| Message ID | 20240108102638.2966221-1-Quirin.Gylstorff@siemens.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | Add Bootloader to sw-description | expand |
On 08.01.24 11:25, Quirin Gylstorff wrote: > From: Quirin Gylstorff <quirin.gylstorff@siemens.com> > > This series adds the, possible signed, efibootguard binaries to the deploy dir > and adds them to swu file and sw-description to update the bootloader. > > The new entry contains following information: > { > filename = "{efi_boot_loader_file}"; > path = "EFI/BOOT/{efi_boot_loader_file}"; > device = "{efi_boot_device}"; > filesystem = "vfat"; > sha256 = "{efi_boot_loader_file}-sha256"; > properties: { > atomic-install = "true"; > }; > } > > Changes v4: > - Rebase to latest next > - Remove the generator for sw-description -> if requested this can be > added as a new patchset > - Add new class containing the efibootguard specific settings > - Add variable EFI_ARCH and EFI_LIB_ARCH to reduces dupilicated code > - Generate a additional swu only for the bootloader. This will be > always generated. If the bootloader should be added to the > <rootfs>.swu the variable SWU_EBG_UPDATE needs to be set. > This looks viable to me - but we really need some documentation for that, it's only coming as code. And we need a Big Fat Warning for EBG updates along that. Jan > Changes v3: > - Add Generator for sw-description instead of using a template for > Debian 11+. > > Changes v2: > - The efibootguard file is only added if the new variable `SWU_EBG_UPDATE` equals `1` > - Add the variable `SWU_EFI_BOOT_DEVICE` to set the device containing > the efibootguard binary > - Add the variable `SWU_EXTEND_SW_DESCRIPTION` to all extension of the > sw-description file > - use atomic-install to update the binary atomically > > > Quirin Gylstorff (6): > Move efibootguard specific settings from include to class file > efibootguard.bbclass: Add functions to generate the EFI_ARCH and > EFI_LIB_ARCH > efibootguard-efi.py: copy signed ebg binary to DEPLOY_DIR > swupdate.bbclass: Add SWU_EXTEND_SW_DESCRIPTION > swupdate: Extend sw-description to update efibootguard > classes/swupdate: Generate swu containing only efibootguard > > classes/efibootguard.bbclass | 42 +++++ > classes/swupdate.bbclass | 143 +++++++++++++----- > recipes-core/images/efibootguard.inc | 9 +- > .../images/swu/sw-description-ebg.tmpl | 17 +++ > recipes-core/images/swu/sw-description.tmpl | 2 +- > .../wic/plugins/source/efibootguard-boot.py | 29 ++-- > .../wic/plugins/source/efibootguard-efi.py | 50 +++--- > 7 files changed, 209 insertions(+), 83 deletions(-) > create mode 100644 classes/efibootguard.bbclass > create mode 100644 recipes-core/images/swu/sw-description-ebg.tmpl >
From: Quirin Gylstorff <quirin.gylstorff@siemens.com> This series adds the, possible signed, efibootguard binaries to the deploy dir and adds them to swu file and sw-description to update the bootloader. The new entry contains following information: { filename = "{efi_boot_loader_file}"; path = "EFI/BOOT/{efi_boot_loader_file}"; device = "{efi_boot_device}"; filesystem = "vfat"; sha256 = "{efi_boot_loader_file}-sha256"; properties: { atomic-install = "true"; }; } Changes v4: - Rebase to latest next - Remove the generator for sw-description -> if requested this can be added as a new patchset - Add new class containing the efibootguard specific settings - Add variable EFI_ARCH and EFI_LIB_ARCH to reduces dupilicated code - Generate a additional swu only for the bootloader. This will be always generated. If the bootloader should be added to the <rootfs>.swu the variable SWU_EBG_UPDATE needs to be set. Changes v3: - Add Generator for sw-description instead of using a template for Debian 11+. Changes v2: - The efibootguard file is only added if the new variable `SWU_EBG_UPDATE` equals `1` - Add the variable `SWU_EFI_BOOT_DEVICE` to set the device containing the efibootguard binary - Add the variable `SWU_EXTEND_SW_DESCRIPTION` to all extension of the sw-description file - use atomic-install to update the binary atomically Quirin Gylstorff (6): Move efibootguard specific settings from include to class file efibootguard.bbclass: Add functions to generate the EFI_ARCH and EFI_LIB_ARCH efibootguard-efi.py: copy signed ebg binary to DEPLOY_DIR swupdate.bbclass: Add SWU_EXTEND_SW_DESCRIPTION swupdate: Extend sw-description to update efibootguard classes/swupdate: Generate swu containing only efibootguard classes/efibootguard.bbclass | 42 +++++ classes/swupdate.bbclass | 143 +++++++++++++----- recipes-core/images/efibootguard.inc | 9 +- .../images/swu/sw-description-ebg.tmpl | 17 +++ recipes-core/images/swu/sw-description.tmpl | 2 +- .../wic/plugins/source/efibootguard-boot.py | 29 ++-- .../wic/plugins/source/efibootguard-efi.py | 50 +++--- 7 files changed, 209 insertions(+), 83 deletions(-) create mode 100644 classes/efibootguard.bbclass create mode 100644 recipes-core/images/swu/sw-description-ebg.tmpl