROOTFS_TYPE}" --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_A}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systema part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}" --part-type 0FC63DAF-8483-4772-8E79-3D69D8477DE4 --part-name systemb # home and var are extra partitions From patchwork Tue Nov 5 17:54:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kiszka X-Patchwork-Id: 13863281 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D5F86D3176F for ; Tue, 5 Nov 2024 17:54:43 +0000 (UTC) Received: from mta-65-227.siemens.flowmailer.net (mta-65-227.siemens.flowmailer.net [185.136.65.227]) by mx.groups.io with SMTP id smtpd.web10.26672.1730829277182609161 for ; Tue, 05 Nov 2024 09:54:38 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=dWAxj321; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.227, mailfrom: fm-294854-20241105175434a1701d86b72b4218a0-umny59@rts-flowmailer.siemens.com) Received: by mta-65-227.siemens.flowmailer.net with ESMTPSA id 20241105175434a1701d86b72b4218a0 for ; Tue, 05 Nov 2024 18:54:34 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=jan.kiszka@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:References:In-Reply-To; bh=pK4kW9n2z4bSx5ictR4RWHtfPhit6l7yJqd490jd7ds=; b=dWAxj321HADhspo4UVtk5ifUZ2+S80nz14U6mBodiA+LBFAmVOFIVr9PTxCwyXB2F4vgYW ZRRS231n0aPGGLJ0AoeqtnNfEoNXKhntI3rd8KM+rGqbe6Jc90x+L5JBhWnEcf9Cnq0Ii/SH TtKaqn8elAp6XvWorG4/hgrRxNklJTtpn8f4p+EaAUiM3Scnz9KAaraE2yRcS6LlhymOMkwp dnhYfBppb+eKtH3zxJ3gTjM7849Lnx6XH2f/IcgBjA8BktT2Ar4smQQSOmvAiSeyPzg3pmaa mnKlt5Wc8QYV2AuXmTW+InI8r5JOFggAGzQM/PYOu5+IK0kupadF1Fuw==; From: Jan Kiszka To: cip-dev@lists.cip-project.org Subject: [isar-cip-core][PATCH v2 2/6] initramfs-crypt-hook: Prepare for EROFS as alternative Date: Tue, 5 Nov 2024 18:54:29 +0100 Message-ID: <3514590b5e5431fd289011dbbec155c92e92e3f9.1730829273.git.jan.kiszka@siemens.com> In-Reply-To: References: MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-294854:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 05 Nov 2024 17:54:43 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/17179 From: Jan Kiszka Naturally, expansion does not make sense for it as well. Signed-off-by: Jan Kiszka --- .../initramfs-crypt-hook/files/encrypt_partition.script | 2 +- ...{initramfs-crypt-hook_0.2.bb => initramfs-crypt-hook_0.3.bb} | 0 2 files changed, 1 insertion(+), 1 deletion(-) rename recipes-initramfs/initramfs-crypt-hook/{initramfs-crypt-hook_0.2.bb => initramfs-crypt-hook_0.3.bb} (100%) diff --git a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.script b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.script index ff4c1353..2cd6798d 100644 --- a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.script +++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.script @@ -82,7 +82,7 @@ EOF panic "reencryption of filesystem $1 cannot continue!" fi ;; - squashfs|swap|"") + squashfs|swap|erofs|"") [ "$debug" = "y" ] && echo "skip disk resize as it is not supported or unnecessary for fstype: '$partition_fstype'" ;; *) diff --git a/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.2.bb b/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.3.bb similarity index 100% rename from recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.2.bb rename to recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.3.bb From patchwork Tue Nov 5 17:54:30 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kiszka X-Patchwork-Id: 13863283 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E32A2D31774 for ; Tue, 5 Nov 2024 17:54:43 +0000 (UTC) Received: from mta-65-225.siemens.flowmailer.net (mta-65-225.siemens.flowmailer.net [185.136.65.225]) by mx.groups.io with SMTP id smtpd.web10.26674.1730829277219609348 for ; Tue, 05 Nov 2024 09:54:38 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=EhNrjOBu; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.65.225, mailfrom: fm-294854-20241105175434b813092ae22da9579e-vhmedc@rts-flowmailer.siemens.com) Received: by mta-65-225.siemens.flowmailer.net with ESMTPSA id 20241105175434b813092ae22da9579e for ; Tue, 05 Nov 2024 18:54:34 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=jan.kiszka@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:References:In-Reply-To; bh=WvEqAuXwIQ2S497lUaErWZV8xCSS6/lqKvgULM7A6Vg=; b=EhNrjOBu6sNOOX28hyTOYUbuxJoKPGwZjbbGXfwEmCBk79Wm1S38p9US+EdeUzzntXvcq4 J3vKodNIcHaf4rrbWMVGHwCDuKCxdZvy30sKrXCk0yjIK2X+M86XpeyzLkBSpIeUemrWiKle HPj8fwKyHakXMkw4NLHtPNSpb1owGaZcUdvodRIFxOdVcCcTYjQsmZU1W82JAuIgkT3cQawx 33KUL9e93q9B5OsegJ4+XFPBpqohpB3uei0PPFp8ia1RgitI28PG3UdBn05WPR5HWTr6M2jm 4pcXG0pU7DimNRjEYWW6CN3TOPcwV1VUm7tGWrLnCm1JP3LTXjqczECg==; From: Jan Kiszka To: cip-dev@lists.cip-project.org Subject: [isar-cip-core][PATCH v2 3/6] Add initramfs-erofs-hook Date: Tue, 5 Nov 2024 18:54:30 +0100 Message-ID: <2fbfc72ee776eb11cd1748f233c266537b55993c.1730829273.git.jan.kiszka@siemens.com> In-Reply-To: References: MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-294854:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 05 Nov 2024 17:54:43 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/17182 From: Jan Kiszka This is basically just search&replace compared to initramfs-squashfs-hook. Signed-off-by: Jan Kiszka --- .../initramfs-erofs-hook/files/erofs.hook | 25 +++++++++++++++++++ .../initramfs-erofs-hook_0.1.bb | 24 ++++++++++++++++++ 2 files changed, 49 insertions(+) create mode 100644 recipes-initramfs/initramfs-erofs-hook/files/erofs.hook create mode 100644 recipes-initramfs/initramfs-erofs-hook/initramfs-erofs-hook_0.1.bb diff --git a/recipes-initramfs/initramfs-erofs-hook/files/erofs.hook b/recipes-initramfs/initramfs-erofs-hook/files/erofs.hook new file mode 100644 index 00000000..cf43bf10 --- /dev/null +++ b/recipes-initramfs/initramfs-erofs-hook/files/erofs.hook @@ -0,0 +1,25 @@ +#!/bin/sh +# +# CIP Core, generic profile +# +# Copyright (c) Siemens AG, 2024 +# +# Authors: +# Jan Kiszka +# + +PREREQ="" +prereqs() +{ + echo "$PREREQ" +} +case $1 in +prereqs) + prereqs + exit 0 + ;; +esac + +. /usr/share/initramfs-tools/hook-functions + +manual_add_modules erofs diff --git a/recipes-initramfs/initramfs-erofs-hook/initramfs-erofs-hook_0.1.bb b/recipes-initramfs/initramfs-erofs-hook/initramfs-erofs-hook_0.1.bb new file mode 100644 index 00000000..ab679c91 --- /dev/null +++ b/recipes-initramfs/initramfs-erofs-hook/initramfs-erofs-hook_0.1.bb @@ -0,0 +1,24 @@ +# +# CIP Core, generic profile +# +# Copyright (c) Siemens AG, 2024 +# +# Authors: +# Jan Kiszka +# +# SPDX-License-Identifier: MIT +# + +inherit dpkg-raw + +SRC_URI += "file://erofs.hook" + +DEBIAN_DEPENDS = "erofs-utils" + +do_install[cleandirs] += " \ + ${D}/usr/share/initramfs-tools/hooks" + +do_install() { + install -m 0755 "${WORKDIR}/erofs.hook" \ + "${D}/usr/share/initramfs-tools/hooks/erofs" +} From patchwork Tue Nov 5 17:54:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kiszka X-Patchwork-Id: 13863284 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F41BDD31773 for ; Tue, 5 Nov 2024 17:54:43 +0000 (UTC) Received: from mta-64-227.siemens.flowmailer.net (mta-64-227.siemens.flowmailer.net [185.136.64.227]) by mx.groups.io with SMTP id smtpd.web10.26675.1730829277268231213 for ; Tue, 05 Nov 2024 09:54:38 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=DKG+fhxo; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.227, mailfrom: fm-294854-202411051754342ca6328c4683984d56-_vfgr7@rts-flowmailer.siemens.com) Received: by mta-64-227.siemens.flowmailer.net with ESMTPSA id 202411051754342ca6328c4683984d56 for ; Tue, 05 Nov 2024 18:54:34 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=jan.kiszka@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:References:In-Reply-To; bh=C/qE2qA5tkrq901SoP3YsbCp3k88TsrG0Wdw9UCMFig=; b=DKG+fhxo0weaGKygkHcJvI8lnWZ2MQG4JXECMsc7ccVStsXeyH1sq3BU8dFlWfoYvXnME2 EODf5LIl4JNWY9Pm3eh/gAGY5G7z8TbANErzmvX3apTOT6xkhAo8/PLduANNTSAULvwVN4Kp asaX3DXGQ1n2/mWCHoFECEZ/Fb7tQR/xJDrBKOedHA8cHqfEb/utYMr+ELDRUkCM/Mns5WXb YKGrpU/afy9Rc/X2eDE5hM4FSkgfUCbg2gABNYxrNaZj0q/3F7p6YiDV4TekFmCngW/z5oUu hCRwpkpwQPa1S4lHznWPVVK3f9xj9mFVdN8hNRFgi1krb/fHJ/K3LWCA==; From: Jan Kiszka To: cip-dev@lists.cip-project.org Subject: [isar-cip-core][PATCH v2 4/6] Introduce class for generating EROFS images Date: Tue, 5 Nov 2024 18:54:31 +0100 Message-ID: In-Reply-To: References: MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-294854:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 05 Nov 2024 17:54:43 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/17181 From: Jan Kiszka This is analogous to the squashfs class. Signed-off-by: Jan Kiszka --- classes/erofs.bbclass | 34 ++++++++++++++++++++++++++++++++++ conf/layer.conf | 2 +- 2 files changed, 35 insertions(+), 1 deletion(-) create mode 100644 classes/erofs.bbclass diff --git a/classes/erofs.bbclass b/classes/erofs.bbclass new file mode 100644 index 00000000..95e7be35 --- /dev/null +++ b/classes/erofs.bbclass @@ -0,0 +1,34 @@ +# +# CIP Core, generic profile +# +# Copyright (c) Siemens AG, 2024 +# +# Authors: +# Jan Kiszka +# +# SPDX-License-Identifier: MIT +# + +IMAGER_INSTALL:erofs += "erofs-utils" + +EROFS_EXCLUDE_DIRS ?= "" +EROFS_CONTENT ?= "${PP_ROOTFS}" +EROFS_CREATION_ARGS ?= "-z lz4hc,12" + +python __anonymous() { + exclude_directories = d.getVar('EROFS_EXCLUDE_DIRS').split() + if len(exclude_directories) == 0: + return + # Use regex to exclude only content of the directory. + # This allows to use the directory as a mount point. + for dir in exclude_directories: + args += " --exclude-regex {dir}/.* ".format(dir=dir) + d.appendVar('EROFS_CREATION_ARGS', args) +} + +IMAGE_CMD:erofs[depends] = "${PN}:do_transform_template" +IMAGE_CMD:erofs() { + ${SUDO_CHROOT} /bin/mkfs.erofs \ + '${IMAGE_FILE_CHROOT}' '${EROFS_CONTENT}' \ + ${EROFS_CREATION_ARGS} +} diff --git a/conf/layer.conf b/conf/layer.conf index c652a61c..316f4a81 100644 --- a/conf/layer.conf +++ b/conf/layer.conf @@ -23,5 +23,5 @@ LAYERSERIES_COMPAT_cip-core = "next" LAYERDIR_cip-core = "${LAYERDIR}" LAYERDIR_cip-core[vardepvalue] = "isar-cip-core" -IMAGE_CLASSES += "squashfs verity swupdate delta-update" +IMAGE_CLASSES += "squashfs erofs verity swupdate delta-update" From patchwork Tue Nov 5 17:54:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kiszka X-Patchwork-Id: 13863282 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D7991D3176D for ; Tue, 5 Nov 2024 17:54:43 +0000 (UTC) Received: from mta-64-228.siemens.flowmailer.net (mta-64-228.siemens.flowmailer.net [185.136.64.228]) by mx.groups.io with SMTP id smtpd.web10.26676.1730829277268625642 for ; Tue, 05 Nov 2024 09:54:38 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=WrJwP9G7; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.228, mailfrom: fm-294854-20241105175434d66efaf86bcb2bdce1-wjxsjo@rts-flowmailer.siemens.com) Received: by mta-64-228.siemens.flowmailer.net with ESMTPSA id 20241105175434d66efaf86bcb2bdce1 for ; Tue, 05 Nov 2024 18:54:34 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=jan.kiszka@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:References:In-Reply-To; bh=l5D7z0u/8vSc+uUR2iZPuri+R7h18MnmxsuaQX0gLC0=; b=WrJwP9G7LD2TDBXy7rLmxa7o1N+ARacXENI8Lfb5loU6Hbo/wD5kbv14mlhi9UPa1u7OqG vnwxZIhCmKiNAWzXJPAKwnb9cnTGWqB8Zyw+xcq58WSgenGNnGTMw7/g3xvUzAVk+Tucl1dZ F251/wtH5yFgQzlyB6Y3i6+FIq62ZSo9A4AY0HsODXKTtwUUAgOoBTHz5NLSKwGnBzD/aeQX 6FSeI7kVktxaklIkRL2XeebxwuKcBJHK73qqDd1ega6P3ANxyVZhZquBPLcYOQnnRFznMSii chtZ25F8rheak8SWWhMj5fWXHRJsnEhB3v1IUXcs1P4se+McRnvTHATg==; From: Jan Kiszka To: cip-dev@lists.cip-project.org Subject: [isar-cip-core][PATCH v2 5/6] linux-cip: Update cip-kernel-config revision Date: Tue, 5 Nov 2024 18:54:32 +0100 Message-ID: <73a844ea95fea4724914fe989276e673accacea5.1730829273.git.jan.kiszka@siemens.com> In-Reply-To: References: MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-294854:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 05 Nov 2024 17:54:43 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/17177 From: Jan Kiszka This brings support for EROFS and PID namespaces for 6.1 and also fixes Ethernet configuration on BeagleBone Black. Signed-off-by: Jan Kiszka --- recipes-kernel/linux/cip-kernel-config.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes-kernel/linux/cip-kernel-config.inc b/recipes-kernel/linux/cip-kernel-config.inc index 9c1ab946..16821319 100644 --- a/recipes-kernel/linux/cip-kernel-config.inc +++ b/recipes-kernel/linux/cip-kernel-config.inc @@ -14,6 +14,6 @@ SRC_URI:append = " ${@ \ if d.getVar('USE_CIP_KERNEL_CONFIG') == '1' else '' \ }" -SRCREV_cip-kernel-config ?= "f6b7018cb6845f34f8a03c126bf4f823ce10d637" +SRCREV_cip-kernel-config ?= "9b1b425c87248ba476e3a3aff3c9f905abdb3982" do_fetch[vardeps] += "SRCREV_cip-kernel-config" From patchwork Tue Nov 5 17:54:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jan Kiszka X-Patchwork-Id: 13863286 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E4025D31775 for ; Tue, 5 Nov 2024 17:54:43 +0000 (UTC) Received: from mta-64-226.siemens.flowmailer.net (mta-64-226.siemens.flowmailer.net [185.136.64.226]) by mx.groups.io with SMTP id smtpd.web10.26677.1730829277381153731 for ; Tue, 05 Nov 2024 09:54:38 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=jan.kiszka@siemens.com header.s=fm1 header.b=berUyGEk; spf=pass (domain: rts-flowmailer.siemens.com, ip: 185.136.64.226, mailfrom: fm-294854-20241105175434c51c527c81c24e7ee9-tuskj4@rts-flowmailer.siemens.com) Received: by mta-64-226.siemens.flowmailer.net with ESMTPSA id 20241105175434c51c527c81c24e7ee9 for ; Tue, 05 Nov 2024 18:54:34 +0100 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=fm1; d=siemens.com; i=jan.kiszka@siemens.com; h=Date:From:Subject:To:Message-ID:MIME-Version:Content-Type:Content-Transfer-Encoding:References:In-Reply-To; bh=vBYcazKv1rot7s1PkcKNQ7wnLUdoeBObFtZTwQ7MZEY=; b=berUyGEkKsy1fYjM/NJdrquSDB1nJohnfuGvfALOY0QCKL1sLaxngLyvAu9IFd96X28geB 47gYYY7h5YN703dNCa+Bua3KhMgc3JEmv5GdRuBkq5j++PN4dFBPYA+Fx6Bk2H2To5rT0Gqx 6ZIwYKx1R+eU+rkP5bPaV+JefPUP7sc3RzmR8zuZiIldJRX6Nbh9jjmvGxYAFcOE4a4B8vDJ xiIaavPPPBwMKUl6aNlk4OonH3vM1MUGcFse1J0bQ/Yhi4YS2SkyJCx8v4vPOHrsfyx2GPbm 7mCn3k1uden6lLGWw21HK42xu21TaJk5Mn6PLPsRhBx/zXv4LheSuN6g==; From: Jan Kiszka To: cip-dev@lists.cip-project.org Subject: [isar-cip-core][PATCH v2 6/6] kas: Add option for selecting read-only rootfs type Date: Tue, 5 Nov 2024 18:54:33 +0100 Message-ID: <12bc32044317b4afd31a97d5eb14c38b997a89be.1730829273.git.jan.kiszka@siemens.com> In-Reply-To: References: MIME-Version: 1.0 X-Flowmailer-Platform: Siemens Feedback-ID: 519:519-294854:519-21489:flowmailer List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Tue, 05 Nov 2024 17:54:43 -0000 X-Groupsio-URL: https://lists.cip-project.org/g/cip-dev/message/17180 From: Jan Kiszka This allows to select EROFS as alternative to squashfs. The option is limited to 6.1 kernels, older ones will no longer be enabled. Signed-off-by: Jan Kiszka --- Kconfig | 16 ++++++++++++++++ kas/opt/erofs.yml | 16 ++++++++++++++++ 2 files changed, 32 insertions(+) create mode 100644 kas/opt/erofs.yml diff --git a/Kconfig b/Kconfig index 8062cdb7..83f2c2f6 100644 --- a/Kconfig +++ b/Kconfig @@ -198,6 +198,22 @@ config IMAGE_DELTA_SWUPDATE endchoice +choice + prompt "Read-only rootfs type" + +config IMAGE_RO_ROOTFS_SQUASHFS + bool "Squashfs" + +config IMAGE_RO_ROOTFS_EROFS + bool "EROFS" + depends on KERNEL_6_1 + +endchoice + +config KAS_INCLUDE_EROFS + string + default "kas/opt/erofs.yml" if IMAGE_RO_ROOTFS_EROFS + config IMAGE_SECURE_BOOT bool "Secure boot support" depends on TARGET_QEMU_AMD64 || TARGET_QEMU_ARM64 || TARGET_QEMU_ARM || TARGET_X86_UEFI diff --git a/kas/opt/erofs.yml b/kas/opt/erofs.yml new file mode 100644 index 00000000..7c44f5b8 --- /dev/null +++ b/kas/opt/erofs.yml @@ -0,0 +1,16 @@ +# +# CIP Core, generic profile +# +# Copyright (c) Siemens AG, 2024 +# +# Authors: +# Jan Kiszka +# +# SPDX-License-Identifier: MIT + +header: + version: 14 + +local_conf_header: + erofs: | + RO_ROOTFS_TYPE = "erofs"